with the October 2022 update kb5020276 Microsoft has hardened the security for re-using a domains computerobject.
A re-jojn fails if the user has not the appropriate permissions. The error message: Re-using the account was blocked by security policy occurs.
Currently a workararound exists by setting the following registry key at the client:
D:\> Reg add HKLM\System\CurrentControlSet\Control\Lsa /v NetJoinLegacyAccountReuse /t REG_DWORD /d 1 /f
After joining the domain, remove the key to avoid any security impacts
D:\> Reg delete HKLM\System\CurrentControlSet\Control\Lsa /v NetJoinLegacyAccountReuse /f
Update 12.11.2022: I opened an support case at Microsoft because this change breaks several delegation concepts. As a result setting the registry key is a temporary workaround (offical) temporary workaround. but, Citation Microsoft: This can removed in the future (and can replaced by another method). The support engineer says there are other customers that have openend a similar request and Microsoft is currently evaluating the impact of the change.
So if you have to ability: Open a support case .(company account). The more cases the more importend for Microsoft to work an this issue.
to be continued…