Been struggling to find information out about this so I was wondering if anyone has come across it.
My understanding is the public firewall is always first one to activate. If windows can detect its on the domain is a part of it will activate the domain profile.
However, I have had to set public profile: block all outgoing connections.
This stops it going into domain profile mode.
I can't find a list of all the specific exception rules I need to add to the public profile in order to allow the right traffic out so it will go into domain profile.
i.e. I don't just want to allow all traffic going to xx IPs. I would rather do process on xx port going to xx IP