Share via

getting return code: -2146875392: | reusing existing computer account with Djoin.exe /reuse parameter while testing KB5020276 changes.

Anonymous
2023-12-11T18:26:48+00:00

i am trying to test the upcoming changes in Domain join process related to reuse of a computer account and when i attempt the /reuse parameter fails with "return code :-2146875392" and works only when i delete the object and attempt again. Logs texts below from my domain join script.

"[12/6/2023 6:12:11 AM] Domain is TestDomain

[12/6/2023 6:12:11 AM] [rakiv-vm] Machine already exists. Creating odj package on domain [TestDomain]

[12/6/2023 6:12:11 AM] Running djoin.exe /provision /reuse /domain TestDomain /dcname TestDomainSrv.TestDomain.kiv.com /machine rakiv-vm /savefile c:\odjservice\rakiv-vm_odj.txt /certtemplate WorkstationAuthenticationsha2 /downlevel

[12/6/2023 6:12:13 AM] Exit code: -2146875392

[12/6/2023 6:12:13 AM] [rakiv-vm] Odj package creation failed and Djoin.exe return code :-2146875392

[12/6/2023 6:12:13 AM] [rakiv-vm] Deleting machine from AD on target DC [TestDomainSrv.TestDomain.kiv.com]

[12/6/2023 6:12:14 AM] [rakiv-vm] Machine deleted from AD.

[12/6/2023 6:12:14 AM] [rakiv-vm] Machine deleted. Recreating the machine and it's odj package

[12/6/2023 6:12:14 AM] Determining OU for user domain [TestDomain] with setup type [ESS] with isLaptop [False]

[12/6/2023 6:12:14 AM] Target OU: OU=ODJTest,OU=Computers,DC=TestDomain,DC=kiv,DC=com

[12/6/2023 6:12:14 AM] [rakiv-vm] Creating machine rakiv-vm and odj package on domain [TestDomain]

[12/6/2023 6:12:14 AM] Running djoin.exe /provision /domain TestDomain /machineou "OU=ODJTest,OU=Resources,DC=TestDomain,DC=kiv,DC=com" /dcname TestDomainSrv.TestDomain.kiv.com /machine rakiv-vm /savefile c:\odjservice\rakiv-vm_odj.txt /downlevel

[12/6/2023 6:12:15 AM] Exit code: 0"

Windows Windows Client for IT Pros Identity and access User logon and profiles

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

0 comments

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2023-12-14T06:40:32+00:00

    Hello Vikraman Srinivasan,

    Thank you for posting in the Microsoft Community Forum.

    Based on the description, did you mean you resue the same machine name ( but you have one machine with the same name in the domain already) when you join machine to domain? If so, we cannot add two machines with the same name to domain. You should delete one in the AD and then resue the name.

    I hope the above information is helpful.

    If you have any questions or concerns, please don't hesitate to let us know.

    Greetings
    Daisy Zhou

    0 comments
  2. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

    Comments have been turned off. Learn more

  3. Anonymous
    2023-12-14T07:57:22+00:00

    As you mentioned, i am trying to reuse the same computer account name to join the domain, as per KB5020276—Netjoin: Domain join hardening changes - Microsoft Support it should allow me to reuse the computer account provided i have the access/privilege. Actually i am testing the mentioned upcoming changes planned for February roll out in my dev environment.

    0 comments
  4. Anonymous
    2023-12-15T08:08:19+00:00

    Hello Vikraman Srinivasan,

    Thank you for your reply.

    1.What account did you use to join domain?
    2.How many Domain Controllers are there in your domain?
    Please check the KBs that installed on all the Domain Controllers. Run get-hotfix on the DC to check.

    If you have any question or concern, please feel free to let us know.

    Best Regards,
    Daisy Zhou

    0 comments