Forum Discussion

DarienHawkins's avatar
DarienHawkins
Brass Contributor
Apr 27, 2024

Server 2025 Core ADDS DC, Network Profile Showing as "Public" and not as "DomainAuthenticated"

OS: Windows Server 20225 Standard Core (no GUI), build 26085.1 Role: ADDS, DNS ForestMode: Windows2025Forest DomainMode: Windows2025Domain Platform: Hyper-V guest   When standing up a clean Win...
adds
Network Location Awareness
Server
Server Issues
Windows Server 2025
Erik_Moreau's avatar
Erik_Moreau
MVP
Apr 05, 2025

Hi,

I've created this Workaround Script:

It will create a folder C:\install\scripts, put a fix script in it and schedule it to run at startup, the script will reset the adapter if in public profile

$scriptContent = @"
# FixPubFWProfile.ps1
# This script fixes the public network profile

# Get the network profiles
`$networkProfiles = Get-NetConnectionProfile

# Wait for 60 seconds
Start-Sleep -Seconds 60

# Loop through each profile and restart-adapter if it is set to public
foreach (`$Nprofile in `$networkProfiles) {
    if (`$Nprofile.NetworkCategory -eq "Public") { 
        Restart-NetAdapter -Name `$Nprofile.InterfaceAlias
    }
}
"@

$scriptPath = "c:\Install\Scripts\FixPubFWProfile.ps1"

# Create the directory if it doesn't exist
if (-not (Test-Path -Path (Split-Path -Path $scriptPath))) {
    New-Item -ItemType Directory -Path (Split-Path -Path $scriptPath) -Force
}

# Write the script content to the file
Set-Content -Path $scriptPath -Value $scriptContent

Write-Output "Script created at $scriptPath"

$action = New-ScheduledTaskAction -Execute "powershell.exe" -Argument "-ExecutionPolicy Bypass -NoProfile -File `"$scriptPath`""
$trigger = New-ScheduledTaskTrigger -AtStartup
$principal = New-ScheduledTaskPrincipal -UserId "SYSTEM" -LogonType ServiceAccount -RunLevel Highest
$settings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -StartWhenAvailable

#check if the task already exists
$taskExists = Get-ScheduledTask -TaskName "FixPublicNetworkProfile" -ErrorAction SilentlyContinue
if ($taskExists) {
    Write-Output "Scheduled task 'FixPublicNetworkProfile' already exists"
}
else {
    Register-ScheduledTask -Action $action -Trigger $trigger -Principal $principal -Settings $settings -TaskName "FixPublicNetworkProfile" -Description "Fixes the public network profile 1 minute after startup"
    Write-Output "Scheduled task 'FixPublicNetworkProfile' created to run at startup with a 1 minute delay in the script"
}

also on my blog: https://www.technine.be/wp-content/uploads/2025/04/Fix-Public-Network-Profile.ps1

hope this helps, 

  • F_Cava's avatar
    F_Cava
    Copper Contributor
    Jun 25, 2025

    I used a .bat that starts every boot: powershell restart-netadapter *

     

    A little different

  • JeffW76's avatar
    JeffW76
    Copper Contributor
    May 23, 2025

    I have a small test network running a single 2025 Server as a DC, with DNS pointing at itself via loopback (there's nowhere else to send it). On first setting it up as a DC, it appeared to work fine, but after subsequent reboot, firewall rules were blocking file-shares and various other things. 

    After a while I worked out the network was in the public profile and it was likely a FW problem then came across this post. Your script fixed the problem immediately and the least intrusively. Thank you!

    I'm guessing the pointing DNS at itself, is probably the cause.... we all know to point at another DC, and that likely works fine. I'm guessing DNS is not up before it makes the decision on profiles.


Resources