Avatar of jmchristy
 asked on

RD Gateway 2016 NPS issue no domain controller available

I'm trying to roll-out a new RD Gateway server and I have been unable to do so because my NETBIOS name contains a period.  My DNS domain name is CORP.DOMAIN.COM and my NETBIOS name is DOMAIN.COM.

When I try to connect, I receive Event ID 4402 with the message "There is no domain controller available for domain DOMAIN.COM"

I have tried what some have said worked for them by adding a registry key but this does not work.  I also created a forward lookup zone named DOMAIN.COM and the Domain Controllers are listed there.

Type:  REG SZ  
Name:  Default Domain

Short of renaming my domain with a NETBIOS that does not contain a period, what other options are there?  This seems like there's got to be a way to make NPS locate the domain.
Remote AccessDNSActive DirectoryVPNNetwork Architecture

Avatar of undefined
Last Comment

8/22/2022 - Mon

Hello, this is a known issue, so there are not a lot option.

But possibly you already have seen it. 

Thanks for the quick response!  This seems crazy to me that there is not an easier solution other than renaming your domain to resolving a configuration issue with NETBIOS from 20 years ago.

Is this just a case where Microsoft can issue a patch or hotfix to this?

Are there any other solutions or 3rd party plugins to allow connecting via RD Gateway with a username/password?  Similar to Duo App?
Hypercat (Deb)

Users should also be able to connect using their email address rather than domain\username.  Not sure if there are any specific problems with NPS though when using this logon method.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy

I have tried mailto:account@domain.com vs. domain.com\account and it behaves the same.

At least what Microsoft wrote is, that the change was with WIN 2008 to 2008 R2 to make NPS able to work with FQDN. And this pushes now NPS to interpret your Netbios domain as a FQDN.
So a possible work arounf would be (not a solution) to use a Win 2008 server, which is out of support.
As special characters inside NetBIOS names have a very long history for errors (NPS is just one of them), I would expect that the topic is just not in the focus anymore as most of the company decided in the meanwhile to correct their NetBios names. So there it not really a big motivation for MS to fix this. And at the end, you never can make sure, that you will not run into the next issue, earlier or later. 

Unfortunately for me, I inherited a network with the NETBIOS name with a period.  I also did not come across this issue until trying to remove my old WIN2008 server running the NPS service.  To explain to executive leadership the reason why this massive network change must occur all because of a period, is tough to relay.

Maybe I'll open a ticket with Microsoft and ask them to provide a hotfix/patch for this.

Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.

View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.

While this did not solve my problem, it gave me guidance on which direction I should head.  I'll need to rename by Netbios or standup a new domain with a Netbios name without a period.