Windows Server Summit 2024
Mar 26 2024 08:00 AM - Mar 28 2024 04:30 PM (PDT)
Microsoft Tech Community
SOLVED

Windows Server 2022 with NIC Teaming does apply Private connection profile

Brass Contributor

Hi

I have a physical server with Windows Server 2022 (21H2) installed and a NIC Teaming (LACP with 2 NICs, LB mode: dynamic) configured.

After a restart of the server Windows applies the Private (Firewall) connection profile despite the server is member of the domain (and DCs are available). Portfast is active on the switches.

Since it's not possible to manually restart the NLA service under Server 2022, the only workaround I found is to disable one of the NIC's and re-enable it. Doing that the DomainAuthenticated profile will be applied.

I'm wondering if this is a bug of Server 2022 or if there's another solution to this problem?

Thanks,

Phil

11 Replies

As a work-around you could try adding DNS to DependOnService here

 

DavePatrick_0-1659623599960.png

 

@Dave Patrick Does this work? I suffer the same behaviour in some servers.. 

 

Is it verified? :)

 

Thanks!

Any progress or updates? Please don't forget to mark helpful replies

 

 

Hi
I tried to put the DNS Client Service (= Dnscache) as dependency, but that did not resolve the issue.
What you suggested would require to have the DNS Server (=DNS) service installed, which is not the case in my scenario.

Hi! I am Scout and I am facing the issue you face. So, please guide me on how I can install the DNS server and run the device properly.

I am trying but have not succeeded. Please guide me so that my server is enabled and I can start my work properly. Thank You.
Regards,
Scout Bones

@scoutbones It's nice to know everybody is contributing to the post. You can check all the methods to solve your problem. two thump up for you as well. 

@cross350 Thank You so much for supporting us. This community is very responsive messaging in a few minutes.

@Phil81 SET is an alternative NIC Teaming solution that you can use in environments that include Hyper-V and the Software Defined Networking (SDN) stack in Windows Server 2016. SET integrates some NIC Teaming functionality into the Hyper-V Virtual Switch.

Most windows domain controller also run integrated active directory DNS, there may be some other complications with your systems. I'd suggest starting a case here with product support.

Services Hub (microsoft.com)

 

 

best response confirmed by Phil81 (Brass Contributor)
Solution
Dear all
sorry for my late update on this issue:
I finally managed to solve this by setting the following reg key on our 2022 servers:
Key path: HKLM\SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters
REG_DWORD: AlwaysExpectDomainController = 1
In addition you need to properly configure the DNS suffix on the (lan) interface manually (you can't do this by GPO, afaik).
Unfortunately the reg key is not very well documented (...basically not at all;-). I found some hints on this in some forum articles. It basically tells the NLA service to wait for a DC to respond forever. For domain-joined servers this should always be the case ;)
Best regards,
Phil
1 best response

Accepted Solutions
best response confirmed by Phil81 (Brass Contributor)
Solution
Dear all
sorry for my late update on this issue:
I finally managed to solve this by setting the following reg key on our 2022 servers:
Key path: HKLM\SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters
REG_DWORD: AlwaysExpectDomainController = 1
In addition you need to properly configure the DNS suffix on the (lan) interface manually (you can't do this by GPO, afaik).
Unfortunately the reg key is not very well documented (...basically not at all;-). I found some hints on this in some forum articles. It basically tells the NLA service to wait for a DC to respond forever. For domain-joined servers this should always be the case ;)
Best regards,
Phil

View solution in original post