Domain And Private Network Location?
- Hi
There is some clients on my domain always assigning private network location (and unauthenticated) to the connection instead of domain location.
I had tried these steps but it doesn't work:
1- disable wireless connection.
2- disjoin the clients and rejoin them again.
thes clients are windows vista and 7.
how can I force the network location to be a domain location?- Moved byKevin RemdeMSFTWednesday, November 04, 2009 11:41 AM (From:IT Management Planning and Technology)
Answers
- Hi,
By default, Windows Server 2008 and Windows Server 2008 R2(Windows 7) use Network Location Awareness service (nlasvc) to identify networks and find the associated saved settings for the network, the NLA service will use a Default Gateway or SSID to identify a network. This identification is conducted by system automatically due to security consideration. We cannot change the network profile manually. Otherwise, the server will be unsafe if a local administrator right is leak even we have domain group policy to define firewall settings in public profile. A hacker can change a public profile to domain profile to allow unwanted traffic.
In Windows 7 and Windows Server 2008 R2, more than one profile can be active at the same time according to which networks the computer is connected. As a result, if the server cannot contact the domain via the public NIC, it will not be identified to connect to domain network.
Thanks.
This posting is provided "AS IS" with no warranties, and confers no rights.- Marked As Answer byMervyn ZhangMSFT, ModeratorMonday, November 09, 2009 8:52 AM
- Proposed As Answer byKudrat Sapaev Friday, November 06, 2009 2:23 PM
All Replies
- Amjad_211,
This is a technical question, and doesn't fit the intended purpose of this forum. This forum is for IT Managers to discuss systems people and project management topics.
I've moved the thread to a more appropriate location for your question.
Thanks!
Kevin
Kevin Remde US IT Evangelism - Microsoft Corporation http://blogs.technet.com/kevinremde - Hello,
Make sure you have DNS installed on your domain controller and the clients and receiving DNS from it.
Isaac Oben MCITP:EA, MCSE DNS is installed and running in all clients
- Hi,
By default, Windows Server 2008 and Windows Server 2008 R2(Windows 7) use Network Location Awareness service (nlasvc) to identify networks and find the associated saved settings for the network, the NLA service will use a Default Gateway or SSID to identify a network. This identification is conducted by system automatically due to security consideration. We cannot change the network profile manually. Otherwise, the server will be unsafe if a local administrator right is leak even we have domain group policy to define firewall settings in public profile. A hacker can change a public profile to domain profile to allow unwanted traffic.
In Windows 7 and Windows Server 2008 R2, more than one profile can be active at the same time according to which networks the computer is connected. As a result, if the server cannot contact the domain via the public NIC, it will not be identified to connect to domain network.
Thanks.
This posting is provided "AS IS" with no warranties, and confers no rights.- Marked As Answer byMervyn ZhangMSFT, ModeratorMonday, November 09, 2009 8:52 AM
- Proposed As Answer byKudrat Sapaev Friday, November 06, 2009 2:23 PM
