new 2012 domain can't join a machine-unique sid identical

Hi

You need to renew the SID for the member server by running sysprep.exe
And try to join again.

I suspect you use the same image for multiple machines?!

yes, same image- wrong.
I tried sysprep without any good.

Should I do sysprep to the dc ?

No, i would not run sysprep on a active domain controller.

What did sysprep say and do? What happened after rebooting?

It asked for a new password and language but nothing changed after reboot.

If you are using a the same image to create the DC as you are for clients joining, it is a good practice to "always" do a sysprep before make a computer part of a domain or using as a domain controller. If you have not gotten far with this DC, i would consider doing a sysprep on it as well.

If you do this you will need to re-create the domain.

Server 2012 is very picky on SID's and using sysprep to get machines connecting correctly. Past OS versions 2003/2008/etc did not have this issue. Simply having an image that was off the domain and adding it to the domain generates a new SID automatically (and worked in previous versions) but 2012 is more sensitive.

Will.

now when I try to connect to the domain I can't - there is a dns error.

I reconfigured dns and now it works.

thank you!

Cool ! youre welcome.