New
#1
Workstations not identifying domain upon restart
Good morning, I hope everyone is well today, because I'm thoroughly stumped. Here's the situation.
At my company, we have a remote office with 3 workstation inside of it. I'll call the workstations PC1, PC2, and PC3. This office has a direct connection with our main network, so it's not running a VPN or anything, it's effectively in the office like everything else. We run some specialized software on these computers; it's setup that the main database (via SQL) is on PC1, with PC2 and PC3 dumping their data to PC1, and PC1 sends it on to the main SQL cluster in our data center. Therefore, if PC1 goes down, PC2 and PC3 are useless because they lose their connection to the database. I don't know why it's setup this way, but the DBA assures me it needs to be for what we're doing, so I don't wish to debate that. A problem that's cropped up over the last few months is as follows. PC1 will not identify the network its on as the domain; it will remain an 'Unidentified Network'. It's still on the domain, it can access servers, and everything, but when attached to an 'Unidentified Network', Windows applies a 'Public' network profile (as opposed to a 'Domain' profile). Our machine policy is set so that when on a 'Public' network, the Windows Defender firewall is up and denying connections, therefore, PC2 and PC3 cannot communicate with it. If I bring down the Defender Firewall, they connect right back up, but when computer policy applies in a few hours, it comes right back up. Additionally, if I reset the network adapter or uninstall and reinstall the drivers, tweak IP settings, do ANYTHING that causes the machine to cycle its network hardware, it instantly identifies the network as a Domain and all is well...until the computer restarts. You can imagine this is a problem when you're patching monthly and they need to reboot.
I'm already looking into having that policy disinherited from the OU that these computer objects are in, but I'm not optimistic that they will allow this and that's a band-aid at best. I'm more curious if anyone has any ideas to force that network to identify properly without having to reset the network adapter each time. I'll mention that PC2 is also doing this, but PC3 is not. PC3 identifies the network properly. My network engineers tell me they don't see anything in the switch that is aberrant.
I've removed and rejoined them to the domain, I've updated their drivers, and adjusted various DNS settings in the registry. All machines are running Windows 20H2 and are patched as of January; I pulled them out of WSUS patching until I can get this fixed, because I don't have time to make trips out there all the time. This was happening in Version 1909 as well, the patching didn't fix it or cause it.