I ran into an issue at work today where a specific user couldn’t add a machine to the domain, but had been able to previously. A little research and I realized that by default, each user can only join up to 10 machines to the domain. I am not sure why there would be a limit like this (I would expect 0 or infinite), but here is how to increase the number (taken from http://blogs.technet.com/b/jhoward/archive/2005/04/18/403817.aspx)
- Start ADSI Edit (start/run/adsiedit.msc)
- Expand out the Domain node, right click on DC=
,DC=com and select properties
- Scan down to ms-DS-MachineAccountQuota
- Modify the value as appropriate, or clear the value to remove the limit entirely.