Sysprep clone fails to join domain after recreation

0 users found this article helpful

Symptoms

The first creation of a VDI clone from the template with chosen Sysprep preparation tool is successful.

After an attempt to recreate it, the same clone fails to join the domain, and access to it fails with the error: "Incorrect username or password".

Cause

Microsoft update with additional protection KB5020276 that contains - CVE-2022-38042

Take place after installing the October 11, 2022, or later Windows cumulative updates.

Resolution

  1. Open Registry Editor on Template VM (Run -> regedit).
  2. In the left pane of Registry Editor, navigate to the following registry key:
    HKLM\System\CurrentControlSet\Control\LSA
  3. Add NetJoinLegacyAccountReuse as REG_DWORD with value 1.

Microsoft description - KB5020276—Netjoin: Domain join hardening changes (microsoft.com)

Was this article helpful?

Tell us how we can improve it.