10 thoughts on “Windows: Unable to join domain: Re-using the account was blocked by security policy.”

  1. I tried this on a fresh installed laptop.

    The error message:
    The following error occured attempting to join the domain “xxx.yy”:
    An entry with the same name already exists in Active Directory. Re-using the account was blocked by security policy.

    After adding the registry key, i could join our domain again.

    Thank you very much.

  2. I ran into this for the first time today. The workaround to add the registry entry fixed the issue. Thank you for posting the fix!

  3. This fixed it for us as well. Thank you for making this public! You saved a lot of time on a Saturday for 5+ people.

  4. Pretty irresponsible to blog about this and not make clear that you should be REMOVING this registry key once domain join completed. Leaving this key enabled/security feature disabled is a risk with no practical benefit.

    Remove-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\ -Name NetJoinLegacyAccountReuse

  5. In the process of rebuilding an Exchange Server., and this error came up.
    Was able to quickly fix!
    Thank you for sharing!

  6. This will work for me as well. Thanks, only need to run command prompt as a admin.

    Reg add HKLM\System\CurrentControlSet\Control\Lsa /v NetJoinLegacyAccountReuse /t REG_DWORD /d 1 /f

    Reg delete HKLM\System\CurrentControlSet\Control\Lsa /v NetJoinLegacyAccountReuse /f

Leave a Reply to Greg Lum Cancel reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.