Ghost Solution Suite

Hi guys,

I am running Ghost 11.5.0.2113 on a network server win2003. The server used to be NT and was upgraded to 2000 then 2003, and I think this is where my problems lie.....

All my clients are Win XP. I have 9 different computer models and have created separate images for them all.
I use the console to push out the images.
After hours of testing and re-testing - the only way I can get my machines to rejoin the network as a config task is if I edit the configuration settings beforehand.

1) I go into each individual client setting and change "target operating system" to NT4 (even though they are all WINXP already).
2) I also make sure they only get moved into the "computer" container in active directory (even though I want them in a different OU).
3) I then have to delete the existing computer account out of Active Directory.

If I complete all the above steps it works fine, but as you can imagine, this is very time consuming - having to edit every single machine setting beforehand. I cant use a config template as I want them to retain the existing computer name.
Once the task is complete I then have to move the computer in active directory into the correct OU so that my group policy lockdown settings are applied.
If I then go back into the workstation properties and look at the configuration tab, It has automatically selected the windows 2000/xp/vista radio button again. And so I have to go through all 3 above steps again a month later when I want to re-image.

I would love to be able to just leave the config tab as it is and just run a task without having to complete the 3 steps above. I have completed manual builds using my ghostserver user account, have added it to the domain admins group - and given it permissions in the OU properties. All to no avail.

Can anybody help?

many thanks

 Hi,


Starting with point 3, if the account is previously created by an Administrator or if AD transferred the ownership to Administrator, other accounts can't delete it. Could you check who owns the computer account? If created by Ghost, it should be the Console user name (in supported domains).

Not moving to OU is related I think, but probably a secondary affect. 

Main difference between NT config and XP.. config is, there is no DNS name in NT Config. As you correctly guessed, this could be a leftover from NT server.

If you run a config task to join a machine to domain default container after deleting the existing account, what error message do you get? Do you get a warning in the task log at step create computer account?

Krish

Hi Krish,
The computer account is getting created no problems, regardless of whether it is in the default container or the other OU. I think it is checking to see if it already exists first and then just moves it to the container I specify as I cant see it being deleted and re-created. The owner is actually the Group "domain admins".

If I delete the computer account and then change the config to winNT it works fine.

I have been reading other threads and have found bits about netsetup.txt. I think I have DNS lookup issues according to my logs below. If I leave the config as winxp and try and join my domain I get this:

03/31 11:57:09 NetpDoDomainJoin
03/31 11:57:09 NetpMachineValidToJoin: 'C244-3'
03/31 11:57:09 NetpGetLsaPrimaryDomain: status: 0x0
03/31 11:57:09 NetpMachineValidToJoin: status: 0x0
03/31 11:57:09 NetpJoinDomain
03/31 11:57:09     Machine: C244-3
03/31 11:57:09     Domain: axpveip\NETLANDC1.axpveip
03/31 11:57:09     MachineAccountOU: (NULL)
03/31 11:57:09     Account: (NULL)
03/31 11:57:09     Options: 0xc1
03/31 11:57:09     OS Version: 5.1
03/31 11:57:09     Build number: 2600
03/31 11:57:09     ServicePack: Service Pack 3
03/31 11:57:09 NetpValidateName: checking to see if 'axpveip' is valid as type 3 name
03/31 11:57:12 NetpCheckDomainNameIsValid for axpveip returned 0x54b
03/31 11:57:12 NetpCheckDomainNameIsValid [ Exists ] for 'axpveip' returned 0x54b
03/31 11:57:12 NetpDoDomainJoin: status: 0x54b

Here is the log for when I change it to winNT:

03/31 12:09:57 NetpDoDomainJoin
03/31 12:09:57 NetpMachineValidToJoin: 'C244-3'
03/31 12:09:57 NetpGetLsaPrimaryDomain: status: 0x0
03/31 12:09:57 NetpMachineValidToJoin: status: 0x0
03/31 12:09:57 NetpJoinDomain
03/31 12:09:57     Machine: C244-3
03/31 12:09:57     Domain: VEIP
03/31 12:09:57     MachineAccountOU: (NULL)
03/31 12:09:57     Account: (NULL)
03/31 12:09:57     Options: 0xc1
03/31 12:09:57     OS Version: 5.1
03/31 12:09:57     Build number: 2600
03/31 12:09:57     ServicePack: Service Pack 3
03/31 12:09:57 NetpValidateName: checking to see if 'VEIP' is valid as type 3 name
03/31 12:09:57 NetpCheckDomainNameIsValid [ Exists ] for 'VEIP' returned 0x0
03/31 12:09:57 NetpValidateName: name 'VEIP' is valid for type 3
03/31 12:09:57 NetpDsGetDcName: trying to find DC in domain 'VEIP', flags: 0x1020
03/31 12:09:57 NetpDsGetDcName: found DC '\\NETLANDC2' in the specified domain
03/31 12:09:57 NetpJoinDomain: status of connecting to dc '\\NETLANDC2': 0x0
03/31 12:09:58 NetpGetLsaPrimaryDomain: status: 0x0
03/31 12:09:58 NetpGetDnsHostName: Read NV Hostname: C244-3
03/31 12:09:58 NetpGetDnsHostName: PrimaryDnsSuffix defaulted to DNS domain name: axpveip
03/31 12:09:58 NetpLsaOpenSecret: status: 0xc0000034
03/31 12:09:59 NetpJoinDomain: w9x: status of validating account: 0x0
03/31 12:09:59 NetpGetLsaPrimaryDomain: status: 0x0
03/31 12:10:00 NetpSetLsaPrimaryDomain: for 'VEIP' status: 0x0
03/31 12:10:00 NetpJoinDomain: status of setting LSA pri. domain: 0x0
03/31 12:10:02 NetpJoinDomain: status of managing local groups: 0x0
03/31 12:10:02 NetpJoinDomain: status of setting netlogon cache: 0x0
03/31 12:10:04 NetpJoinDomain: status of setting ComputerNamePhysicalDnsDomain to 'axpveip': 0x0
03/31 12:10:06 NetpUpdateW32timeConfig: 0x0
03/31 12:10:06 NetpJoinDomain: status of disconnecting from '\\NETLANDC2': 0x0
03/31 12:10:06 NetpDoDomainJoin: status: 0x0

My domain is called "VEIP". At least this is what it will have been called originally in NT. We have then upgraded to 2003 - and within active directory it is called "axpveip".
If I go into properties of any machine the fullpath is called  "compname".axpveip.
However if I try and manually change this name I have to type in VEIP to join domain. It will not join a domain using axpveip (even though everything says my domain is called axpveip). It will only use the old name ??

any help appreciated.....
cheers

Windows IP Configuration

        Host Name . . . . . . . . . . . . : CG28-C
        Primary Dns Suffix  . . . . . . . : axpveip
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : axpveip
                                            axpveip

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . : axpveip
        Description . . . . . . . . . . . : Intel(R) 82562V-2 10/100 Network Con
nection
        Physical Address. . . . . . . . . : 00-1D-09-8D-00-0C
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 25.14.148.51
        Subnet Mask . . . . . . . . . . . : 255.255.252.0
        IP Address. . . . . . . . . . . . : fe80::21d:9ff:fe8d:c%4
        Default Gateway . . . . . . . . . : 25.14.148.5
        DHCP Server . . . . . . . . . . . : 25.14.148.11
        DNS Servers . . . . . . . . . . . : 25.14.148.11
                                            25.14.148.5
                                            fec0:0:0:ffff::1%1
                                            fec0:0:0:ffff::2%1
                                            fec0:0:0:ffff::3%1
        Lease Obtained. . . . . . . . . . : 31 March 2009 13:42:39
        Lease Expires . . . . . . . . . . : 04 April 2009 13:42:39