Mechanics of how Windows 10 Networking determines when to switch to using the Domain Windows Defende

Copper Contributor

Hi

 

Some of our Windows 10 Desktops are not switching to the Domain firewall profile (Unidentified Network and public firewall profile), whereas others are.

 

Can anyone point me to any sites or links that go into detail what Windows steps through to determine if a Desktop should be on the Domain firewall profile.

 

I'm finding a lot of high-level info regarding Network Location Awareness, the NLA service, the network adapter, LDAP etc., but nothing in detail that's really helps us troubleshoot in a systematic way.

 

I've found few snippets like where in the registry the Domain Name is stored, NLA identifies a network based on the MAC address of the default gateway, an LDAP query is done to port 389 of the Domain Controller etc.

 

I've also found things we can try such as restarting NLA and/ or setting it up as auto (delayed) - neither of which works, adding the DNS suffix to the network adapter, disabling ipv6 - works till a reboot and then reverts back to Identified Network.

 

If anyone can point me to specific details on the mechanics of how it works,  that would be a big help and allow us to troubleshoot in a more systematic way.

 

Any info would be appreciated.

 

Kind Regards

Harris

0 Replies