Plugin encountered an error processing request 10001

If everything seems to be ok, when it comes to AD binding there is one golden rule - Check the time. The time on the computer has to be the same or very close to the same as the AD server time.

A couple years ago we received macs that were about 6 minutes off fresh out of the box, none of them binded. So I always put a script to sync the time with the time server first and then bind.

Good luck.

Have you read the contents of this thread:
https://jamfnation.jamfsoftware.com/discussion.html?id=9588

Roiegat,
I did forget to mention that they are tied to our domain time server and thus it is the same.

Mark,
I have seen that before but the solution appears to be a script. I was under the impression that we could just use the directory binding policy unless it is broke. I could try the script but I assume if I receive the 10001 error while going to users and groups, the script would also produce such an error.

What was needed was to give the JAMF service account proper permissions to the default Computers OU in AD. Go to the Security tab of the Computers OU and give the JAMF service account Full Control. Also, right-click on the Computers OU and create a custom task to delegate control of Computer objects (create and delete) to the JAMF service account.

The resolution posted above, when Tyler says JAMF service account, is that the account that should have permissions to bind to the domain in that specific OU?

@bacchusz Did you ever happen to find out the answer to your question? I'm like you, just one year in the future :)