Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, February 9, 2017 6:52 AM
Hello,
every now and then some Win10 client pc in our Active Directory organisation, which are DHCP clients, do get a Public Network profile instead of Domain Network. From that moment on they cannot do any network trafic. Usually this happens after a new IP assignment, e.g. after by some reason the NIC was disabled/enabled again. Most of the times this issue is gone after a reboot, but sometimes it happens for several days. In that case we switch from the LAN nic to Wirele, wich then eventually works.
Any idea why this network profile assignemnt goes wrong? I could not figure out any cause, as it happens maybe once per month at one pc, one of about 100.
kind regards,
Dieter Tontsch
mobileX AG
All replies (3)
Friday, February 10, 2017 1:17 AM ✅Answered | 6 votes
Dear Dieter,
Microsoft uses Network Location Awareness (NLA) to determine if a network connection is on a public LAN, private LAN, or domain network. Sometimes, it gets it wrong. The issue with wrong placement is that the firewall rules that get used are based on the connection’s location.
There are circumstances where the location can be corrected from within the "Network and Sharing Center". Often such changes do not survive a reboot or other network changes.
In order to MOVE FROM PUBLIC TO DOMAIN, we can try this method: use a change to the network connection properties to give NLA the information it needs to properly place the location.
1.Go to Network Connections (from the Network and Sharing Center, click on "Change adapter settings".)
2.Go to the properties for IPv4. Click the "Advanced..." button, select the DNS tab.
Enter your domain name into the text box for "DNS suffix for this connection:".
Disable and then enable the connection to get NLA to re-identify the location.
After enabling the connection, the Status should change to the domain name and Network Category to "Domain network". Depending on your setup, it is likely that you only need to "fix" one connection to get all the related connections to see the domain.
Hope my clarification is clear.
Best regards
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Friday, February 10, 2017 1:20 AM ✅Answered | 2 votes
Besides, to my knowledge, there is a registry key controls network profile, as a reference method.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles\
Open the network profile that you have to change and modify the "Category" value:
0 = public
1 = private
2 = domain
Have a try please.
Best regards
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Monday, February 13, 2017 6:48 AM ✅Answered
Hi, i couldn't try your suggestion since th he issue did not occur anymore since then. But I marked it as answer, in case somebody else coms accorss this in order to give it a try. Also , what I did several times wich Server OS is to change ht enetwork locatoin manually like described here: http://blogs.msmvps.com/russel/2013/12/29/set-network-location-to-private-in-windows-8-1server-2012-r2/. I think that also works with Windows 10 OS.
Get-NetConnectionProfile
Set-NetConnectionProfile -InterfaceIndex xx -NetworkCategory Private
Dieter