I'm trying to deploy an image to a brand new machine out of the box (E5250), and when it gets to the final post-install script which joins the domain, it joins - but when when I go to login to the domain, it gives me this error:

security database on the server does not have a computer account for this workstation trust relationship

Looking in AD, it has the down arrow next to the machine name. The only way I've been able to fix it is to un-join / re-join the domain. It's a brand new machine, and I'm not giving it a name of any machine that exists on AD already. I heard that this is happening on random machines from some of the techs in our department, so it seems to be random, but still occuring randomly.

Any ideas? Is this a problem with the image creation or perhaps the join domain script? We're using powershell to join. We use a bat file to call the powershell:


BAT File:
powershell.exe -nologo -executionpolicy bypass -noprofile -file wnhs.ps1

Powershell:
$domain= "cusd200.local"
$password= "xxx" | ConvertTo-SecureString -asPlainText -Force
#enter user account that will be used to join domain
$user= "cusd200\tech"
$cred= New-Object System.Management.Automation.PSCredential($user,$password)
#edit for OU path
$oupath = 'ou=North,ou=HighSchools,ou=D200Computers,dc=CUSD200,dc=LOCAL'
#add computer to OU
Add-Computer -domainname $domain -oupath $oupath -Credential $cred -ErrorAction silentlycontinue
#add computer to domain
Add-Computer -DomainName $domain -Credential $cred

3 Comments   [ + ] Show Comments

Comments

  • I'm not a powershell guy, but it seems that maybe you're using the "Add-Computer" function twice unnecessarily? Although this might not be the cause of your issue...
    • Thanks. Not a powershell user either - just found this script online, but it has seemed to work for the most part.
  • Are you applying a sysprepped image?
    • Yes, it's a sysprepped image, but we aren't having it join the domain during that process, because we want to specify OU's.
  • I would suggest you chage the first Add-Computer line to have -ErrorAction Continue, and then in your batch file, redirect the output to a text file so you can see what, if any, error occured.
Please log in to comment

There are no answers at this time

Answers

Answer this question or Comment on this question for clarity