After some rebuilding of lab VM's you have
recreated a VM, assigned an IP and are now trying to re-join the domain. You are
attempting to use the same hostname as the VM had previously, the old Computer
Objects have been deleted from Active Directory. When you try to join the
domain you receive the error "Changing the Primary Domain DNS name of this
computer to "" failed. The name will remain "name.domain".
The error was: No mapping between account names and security ID's was done.
"
To look further into this issue I opened up the
C:\Windows\Debug\NetSetup log file and it stated
"NetpSetDnsHostNameAndSpn: NetpGetcomputerObjectDn Failed: 0x534".
After some research there was loads of blogs
stating the error "NetpSetDnsHostNameAndSpn: NetpGetcomputerObjectDn
Failed: 0x534" could be resolved by disabling NetBIOS etc, I was not
convinced as it was functioning correctly the day before. To check on the
health of the domain I used the command dcdiag /a from one of the
Domain Controllers.
The dcdiag /a returned the
following errors
"0x0000165B The session setup from computer
"blank hostname" failed because the security database does not
contain a trust account "blank hostname" referenced by the specified
computer."
"0x000016AD The session setup from the
computer "blank hostname" failed to authenticate."
The issue in this case was down to my own
patience, I had deleted the old computer objects on one of the Domain
Controllers. As the replication topology was configured to replicate every 15
minutes the other DC's in the domain had not received the directory changes.
The quick fix was to force and Active Directory
replication from the Active Directory Sites and Services MMC.
When I tried to add another VM to the domain it
worked without issue and the computer object appeared under the default
Computers OU as expected.
