Improve company productivity with a Business Account.Sign Up

x
?
Solved

active directory delegation control

Posted on 2014-03-21
2
Medium Priority
?
353 Views
Last Modified: 2014-03-27
We configure active directory delegation control for particular user to join a computer to domain.
If we add a new computer to domain then it successfully join to domain. But if same computer remove form domain and rejoin again we are getting error. Please find attachment for screen shot.
Same I was doing in administrator account this computer was re- join to domain. There is something delegation issue. Please help me to resolve this issue.
Error.jpg
0
Comment
Question by:rsbgroup
2 Comments
 
LVL 41

Expert Comment

by:Mahesh
ID: 39944979
Two things you need to do:

In addition to delegation, in Default domain policy GPO, grant same user \ group "add workstation to domain" user rights and then run gpupdate /force on DC, may be DC reboot is more useful.
Now you can try rejoining existing accounts, it should work
If still you face issues, try below.
When you rejoin same computer to domain again, 1st reset its existing computer account in active directory by right clicking it and click on reset computer
This will reset its existing binding by resetting its secure channel
Then hopefully you can able to rejoin same computer account again

Mahesh
0
 
LVL 5

Accepted Solution

by:
Arjun Vyavahare earned 1000 total points
ID: 39944992
Hi,

Suggestion you to refer below link, which has given step by step screenshot based information along with the solution:

http://chentiangemalc.wordpress.com/2012/07/27/case-of-the-domain-join-failure/

I hope this will solve your issue.

Regards,
Arjun
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Native ability to set a user account password via AD GPO was removed because the passwords can be easily decrypted by any authenticated user in the domain. Microsoft recommends LAPS as a replacement and I have written an article that does something …
The Windows Firewall provides an important layer of protection and a rich interface to configure it. Unfortunately, it lacks item level filtering. This article details my process of implementing firewall-as-code to reduce GPO bloat.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

584 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question