MDT failed to join domain

Question

I have looked for this specific error, but cannot find an answer.
MDT, I have updated the Custom Settings rules with

DomainAdmin=<user with domain join privilege>
DomainAdminDomain=<domain name>
DomainAdminPassword=<the password for the DomainAdmin user>
JoinDomain=<domain name>
MachineObjectOU=<OU path that the device would join to>

I get an error in the NetSetup.log
07/12/2022 09:11:06:731 SamOpenUser on 31892 failed with 0xc0000022

But there is no error in ZTIDomainJoin.log.

Microsoft Deployment Toolkit version: 6.3.8330.1000 ZTIDomainJoin 07/12/2022 12:43:41 PM 0 (0x0000)
The task sequencer log is located at C:\Users\ADMINI~1\AppData\Local\Temp\SMSTSLog\SMSTS.LOG. For task sequence failures, please consult this log. ZTIDomainJoin 07/12/2022 12:43:41 PM 0 (0x0000)
Property DomainJoinAttempts is now = 1 ZTIDomainJoin 07/12/2022 12:43:41 PM 0 (0x0000)
Neither JoinDomain or JoinWorkgroup is defined. ZTIDomainJoin 07/12/2022 12:43:41 PM 0 (0x0000)
ZTIDomainJoin processing completed successfully. ZTIDomainJoin 07/12/2022 12:43:41 PM 0 (0x0000)
Event 41001 sent: ZTIDomainJoin processing completed successfully. ZTIDomainJoin 07/12/2022 12:43:41 PM 0 (0x0000)

I am not sure if "Neither JoinDomain or JoinWorkgroup is defined" is an issue or not.
Is there another log I can look into or is there a reason why it is failing to join the domain?

I also validated that the OU the laptop is joining has a computer object and that the user I am using to join the laptop has permission to the object and OU.

Answer 1

@Scott Craig
Thanks for your posting on Q&A.

It seems that the Custom Settings rules not configured correctly. The below setting is your environment.

DomainAdmin=<user with domain join privilege>  
DomainAdminDomain=<domain name>  
DomainAdminPassword=<the password for the DomainAdmin user>  
JoinDomain=<domain name>  
MachineObjectOU=<OU path that the device would join to>  

I double confirm the Official Document of the MDT, the reference is below:

JoinDomain=contoso.com  
DomainAdmin=CONTOSO\MDT_JD  
DomainAdminPassword=pass@word1  
MachineObjectOU=OU=Workstations,OU=Computers,OU=Contoso,DC=contoso,DC=com  

It seems that there is no such DomainAdminDomain attribute. Please edit the Custom Settings rule as the Official Document and reimage the devices. Then we could confirm whether it is helpful.

In addition, please provide the NetSetup.log for me to research further if the above isn't helpful.

Best regards,
Rita

---

If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Answer 2

I found the answer to my issue, but many examples on the internet has the setting DomainAdminDomain. Maybe this is a deprecated task sequence variable.

I come from and SCCM world and not used to the nuances of MDT.

Even after looking for over a week, I just stumbled on this article.
https://www.deployvista.com/2010/05/24/settings-per-task-sequence-using-mdt-2010/

I have a gather local only, but left it default of "Gather only local data". I had to choose the second option of "Gather local data and process rules" then point it to Customsettings.ini.

This seamed to work and I am including my solution in my response in case anybody else if having issues and need a fix.

Regards,
Scott