Windows 10: Workstations not identifying domain upon restart

Discus and support Workstations not identifying domain upon restart in Windows 10 Network and Sharing to solve the problem; Good morning, I hope everyone is well today, because I'm thoroughly stumped. Here's the situation. At my company, we have a remote office with 3... Discussion in 'Windows 10 Network and Sharing' started by jpjordan357, Feb 19, 2021.

  1. Workstations not identifying domain upon restart


    Good morning, I hope everyone is well today, because I'm thoroughly stumped. Here's the situation.
    At my company, we have a remote office with 3 workstation inside of it. I'll call the workstations PC1, PC2, and PC3. This office has a direct connection with our main network, so it's not running a VPN or anything, it's effectively in the office like everything else. We run some specialized software on these computers; it's setup that the main database (via SQL) is on PC1, with PC2 and PC3 dumping their data to PC1, and PC1 sends it on to the main SQL cluster in our data center. Therefore, if PC1 goes down, PC2 and PC3 are useless because they lose their connection to the database. I don't know why it's setup this way, but the DBA assures me it needs to be for what we're doing, so I don't wish to debate that. A problem that's cropped up over the last few months is as follows. PC1 will not identify the network its on as the domain; it will remain an 'Unidentified Network'. It's still on the domain, it can access servers, and everything, but when attached to an 'Unidentified Network', Windows applies a 'Public' network profile (as opposed to a 'Domain' profile). Our machine policy is set so that when on a 'Public' network, the Windows Defender firewall is up and denying connections, therefore, PC2 and PC3 cannot communicate with it. If I bring down the Defender Firewall, they connect right back up, but when computer policy applies in a few hours, it comes right back up. Additionally, if I reset the network adapter or uninstall and reinstall the drivers, tweak IP settings, do ANYTHING that causes the machine to cycle its network hardware, it instantly identifies the network as a Domain and all is well...until the computer restarts. You can imagine this is a problem when you're patching monthly and they need to reboot.

    I'm already looking into having that policy disinherited from the OU that these computer objects are in, but I'm not optimistic that they will allow this and that's a band-aid at best. I'm more curious if anyone has any ideas to force that network to identify properly without having to reset the network adapter each time. I'll mention that PC2 is also doing this, but PC3 is not. PC3 identifies the network properly. My network engineers tell me they don't see anything in the switch that is aberrant.

    I've removed and rejoined them to the domain, I've updated their drivers, and adjusted various DNS settings in the registry. All machines are running Windows 20H2 and are patched as of January; I pulled them out of WSUS patching until I can get this fixed, because I don't have time to make trips out there all the time. This was happening in Version 1909 as well, the patching didn't fix it or cause it.

    :)
     
    jpjordan357, Feb 19, 2021
    #1

  2. Trust relationship between this workstation and the primary domain failed

    I want to know the root cause for trust relationship error so please let me know which logs to check to find out exact reason for workstation-domain trust relationship error.

    I want to identify issue using the logs available in workstation machine.
     
    vishalkhatpe, Feb 19, 2021
    #2
  3. CredSSP error on domain joined workstations

    Unable to understand this situation. All workstations without domain are able to take remote sessions without difficulty, While all domain joined workstation throwing error of CredSSP oracle server remediation.
     
    aibadsiddiqui, Feb 19, 2021
    #3
  4. changari Win User

    Workstations not identifying domain upon restart

    Raising the windows domain and forest issues?


    hi,

    I run a domain that was all 2003 r2 servers. I recently upgraded all my domain controllers to windows 2012 r2.
    That went off without any problems.. Our trust relationships had no issues also.

    My first step was to raise the Domain and Forest levels past 2003 to 2008. This went off without a hitch.
    These are the features for raising the levels to 2008:

    • Features and benefits include all default Active Directory features, all features from the Windows Server 2003 domain functional level, plus:
    • Read-Only Domain Controllers – Allows implementation of domain controllers that only host read-only copy of NTDS database.
    • Advanced Encryption Services – (AES 128 and 256) support for the Kerberos protocol.
    • Distributed File System Replication (DFSR) – Allows SYSVOL to replicate using DFSR instead of older File Replication Service (FRS). It provides more robust and detailed replication of SYSVOL contents.

    Forest Level Windows Server 2008

    • Features and benefits include all of the features that are available at the Windows Server 2003 forest functional level, but no additional features. All domains that are subsequently added to the forest will operate at the Windows Server 2008 domain functional level by default.


    My next step is to raise the domain and forest to 2008 r2, then 2012, and finally 2012 r2. I have been trying to find out exactly what I could expect from raising the Domain and Forest for each step.

    The step involving 2008 r2 seems relatively a non issue. But getting the couple of new features seem very nice

    Domain Level Windows Server 2008 R2

    • All default Active Directory features, all features from the Windows Server 2008 domain functional level, plus 2 new features

    Forest Level Windows Server 2008 R2

    • All of the features that are available at the Windows Server 2003 forest functional level, plus the following features:


    • Active Directory Recycle Bin, which provides the ability to restore deleted objects in their entirety while AD DS is running. <== New Feature very cool
    • All domains subsequently added to the forest will operate at the Windows Server 2008 R2 domain functional level by default.

    Here is my big concerns for the next raising of domain and forest to 2012.

    Forest Level Windows Server 2012:

    • All of the features that are available at the Windows Server 2008 R2 forest functional level, but no additional features.
    • All domains subsequently added to the forest will operate at the Windows Server 2012 domain functional level by default.

    Domain Level Windows Server 2012 R2: <=====
    Need to investigate more and why this post

    • DC-side protections for Protected Users. Protected Users authenticating to a Windows Server 2012 R2 domain can no longer:


    • Authenticate with NTLM authentication <==============(what issues may arise)
    • Use DES or RC4 cipher suites in Kerberos pre-authentication
    • Be delegated with unconstrained or constrained delegation
    • Renew user tickets (TGTs) beyond the initial 4-hour lifetime


    Will this affect my exchange anywhere users with remote access authenticating either clear of NTLM???
    and what would/may not to work properly day 1 when I raise the domain and forest to 2012. I cant really find anyone that can answer a straight question.

    Has anyone gone through this? what problems did you have, if any , if a lot???

    Any thoughts and suggestions will be much appreciated??

    thanks


    - - - Updated - - -

    One more point... I am not sure if I posted this to the correct forum.. So if I was wrong and it should be in a different one..
    PLEASE LET ME KNOW
     
    changari, Feb 19, 2021
    #4
Thema:

Workstations not identifying domain upon restart

Loading...
  1. Workstations not identifying domain upon restart - Similar Threads - Workstations identifying domain

  2. Owner change to Domain Admins on Enterprise Workstations

    in Windows 10 Gaming
    Owner change to Domain Admins on Enterprise Workstations: Is there a GP that will allow owner change on many 300 workstations... and have that selected as a Default when a computer is staged: At least to change in bulk - and not 1:1. 1. Right-click on the PC object and choose 'Security' tab.2. Look towards the bottom right hand side...
  3. Owner change to Domain Admins on Enterprise Workstations

    in AntiVirus, Firewalls and System Security
    Owner change to Domain Admins on Enterprise Workstations: Is there a GP that will allow owner change on many 300 workstations... and have that selected as a Default when a computer is staged: At least to change in bulk - and not 1:1. 1. Right-click on the PC object and choose 'Security' tab.2. Look towards the bottom right hand side...
  4. Password Policies in Domain not Applying to Workstations

    in AntiVirus, Firewalls and System Security
    Password Policies in Domain not Applying to Workstations: We are trying to apply some changes to the password policies for the domain users.We have verify everything from scope, delegation, inheritance block and still can't seem to find the issue. Which is that whenever the user tries changing the password using CTL+ALT+DELETE it...
  5. Password Policies in Domain not Applying to Workstations

    in Windows 10 Gaming
    Password Policies in Domain not Applying to Workstations: We are trying to apply some changes to the password policies for the domain users.We have verify everything from scope, delegation, inheritance block and still can't seem to find the issue. Which is that whenever the user tries changing the password using CTL+ALT+DELETE it...
  6. Password Policies in Domain not Applying to Workstations

    in Windows 10 Software and Apps
    Password Policies in Domain not Applying to Workstations: We are trying to apply some changes to the password policies for the domain users.We have verify everything from scope, delegation, inheritance block and still can't seem to find the issue. Which is that whenever the user tries changing the password using CTL+ALT+DELETE it...
  7. Domain Admin does not have admin privileges on domain Win10 workstation

    in AntiVirus, Firewalls and System Security
    Domain Admin does not have admin privileges on domain Win10 workstation: Domain Admin does not have admin privileges on domain Win10 workstation: Environment:DC/AD: Windows Server 2016Workstation: Windows 10 Enterprise 2OH2 19042.1110 Issue:As a member of the "Domain Admins" and "Administrators" groups, a user "sean" is denied elevated privileges...
  8. Domain workstations user profiles are getting deleted.

    in Windows Hello & Lockscreen
    Domain workstations user profiles are getting deleted.: The environment here consists of a Windows Server 2012 R2 as the domain controller and about forty workstation all running Windows 10. On only a hand full of workstations, we occasionally about once a month experience an issue where all the user profiles get deleted. When the...
  9. Logging into windows domain with Windows 10 workstation

    in Windows 10 Ask Insider
    Logging into windows domain with Windows 10 workstation: This is probably a stupidly simple question for some of the people on this so, so I apologize in advance. I have a laptop with Windows 10, and can sign into it using the account that was given. I also have been given a domain account and would like to sign into the domain...
  10. the trust relationship between this workstation and the domain failed

    in Windows 10 Network and Sharing
    the trust relationship between this workstation and the domain failed: I am trying to map to a share on a VMware virtual server and I keep getting the trust relationship between this workstation and the domain failed error message. I have tried every conceivable suggestion on the web to resolve this issue including adding removing the computer...