This is a fresh install of OES2/DSfW, with patches, into an existing tree with an existing DSfW server.
Chose the "New Domain in an Existing Domain Services for Windows forest" option
OES installed ok, but DSfW Provisioning Wizzer fails at 'Add Domain Controller'

excerpt from log:

Code:
2010-09-28 13:30:26 Pre-check of Domain Join Passed
>>>Joining the domain
2010-09-28 13:30:28 Removing old machine account (if necessary)
ou=OESSystemObjects,ou=bbbb,o=aaaa --remove aaaa-dsfw1.bbbb.aaaa.org
ou=OESSystemObjects,ou=bbbb,o=aaaa
Failed to establish LDAP connection with aaaa-dsfw1.bbbb.aaaa.org: Local error
(Check that you have Kerberos credentials; you may need to run kinit.)
2010-09-28 13:30:28 Joining this machine to the domain
ou=OESSystemObjects,ou=bbbb,o=aaaa' -s Default-First-Site-Name --join aaaa-dsfw1.bbbb.aaaa.org
Created domain controller account <CN=aaaa-DSFW2,ou=Domain Controllers,dc=bbbb,dc=aaaa,dc=gov>
Failed to add server object for aaaa-DSFW2: Already exists
Rolling back object <CN=aaaa-DSFW2,ou=Domain Controllers,dc=bbbb,dc=aaaa,dc=org>... Success
Could not join this machine to the domain at /opt/novell/xad/lib64/perl/XAD/secure.pm line 775.
 at /opt/novell/xad/lib64/perl/Logger.pm line 119
	Logger::_err('Could not join this machine to the domain at /opt/novell/xad/...') called at /opt/novell/xad/lib64/perl/Logger.pm line 202
	Logger::Log(0, 'Could not join this machine to the domain at /opt/novell/xad/...') called at /opt/novell/xad/lib64/perl/XAD/secure.pm line 781
	secure::domain_join('adc_install=HASH(0x63c420)') called at /opt/novell/xad/share/dcinit/provision/provision_domain_join.pl line 37
Manually running the provision tool (after exporting appropriate passwords) similarly fails:

Code:
# /opt/novell/xad/sbin/provision -d -g "645229b4-cb0f-11df-ac45-00265582a60c" -i 192.168.1.245 -k /var/opt/novell/xad/ds/krb5kdc/krb5.keytab -m aaaa-DSFW2 -S 'CN=aaaa-DSFW2,ou=OESSystemObjects,ou=bbbb,o=aaaa' -s Default-First-Site-Name --join aaaa-dsfw1.bbbb.aaaa.org
Domain Services for Windows Server Provisioning Tool
Copyright (c) 2001-2007 Novell, Inc. All rights reserved.

Created domain controller account <CN=aaaa-DSFW2,ou=Domain Controllers,dc=bbbb,dc=aaaa,dc=org>
Failed to add server object for aaaa-DSFW2: Already exists
Rolling back object <CN=aaaa-DSFW2,ou=Domain Controllers,dc=bbbb,dc=aaaa,dc=org>... Success
It complains "Failed to add server object for aaaa-DSFW2: Already exists" but of course the server object exists (in the container OESSystemObjects.bbbb.aaaa), it was created during the OES2 install, at which time DSfW was also selected

Can't delete the existing server object (don't think I'd want to anyway) since the server is up and running (which of course it must be in order to complete DSfW provisioning).

Any ideas anyone? Thanks in advance...