#4084 Unable to join root AD domain with AD child domain account
Unable to join an Active Directory root domain while supplying child domain credentials in any manner:

  • NETBIOS\samaccountname
  • samaccountname@CHILD.ROOT.COM

Joining the directory with root domain account works and enumeration works as expected thereafter. Changing the child domain account UPN to that of the root domain (from CHILD.ROOT.COM to ROOT.COM) also does not work.

Child domain account is provisioned access via ACL within Active Directory on both default join container as well as testing with specific OU DN. Functionality exists on Microsoft Windows clients from XP -> 10


which toll are you using to join the domain, adcli or net ads join or something different? Can you send the complete command line with the debug output of the tool (add -v for adcli or -d 10 for net ads join).


