Problem: When using adjoin with the --force option in order to have a computer join Active Directory where the computer object and the Zone object already exist, you will get an error message stating “Unexpected LDAP Error Already exists” because adjoin cannot delete and re-create the Zone object.
Cause: There is a known problem in the --force option of adjoin that does not properly delete the previous Zone object for the computer. Resolution: This will be fixed in DirectControl 3.0.1.
Workaround: Manually delete the Zone object for the computer via Active Directory Users and Computers.
For example, if the computer object to delete is "machine01" which was originally in the "default" Zone, and DirectControl's data is installed in the default location, Program Data, then from Active Directory Users and Computers:
1. Ensure from the "View" menu, "Advanced Features" is checked.
2. Expand on Program Data, Centrify, Zones, default, Computers.
3. Right click on the serviceConnectionPoint, "machine01" and select "Delete".
4. Retry the adjoin command with --force option, along with your additional normal options (type “adjoin” at the command shell for list of all options).