Share via

Domain join problem

Md. Nasir Uddin 0 Reputation points
2023-12-12T11:46:49.6466667+00:00

We have a primary domain controller which contain fsmo role. But we have additional domain controller. when we shutdown the PDC but ADC is running , in the mean time when we try domain join , we are fail to domain join.

Is it possible to domain join on that period???

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,917 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Thameur-BOURBITA 36,226 Reputation points
    2023-12-12T12:18:21.93+00:00

    Hi @Md. Nasir Uddin

    I think the problem comes from RID master role. The DC with rid master role must be online when you create new object in Active Directory.

    During the domain join, a computer account will be created automatically .

    To get more details about the RID master please refer to the following link

    RID master FSMO role

    In your case ,It seems that the RID master hosted with PDC in the same domain controller.

    To check fsmo roles 

    netdom query fsmo

#to move RID master to another DC

Move-ADDirectoryServerOperationMasterRole -Identity "ADC_Name" -OperationMasterRole RIDMaster

    Please don’t forget to accept helpful answer

  2. Daisy Zhou 31,211 Reputation points Microsoft External Staff
    2023-12-14T02:05:11.88+00:00

    Hi Md. Nasir Uddin,

    Thank you for posting in Q&A forum.

    When you do the domain join operation, the domain controller which holds RID master role must online.

    The relative ID (RID) master is a domain controller that allocates blocks of RIDs to each domain controller in the domain. Whenever a domain controller creates a new security principal, such as a user, group, or computer object, it assigns the object a unique security identifier. This SID consists of a domain SID, which is the same for each security principal that is created in the domain, and a RID, which is unique for each security principal in the domain.

    If the PDC shutdown from time to time, you can choose to transfer the RID role to other domain controller. You can run below command to transfer the RID master role:

    Move-ADDirectoryServerOperationMasterRole -Identity "Target-DC" -OperationMasterRole RIDMaster

     

    And then check if you can join domain after PDC shutdown.

    Hope the information above is helpful.

    If you have any question or concern, please feel free to let us know.

     

    Best Regards,

    Daisy Zhou

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.