Vista deployment not connecting to domain

Discussion in 'Windows Vista Installation' started by anakha, Jun 9, 2008.

  1. anakha

    anakha New Member

    Joined:
    Jun 9, 2008
    Messages:
    4
    Likes Received:
    0
    Ok, here is what seems to be the problem. We have a deployment process set up to deploy Windows Vista for the most part unattended. We have an answer file (unattend.xml) that we use to specify all of our settings. In the answer file, we have set up the deployment to automatically join our domain during the install.

    Recently, we got four new Dell Optiplex 755 computers for our team. When we try to deploy Vista on any of these boxes, we get an interesting issue. We have tested our deployment on multiple non-dell computers and all of them install fine and connect to the domain successfully. However, when we deploy Vista to one of our new Optiplexes, the install will not connect to the domain. In our deployment process we use WinPE boot disks, and the WinPE boot disk by default does not seem to have network drivers for the Intel 82566DM-2 Gigabit cards in the computers. We managed to put the drivers in the WinPE disk, and because of this issue initially assumed that the Vista install files did not have the drivers either. However, when we logged in to a computer, the network drivers were installed and working fine.

    Once seeing this, we decided to try connecting to the domain manually, using the same account that is used in the unattended install, to see if we could connect. When trying to connect, we got an "Access denied" error. We then tried using a domain administrator account (as the deployer account is limited only to adding computers to the domain) and we were successfully able to connect.

    After accomplishing this, we decided to deploy Windows XP to one of the computers to see if this same issue was mirrored in the XP deployment. XP deployed and connected to the domain fine without any intervention from us. The same deployer account is used in the XP deployment as is used in the Vista deployment.

    Is there a reason why when Vista is installed (just on these Optiplexes) that our deployer account cannot join the computer to the domain (whether during the install or post-install), but a domain administrator can? If there is a reason, is there a way to fix this problem?
    A summary of the hardware:

    Dell Optiplex 755
    Intel Core 2 Duo E6550
    4 GB DDR2
    80 GB HD 10000 RPM
    ATI Radeo HD 2400 Pro
    Intel 82566DM-2 Gigabit Ethernet​
     
  2. Celestra

    Celestra Former Moderator

    Joined:
    Jan 15, 2008
    Messages:
    2,468
    Likes Received:
    14
  3. anakha

    anakha New Member

    Joined:
    Jun 9, 2008
    Messages:
    4
    Likes Received:
    0
    I figured it all out. It was a serious pebkac error on our part. Essentially what happened is that our deployer specific permissions only have permissions to modify/create a computer object in a specific OU. By trying to manually join to the domain using the deployer account, it was trying to create the computer object in the default Computers OU in AD. Since it didn't have permissions to do so, it wasn't able to create the object, and thus unable to join the domain. We also discovered that our unattend.xml file didn't have the correct OU listing in it for joining the domain, hence why it wasn't joining the domain during the install.
     
  4. kemical

    kemical Windows Forum Admin
    Staff Member Premium Supporter Microsoft MVP

    Joined:
    Aug 28, 2007
    Messages:
    31,840
    Likes Received:
    1,568
    Glad to hear you got it sorted..:D
     

Share This Page

Loading...