We recently remove our user account used to add computers to the domain, from the domain admin group due to security concerns. Now when trying to add a computer to the domain using a DS job to put it directly into a Computer_Deployment OU, I get "An invalid dn syntax has been specified." error. The computer thinks it is on the domain at this point, but the computer account does not exist in AD. What I have found to fix this is to make another configuration job to remove the computer from the domain (put it in a workgroup) and re-run the job. It than works without any problems. This problem is only for Windows 7 x64 computers. The same job works without any problems when building XP computers.
Here is the layout of my name job:
Modify Configuration: Name = token %SERIALNUM%
Workgroup = temp
Modify Configuration: Domain = FQDN/Computer_Deployment.
One note: I can manually add computers to the domain using the same account the DS is using.
DS 6.9 sp5