<div>
Do you have a connection specific DNS suffix assigned to the NIC? You can check this under the DNS tab for the connection (Network connections - properties of your adapter - IPV4 - advanced - dns).<br />
<br />
If you don't have a suffix, assign one.
</div>


<div>
What are the two servers configured with for DNS? Both should be configured to look at the DC for DNS as the primary DNS server. If they have anything else, the firewall profile would reconfigure itself as being in an unknown network (because it isn't technically on the domain).
</div>


<div>
Hi Joseph,<br />
<br />
Normally, none of the dns suffix is assigned. I shall assign it when on site 2 days to go.<br />
<br />
Thanks for the prompted suggestion.
</div>


<div>
Hi Adam,<br />
<br />
Now I recall that there are 2 DCs, one located at site a, and another one at site b. Both sites are connected in WAN infra. The affected DC and few servers are located at site a, while the second DC located at site b. <br />
<br />
All these servers and DCs are located behind a &quot;local firewall&quot;, to a pair or routers, and then a &quot;remote firewall&quot; to the other site. On site a, there could be few updates on the local firewall that does not allow all the servers and DC access to site b. <br />
<br />
Let's me confirm this and get back to you in 2 days' time.<br />
<br />
thanks,
</div>


<div>
You've already often some good advice but as an aside, your profile folder names are not an indication or a proble,m.<br />
<br />
Windows will always try to create a profile folder based on the username first, even for domain accounts. So &quot;administrator&quot; instead of &quot;administrator.ts&quot; is perfectly normal and NOT an indication of a problem.<br />
<br />
It will append a dot-domain only if another folder with the same name already exists and has a mismatched ACL and isn't in the registry. &nbsp;<br />
<br />
And if a username.domain folder already exists, it'll start appending numbers.... such as username.000 and username.001<br />
<br />
All in the name of preventing data loss. This is normal and expecfed.
</div>


<div>
By restarting the nla service, problem no more
</div>


<div>
<div class="content wysiwyg-content">
This is a newly-setup MS Windows 2012 R2 AD Domain. There are 2 DCs, both W2K12 R2. However, found that one of the DC and few other W2K12 R2 member servers (all are VMs) was assigned with &quot;guest or public network&quot; profile, instead of Domain network. On the network and connection center, it was shown with &quot;unidentified network&quot;. Even logging on with a domain user (or admin), this seems like a local user account profile. for example, a domain user account logged on affected DC was given the user path of &quot;c:\users\administrator folder. While the correct ones should be &quot;c:\users\administrator.TS<wbr />&quot; folder (TS is the domain name). Btw, what's went wrong? What should I do to get them back to the right track? <br />
<br />
I heard that may have to delay-start the NLA service? is that true?<br />
<br />
Appreciate for your help, many thanks.<br />
<a href="https://filedb.experts-exchange.com/incoming/2016/08_w35/1113048/EE---DC01-firewall-shows-public-netw.jpg" target="_blank" class="file-inline" title="Guest or public network - firewall profile (271 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>EE---DC01-firewall-shows-public-netw.jpg</a><br />
<a href="https://filedb.experts-exchange.com/incoming/2016/08_w35/1113049/EE---DC01---Network.jpg" target="_blank" class="file-inline" title="Unidentified network - network profile (251 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>EE---DC01---Network.jpg</a><br />
<a href="https://filedb.experts-exchange.com/incoming/2016/08_w35/1113050/EE---set-on-DC01.txt" target="_blank" class="file-inline" title="Local User profile on affected DC (1 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>EE---set-on-DC01.txt</a><br />
<a href="https://filedb.experts-exchange.com/incoming/2016/08_w35/1113051/EE---set-on-TSserver01.txt" target="_blank" class="file-inline" title="Correct domain user profile on unaffected server (2 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>EE---set-on-TSserver01.txt</a>
</div>
</div>


Correct domain user profile on unaffected server

EE---set-on-TSserver01.txt

Guest or public network - firewall profile

EE---DC01-firewall-shows-public-netw.jpg

EE---DC01---Network.jpg

EE---set-on-DC01.txt

This is a newly-setup MS Windows 2012 R2 AD Domain. There are 2 DCs, both W2K12 R2. However, found that one of the DC and few other W2K12 R2 member servers (all are VMs) was assigned with "guest or public network" profile, instead of Domain network. On the network and connection center, it was shown with "unidentified network". Even logging on with a domain user (or admin), this seems like a local user account profile. for example, a domain user account logged on affected DC was given the user path of "c:\users\administrator folder. While the correct ones should be "c:\users\administrator.TS" folder (TS is the domain name). Btw, what's went wrong? What should I do to get them back to the right track? 

I heard that may have to delay-start the NLA service? is that true?

Appreciate for your help, many thanks.

Why domain-joined server was assigned with &quot;guest or public network&quot; profile?

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.

Networking

Windows Server 2012 is the server version of Windows 8 and the successor to Windows Server 2008 R2. Windows Server 2012 is the first version of Windows Server to have no support for Itanium-based computers since Windows NT 4.0. Windows Server 2012, now in its second release (Windows Server 2012 Release 2) includes Foundation, Essentials, Standard and Datacenter, and does not support IA-32 or IA-64 processors.

Why domain-joined server was assigned with &quot;guest or public network&quot; profile?

Why domain-joined server was assigned with "guest or public network" profile?