Solved

Unidentified Network (Public Network) after running dcpromo on 2008 server

Posted on 2009-07-08
7
2,045 Views
Last Modified: 2012-05-07
I've added a 2008 domain controller to the network to replace the current 2003 domain controller.  ADPREP ran fine and I ran DCPROMO on the 2008 server but after the first reboot the server lost network connectivity and it seems the reason is because now instead of using the domain network profile it's using the Public one because it thinks it's on an "unidentified network".   I cannot connect to or out of the 2008 server anymore, not even pings and the Network and Sharing Center says I have Local Access only.  

Also, the domain policy enabled the firewall and turned off the standard profile firewall in the registry as part my troubleshooting.   netsh shows the opmode as enabled and it won't let me disable. (if this is a firewall issue)

When the server was a member server everything was fine.

Thanks.
0
Comment
Question by:daboyle
  • 4
  • 3
7 Comments
 
LVL 3

Accepted Solution

by:
AdoBeebo earned 500 total points
ID: 24811667
Ping won't work in Public profile mode as ping is only available when you enable File Sharing in Network & Sharing Center, unless you make a seperate Firewall entry for it. Public profile is going to stop most in/out traffic as it is the profile that is designed for connecting to an unsecure hotspot in a cafe.
Try deleting all of the existing network locations, reinstalling the NIC with the latest driver from the manufacturer, checking the NIC settings match up to your network settings (e.g. flow speed), setting the new DC to DHCP and testing it on the same switch as the DHCP server.
After it rebooted did the wizard finish successfully? Any errors in the Event logs? Although I maybe wrong, I doubt this is a firewall issue. Might be worth running gpresult and see what policies have applied to it ...
0
 

Author Comment

by:daboyle
ID: 24812929
I'll go try that now.  

The event logs are full of errors about not being able to contact the domain.   When the server came back up I don't think it did finish because it couldn't see the network.   I see on the 2003 servers that there isn't any records in the DNS except for it's one A record, it's own DNS however looks like it syncronized and is correct with all three servers.  The existing two domain controllers have replication entries for the new server and are trying to replicate with it.
0
 

Author Comment

by:daboyle
ID: 24813134
I tried what you suggested and have the same problem.   I tried a different NIC as well and got the same result.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 3

Expert Comment

by:AdoBeebo
ID: 24813178
Have you run gpresult and has it picked up the Domain Controller policy?
0
 
LVL 3

Expert Comment

by:AdoBeebo
ID: 24817852
Also, did you run domainprep and forestprep before bringing up the new 2008 DC?
0
 

Author Comment

by:daboyle
ID: 24818060
It's working now but I don't actually know what was wrong.  Yesterday as part of troubleshooting I tried the built in Broadcom NIC that was in the server (I was using an intel card) and I experienced the same problem so I didn't think it was a bad NIC and switched back to the original.    I tried it again this afternoon and the Broadcom network card worked.    I'm not sure what has changed between yesterday and today, I had the firewall off yesterday and I turned it back on today but I dont' think that would be it.

It wasn't a TCP/IP setting and because nothing changed in the intel adapter setup from before and after the DCPROMO I can't explain it.   Maybe it was just a coincidence that the NIC failed when it did.   Whether it's a hardware issue or not I don't know, I'll have to try it in a spare server.

Thanks for your help.   And the server has replicated now with the others and it looks good.
0
 

Author Closing Comment

by:daboyle
ID: 31601283
Your thinking around the network adapter being the problem was correct.
0

Featured Post

Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

Join & Write a Comment

To effectively work with Diskpart on a Server Core, it is necessary to write some small batch script's, because you can't execute diskpart in a remote powershell session. To get startet, place the Diskpart batch script's into a share on your loca…
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now