Hello guy, 

A weird issue occurred to us when we were trying to join ISE to the domain. We have 2 nodes (VM version 2.7 patch 4) to join the domain. After entering the correct username and password of the domain administrator, our nodes failed to join it. I'm sure that the name server is correct. The error code was 5. Here are parts of the content of the log. 

2021-07-22 17:27:10,095 DEBUG ,139885544687360,Status: STATUS_ACCESS_DENIED = 0xC0000022 (-1073741790),RdrDfsConnectAttempt(),lwio/server/rdr/dfs.c:536
2021-07-22 17:27:10,095 DEBUG ,139885544687360,Status: STATUS_ACCESS_DENIED = 0xC0000022 (-1073741790),RdrDfsTreeConnectComplete(),lwio/server/rdr/dfs.c:599
2021-07-22 17:27:10,095 DEBUG ,139885544687360,Continuing context 0x7f38f8072990,RdrContinueContext(),lwio/server/rdr/driver.c:561
2021-07-22 17:27:10,095 DEBUG ,139885544687360,Status: STATUS_ACCESS_DENIED = 0xC0000022 (-1073741790),RdrCreateTreeConnectComplete(),lwio/server/rdr/create.c:143
2021-07-22 17:27:10,095 DEBUG ,139885544687360,Freed op context 0x7f38f8072990,RdrFreeContext(),lwio/server/rdr/driver.c:527
2021-07-22 17:27:10,095 DEBUG ,139885544687360,Freed op context 0x7f38f80725b0,RdrFreeContext(),lwio/server/rdr/driver.c:527
2021-07-22 17:27:10,095 DEBUG ,139885306394368,LEAVE_IF: -> 0xc0000022 (STATUS_ACCESS_DENIED) (EE = 0),LwNtCreateFile(),lwio/client/ntfileapictx.c:597
2021-07-22 17:27:10,095 DEBUG ,139885306394368,Converted DCERPC code 0x16c9a0e2 to NTSTATUS 0xc0000022,LsaOpenPolicy2(),lsass/client/rpc/lsa/lsa_openpolicy2.c:95
2021-07-22 17:27:10,095 VERBOSE,139885306394368,Error at ../../lsass/client/rpc/lsa/lsa_openpolicy2.c:96 [code: C0000022],LsaOpenPolicy2(),lsass/client/rpc/lsa/lsa_openpolicy2.c:96
2021-07-22 17:27:10,095 VERBOSE,139885306394368,Error at ../../lsass/server/auth-providers/ad-open-provider/join/join.c:763 [code: C0000022],LsaJoinDomainInternal(),lsass/server/auth-providers/ad-open-provider/join/join.c:763
2021-07-22 17:27:10,095 VERBOSE,139885306394368,Error code: 5 (symbol: ERROR_ACCESS_DENIED),LsaJoinDomainUac(),lsass/server/auth-providers/ad-open-provider/join/join.c:553
2021-07-22 17:27:10,095 DEBUG ,139885544687360,krb5: Destroying ccache MEMORY:139882656141768,LwKrb5TraceCallback(),lwadvapi/threaded/lwkrb5.c:1328
2021-07-22 17:27:10,095 DEBUG ,139885306394368,Switched gss krb5 credentials path from <null> to FILE:/tmp/krb5cc_318,LwKrb5SetThreadDefaultCachePath(),lwadvapi/threaded/lwkrb5.c:485
2021-07-22 17:27:10,095 DEBUG ,139885306394368,krb5: Destroying ccache FILE:/tmp/tktF6LvWI,LwKrb5TraceCallback(),lwadvapi/threaded/lwkrb5.c:1328

2021-07-22 17:27:10,095 VERBOSE,139885306394368,Error code: 5 (symbol: ERROR_ACCESS_DENIED),AD_JoinDomain(),lsass/server/auth-providers/ad-open-provider/provider-main.c:2751
2021-07-22 17:27:10,095 DEBUG ,139885306394368,ActionReportStopAction: Ending action JOIN_DOMAIN with result ERROR_ACCESS_DENIED,ActionReportStopAction(),lwadvapi/threaded/actions_reporter/action_reporter.cpp:160
2021-07-22 17:27:10,095 VERBOSE,139885306394368,AD_JoinDomain: sending log :
17:27:10 Joining to domain xxxxxx.com using user administrator
17:27:10 Searching for DC in domain xxxxxx.com
17:27:10 Found DC: 501.xxxxxx.com , client site is xxxx , dc site is xxxx
17:27:10 Checking credentials for user administrator
17:27:10 Getting TGT for account administrator@xxxxxx.com
17:27:10 TGT for account administrator@xxxxxx.com was retrieved successfully
17:27:10 Credentials for user administrator were verified
17:27:10 Searching for DC in domain xxxxxx.com
17:27:10 Found DC: 503.xxxxxx.com , client site is xxxx , dc site is xxxx

,AD_JoinDomain(),lsass/server/auth-providers/ad-open-provider/provider-main.c:2792
2021-07-22 17:27:10,095 VERBOSE,139885306394368,AD_JoinDomain: returned error 0,AD_JoinDomain(),lsass/server/auth-providers/ad-open-provider/provider-main.c:2793
2021-07-22 17:27:10,095 VERBOSE,139885306394368,AD_JoinDomain: free sActionReport=0x7f38f8078e20 , sActionReportSize=705,AD_JoinDomain(),lsass/server/auth-providers/ad-open-provider/provider-main.c:2827

Have you guys faced the same problems?