Forum Discussion
ViolentCrow
Oct 08, 2023Copper Contributor
Domain Controller showing network connection as Public
Notice for quite awhile now with the vnext server builds that when you promote it to domain controller it shows the network connections as public or private instead of DomainAuthenticated.
Is there a networking piece that I am missing that needs to be configured
- sergiuoleinicCopper ContributorIn my virtual lab ALL joined servers have this Public/Domain back and forth.
Quickest fix for me is to dissable and the re-enable the Network Interface Card via the Local Sever Manager > Ethernet0
A more bizare solution is to run a powershell script in scheduler every X hours, one line:
GET-NETADAPTER | RESTART-NETADAPTER- Joachim_OtahalIron ContributorBefore doing that brutal Restart-NetAdapter you should check with Get-NetConnectionProfile which .NetworkCategory is active.
- rpaz61Copper ContributorThis happened to a client that has two DCs. I found a solution that dates back to Nov 2014:
1. Set the Network Location Awareness service to 'Automatic (delayed start)'.
2. Double-check Network Location Awareness service existing dependencies by running: "sc qc nlasvc" from an elevated command prompt.
3. Add the following dependencies to the Network Location Awareness service: DNS and NTDS. To do so from elevated command prompt:
sc config nlasvc depend=NSI/RpcSs/TcpIp/Dhcp/Eventlog/DNS/NTDS
4. Reboot the domain controller. Once the domain controller is up and running, verify that the Windows Firewall is connected to "Domain networks".- Jaimito_0433Copper Contributor
rpaz61 - Thnx for this. Worked perfectly. 👍
- ChrisAtMafSteel ContributorVery common issue - see the accepted answer here https://learn.microsoft.com/en-us/answers/questions/400385/network-location-awareness-not-detecting-domain-ne
- Joachim_OtahalIron ContributorThis is not new, not limited to Server vnext rather "normal" since Server 2008 (without R2 - yes vista level!).
Three and a half solutions.
Half: Just wait, after a few minutes it usually detects it.
1. Quick: Restart "Network Location Awareness" aka "NlaSvc".
2. Correct: Set fixed IPV4 config (duh!), and then Policy -> Computer Policy -> Windows Settings -> Security Settings -> Network List Manager Settings -> set how to treat unknown and "detecting" networks. Your Windows Firewall should be set up correct too of course. IPV6 is a different beast.
3. Wrong: Disable Windows Firewall, neither GUI nor the services. Just don't. Windows often switches back to "total paranoia" mode randomly if you do that, and then you have to get to the local console.
Better use "Correct". Since the network location awareness starts before the DC services are fully available it cannot detect on which network you are. Same happens if, for some reason, default gateways answer on second of third ping after restart (complex switch environment etc).
I use the "Correct" method whenever possible, including networks of customers I see for the first time. Solves a lot of weirdness in many cases.- Gumby617Copper Contributor
I removed the default NIC from vmware, added a new one and that solved the issue. Joachim_Otahal
- Joachim_OtahalIron Contributor
Gumby617 😄 everything is fine when it solves the issue!
- ViolentCrowCopper ContributorNoticed if I disable the NIC and re-enable it the issue is resolved. But you need to do this every time the server is rebooted as when you reboot the server it will go back to public/private (unauthenticated).
- lolavarCopper Contributor
ViolentCrow I got the same problem. Did you resolve it?
- ViolentCrowCopper Contributor