Hello, since some time now I investigate a strange thing happening on our network. Windows Firewall, which is configured from GPO is not detecting that the computer is on the domain and therefore it uses the standard profile instead of domain profile. The problem in most cases occurs on machine startup and it goes away when the computer updates the GPO policy. It is interesting that at the time the error happens, the computer recieves and uses the correct connection-specific DNS suffix, but the registry key HKLM\SOFTWARE\Microsoft\Windows\Group Policy\Current Version\History\Network Name is empty!? What expains why the WF is using the standard profile, but it does not explain what leads to this behaviour, why is this empty???? The computers are allways connected to the domain, they are never disconnected from it or used on an other domain. The userenv.log yields following error: ProcessGPOs: GetNetworkName failed with 10013. I believe this is the real problem here, this error no. 10013. But what is causing it? I have googled a LOT, but didn't find out anything useful for my situation. I have written a small script, which connects to socket on our DC and tries to send a lot of DNS requests, I have benchmarked the DC server, analysed it's performance during critical times (at computer startups and shutdowns), but I didn't find nothing useful. I have also disabled built-in windows feature: raw security (Setting HKLM\SYSTEM\CurrentControlSet\Services\Afd\Parameters\DisableRawSecurity to 1). I also could not repeat the error by myself, it just occours on some computers on the network, when they are started. I also audited the mentioned registry key (Network Name) and found out that winlogon.exe changes it on user logon, which makes perfectly sense, but does not lead to any error resolution. Please help me to resolve this ...

Interesting thing I noticed. One of the users has coLinux installed on his machine. This application creates a virtual ethernet card. And this card is having its connection-specific DNS suffix blank .... Colud this be the problem for wrong network determination and subsequently wrong profile usage? How must be 2 ethernet cards configured in XP if you want them to use in parallel for Windows Firewall to work? Or expressed differently: how does 2 in parallel working ethernet cards influence the network determination algorithm of Windows Firewall?

On further research I have found out the user with the 10013 problem used a sandbox application. When we uninstalled it, the problem went away. But unfortunately the moment of victory did not last long. For the first time since I was investigating this the problem suddenly occured on many other machines?!

I have enabled "Always wait for the Network" in GPO and the situation was fine for a week or something. During this time I did not notice any 10013 errors on client computers. But now the error suddenly appeared again. What else could cause it? Any ideas?

Hi, did you ever figure this out? I'm seeing the same problem and would love to hear what you discovered!...Thanks!

Same problem, someone find how to have the right profile ?

Facing a similar problem with custom GINA. Does any body have any inputs ?

Setting the Network Location Awareness (NLA) service to Startup Type 'Automatic' (the default is Manual) has resolved the problem

I am also having this problem, but the NLA service is already Automatic. No Joy.