- Newest
- Most votes
- Most comments
I suggest running the SSM command document AWS-JoinDirectoryServiceDomain from the ssm console where you can then get output error message - see here
Alternatively a great way to continue to use the default VPC resolver is to configure route53 outbound endpoints and rules. In this model you would not need to supply the dns values and has the added advantage of allowing vpc privatelink endpoints to utilise dns integration
I ran the command manually as you suggested and received the output below. If I manually change the DNS on the instance and do a manual join from the OS, the join works.
I will look at the other suggestion you made but wanted to see if I could get this working first.
Failed to create domain computer account 'EC2AMAZ-JT656AN', Message=Could not create computer. RequestId: 1fa37045-9c5d-43a5-bfe0-f01e56873cc9 : RequestId: 1fa37045-9c5d-43a5-bfe0-f01e56873cc9,ErrorCode=InvalidParameterException,ErrorType=Unknown,StatusCode=BadRequest
Amazon.DirectoryService.Model.InvalidParameterException: Could not create computer. RequestId: 1fa37045-9c5d-43a5-bfe0-f01e56873cc9 : RequestId: 1fa37045-9c5d-43a5-bfe0-f01e56873cc9 ---> Amazon.Runtime.Internal.HttpErrorResponseException: The remote server returned an error: (400) Bad Request. ---> System.Net.WebException: The remote server returned an error: (400) Bad Request.
at System.Net.HttpWebRequest.GetResponse()
at Amazon.Runtime.Internal.HttpRequest.GetResponse()
--- End of inner exception stack trace ---
at Amazon.Runtime.Internal.HttpRequest.GetResponse()
at Amazon.Runtime.Internal.HttpHandler`1.InvokeSync(IExecutionContext executionContext)
at Amazon.Runtime.Internal.Unmarshaller.InvokeSync(IExecutionContext executionContext)
at Amazon.Runtime.Internal.ErrorHandler.InvokeSync(IExecutionContext executionContext)
--- End of inner exception stack trace ---
at Amazon.Runtime.Internal.HttpErrorResponseExceptionHandler.HandleExceptionStream(IRequestContext requestContext, IWebResponseData httpErrorResponse, HttpErrorResponseException exception, Stream responseStream)
at Amazon.Runtime.Internal.HttpErrorResponseExceptionHandler.HandleException(IExecutionContext executionContext, HttpErrorResponseException exception)
at Amazon.Runtime.Internal.ErrorHandler.ProcessException(IExecutionContext executionContext, Exception exception)
at Amazon.Runtime.Internal.ErrorHandler.InvokeSync(IExecutionContext executionContext)
at Amazon.Runtime.Internal.CallbackHandler.InvokeSync(IExecutionContext executionContext)
at Amazon.Runtime.Internal.EndpointDiscoveryHandler.InvokeSync(IExecutionContext executionContext)
at Amazon.Runtime.Internal.RetryHandler.InvokeSync(IExecutionContext executionContext)
at Amazon.Runtime.Internal.CallbackHandler.InvokeSync(IExecutionContext executionContext)
at Amazon.Runtime.Internal.CallbackHandler.InvokeSync(IExecutionContext executionContext)
at Amazon.Runtime.Internal.ErrorCallbackHandler.InvokeSync(IExecutionContext executionContext)
at Amazon.Runtime.Internal.MetricsHandler.InvokeSync(IExecutionContext executionContext)
at Amazon.Runtime.Internal.RuntimePipeline.InvokeSync(IExecutionContext executionContext)
at Amazon.Runtime.AmazonServiceClient.Invoke[TResponse](AmazonWebServiceRequest request, InvokeOptionsBase options)
at Amazon.EC2Services.Config.Plugins.DomainJoin.Ec2SDomainJoin.CreateComputer(DomainJoinDto domainJoinDto, String desiredComputerName, String accountCreationPassword)
Domain join failed with exception: Domain Join failed, ComputerName:EC2AMAZ-JT656AN; Message:Could not create computer. RequestId: 1fa37045-9c5d-43a5-bfe0-f01e56873cc9 : RequestId: 1fa37045-9c5d-43a5-bfe0-f01e56873cc9; ErrorCode:InvalidParameterException; ErrorType:Amazon.DirectoryService.Model.InvalidParameterException; StatusCode:BadRequest
exit status 1
Were you able to resolve this issue? I am encountering the same error. Manually joining an instance works fine, but I need a auto scaling group to join up to my AD automatically.
Relevant content
- asked a year ago
- asked 4 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 6 months ago
The route53 suggestion worked to resolve AD DNS using the default vpc DNS settings. It didn't fix the auto join problem.