Can't Join Computer To Domain - Event 4097 Error Code 384

dns active-directory domain windows-server-2003

12,783

The error code returns the following information:

C:\>net helpmsg 384

You can't connect to the file share because it's not secure. This share requires the obsolete SMB1 protocol, which is unsafe and could expose your system to attack.
Your system requires SMB2 or higher. For more info on resolving this issue, see: https://go.microsoft.com/fwlink/?linkid=852747

Verify that SMB1 support is enabled on the client machine in Windows Features and reboot the machine afterwards:

Warning: This is NOT recommended, and should only serve as a temporary workaround to let you join a 2003 domain.

SMBv1 is not installed by default in Windows 10 Fall Creators Update and Windows Server, version 1709 and later versions

12,783

pi905

Updated on September 18, 2022

Comments

pi905 over 1 year

I am trying to connect a laptop to my work domain. This computer has been connected to this same domain before, however it was wiped and setup as new for a new employee. I changed the hostname back to what it originally was when it was on the from when it was on the domain (denoted by placeholder LAPTOP in the error reports), but now when I try to connect it to the domain, I get the message "Can't join this domain." This has not happened to me before, and I can't find anything out there that matches my case save for a couple of posts with no resolution. I have also included the Event Viewer error as well as what was logged in C:\Windows\debug\NetSetup.

Event Viewer, Error 4097:

The machine LAPTOP attempted to join the domain DOMAIN.local but failed. The error code was 384.

NetSetup:

06/21/2018 13:40:27:514 NetpDoDomainJoin
06/21/2018 13:40:27:514 NetpDoDomainJoin: using new computer names
06/21/2018 13:40:27:514 NetpDoDomainJoin: NetpGetNewMachineName returned 0x0
06/21/2018 13:40:27:514 NetpDoDomainJoin: NetpGetNewHostName returned 0x0
06/21/2018 13:40:27:514 NetpMachineValidToJoin: 'LAPTOP'
06/21/2018 13:40:27:514 NetpMachineValidToJoin: status: 0x0
06/21/2018 13:40:27:514 NetpJoinDomain
06/21/2018 13:40:27:514     HostName: LAPTOP
06/21/2018 13:40:27:514     NetbiosName: LAPTOP
06/21/2018 13:40:27:514     Domain: DOMAIN.local
06/21/2018 13:40:27:514     MachineAccountOU: (NULL)
06/21/2018 13:40:27:514     Account: DOMAIN.local\ADMINUSER
06/21/2018 13:40:27:514     Options: 0x403
06/21/2018 13:40:27:546 NetpValidateName: checking to see if 'DOMAIN.local' is valid as type 3 name
06/21/2018 13:40:27:608 NetpCheckDomainNameIsValid [ Exists ] for 'DOMAIN.local' returned 0x0
06/21/2018 13:40:27:608 NetpValidateName: name 'DOMAIN.local' is valid for type 3
06/21/2018 13:40:27:608 NetpDsGetDcName: trying to find DC in domain 'DOMAIN.local', flags: 0x40001010
06/21/2018 13:40:28:077 NetpDsGetDcName: failed to find a DC having account 'LAPTOP$': 0x525, last error is 0x0
06/21/2018 13:40:28:093 NetpDsGetDcName: status of verifying DNS A record name resolution for 'DC.DOMAIN.local': 0x0
06/21/2018 13:40:28:093 NetpDsGetDcName: found DC '\\DC.DOMAIN.local' in the specified domain
06/21/2018 13:40:28:093 NetpJoinDomainOnDs: NetpDsGetDcName returned: 0x0
06/21/2018 13:40:28:093 NetpDisableIDNEncoding: using FQDN DOMAIN.local from dcinfo
06/21/2018 13:40:28:093 NetpDisableIDNEncoding: DnsDisableIdnEncoding(UNTILREBOOT) on 'DOMAIN.local' succeeded
06/21/2018 13:40:28:093 NetpJoinDomainOnDs: NetpDisableIDNEncoding returned: 0x0
06/21/2018 13:40:28:187 NetUseAdd to \\DC.DOMAIN.local\IPC$ returned 384
06/21/2018 13:40:28:187 NetpJoinDomainOnDs: status of connecting to dc '\\DC.DOMAIN.local': 0x180
06/21/2018 13:40:28:187 NetpJoinDomainOnDs: Function exits with status of: 0x180
06/21/2018 13:40:28:187 NetpResetIDNEncoding: DnsDisableIdnEncoding(RESETALL) on 'DOMAIN.local' returned 0x0
06/21/2018 13:40:28:187 NetpJoinDomainOnDs: NetpResetIDNEncoding on 'DOMAIN.local': 0x0
06/21/2018 13:40:28:187 NetpDoDomainJoin: status: 0x180

As a final note, I did see something on SMB, and after going into the registry I did not find an entry under the key path, which as I understand means that it is enabled. The DC is on Windows Server 2003.

Thank you for any and all advice.

Ramhound almost 6 years

What operating system is the client machine running? The error indicates the domain controller hostname could not even be resolved. You should contact your network administrator for assistance with this problem.
pi905 almost 6 years

@Ramhound The domain controller hostname was replaced with DC for the sake of general privacy, and the same applies to the domain, which was replaced with DOMAIN. My apologies for not making that clear in the original post. With that information, do you still see an issue? Also, the client machine is running on Windows 10.
Ramhound almost 6 years

It was clear. Does not change the fact, the error message still indicates, the client machine was unable to communicate with the domain controller. This cannot be solved by anyone that isn't an Administrator. Even if this is an SMB compatibility issue, only the Administrator on the Active Directory can solve that problem.

pi905 almost 6 years

This was the solution. I was able to enable it to join the domain, and then turn it off after and still be able to connect. I didn't know that the feature was disabled after recent updates, so that makes sense that it seemed to happen "all of a sudden." Thank you.
FastEthernet almost 6 years

@pi905 Be aware that you probably won't be able to apply logon scripts and group policies to this machine if it cannot reach the shares on the domain controller. Therefore you may want to keep SMB1 enabled on the client.
pi905 almost 6 years

that is something I did not take into account. I will probably need to apply some group policies in the future, so thank you for that reminder.