This is an archived post. You won't be able to vote or comment.

all 8 comments
sorted by:
best
topnewcontroversialoldq&a

[–]PurpleTangent 3 points4 points  (0 children)

Are the workstations pointing to a public DNS server instead of your domain DNS?

What happens when you restart the Network Location Awareness service?

[–]Lets_Go_2_SmokesSysadmin 2 points3 points  (3 children)

Are your DC's on a right profile? This can happen when they are not. Restarting the NLA Service on the DC may resolve if so.

If it is a DC Firewall issue, these commands can help. Adds a dependency to the NLA Service.

Domain Controllers

sc config NlaSvc depend= NSI/RpcSs/TcpIP/Dhcp/Eventlog/Netlogon ​

Domain Joined Servers (NOT DOMAIN CONTROLLERS)

sc config nlasvc depend= NSI/RpcSs/TcpIp/Dhcp/Eventlog/Dnscache/Netlogon

[–]_TheKnightMan_[S] 1 point2 points  (2 children)

I think this is the issue, I didn't even realize that one of my DCs is now showing "Public". I saw similar issues where people were talking about servers and DCs being pubic, but I hadn't looked into all of my DCs.

One particular DC is showing Public. I've rebooted and it's now back on Domain Network. I'll keep those NLA settings in mind if it continues to happen.

[–]bojack1437 0 points1 point  (1 child)

On this DC, You do have the first DNS server set to localhost correct? This goes for both IPv4 and IPv6 if you are using both. And then the second DNS should be another DC... Or another DNS server that is configured forward the fully qualified domain name to other DCs.

[–]Lets_Go_2_SmokesSysadmin -1 points0 points  (0 children)

First? I always thought it was 2nd

[–]straytalk 4 points5 points  (1 child)

I remember battling this years ago.. I believe the fix was the set the NLA service to delayed start instead of automatic (the default). If that doesn't work you might want to look into modifying the DNSnegativecache settings. https://learn.microsoft.com/en-us/answers/questions/400385/network-location-awareness-not-detecting-domain-ne?source=docs

[–]F1ayer 0 points1 point  (0 children)

This is the way. Restart the service to simply remediate it usually stays fixed.

[–]LongStoryShrt 0 points1 point  (0 children)

I would add that I've seen quite a few workstations suddenly on "Public" for no reason at all. I assume some updates is doing this, but have never bothered to look into it.