Windows Server 2012 R2 and Windows Server 2016 will fail to identify a Domain Network when multiple Network Interface Cards are present and one or more do not have a Default Gateway specified. The network identifies as “Public network” or “Private network” when it should be identified as a “Domain network”. In my case I had a server with a team of NICs for Management on a Corporate Network and another set of NICs on a private iSCSI network. After a reboot, the Network Location Awareness service would identify the network as Unidentified and Private causing policies to begin blocking services such as Remote Desktop. I found all sorts of potential solutions from delaying the start up of the Network Location Awareness Server (NLA), adding a Default Gateway to the iSCSI adapters, and editing Group Policy.
In the end, none of the solutions helps me. I tried even tried disabling all unnecessary protocols on the iSCSI NICs and still have this issue. If anyone knows of a solution, comment below. Thanks!
As indicated, there are a few different solutions to this problem and honestly, I’m not really sure which is the “correct” method. None of them works for me. Feel free to comment below with additional information.
Delaying the Startup of the Network Location Awareness service
Change the Network Location Awareness service Startup type from Automatic to Automatic (Delayed Start). Reboot the machine to test.
Change the Network Location of an adapter using PowerShell
This method forces a network to identify as “Domain network”.
- Launch PowerShell as Administrator.
- Type the following command to list the Network Connection Profile and note the InterfaceIndex number.
- Run the following command replacing ? with the InterfaceIndex number to force the network to identify as “Domain network”.
Set-NetConnectionProfile -InterfaceIndex ? -NetworkCategory Domain
- Run the following command again to verify the change has been made.
Modify the NetworkName and PolicyOverdue settings in the Registry
This method appears to add a piece of missing information to the Registry. In my case the NetworkName value was empty. I set the NetworkName to the domain name, changed PolicyOverdue to 1, and then restarted the NLA service. But I still have no luck.
- Launch regedit.exe.
- Browse to HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\History.
- Set NetworkName REG_SZ to your domain name.
- Set PolicyOverdue REG_DWORD to “1”.
- Restart the Network Location Awareness service.