Network Connection on Domain changes to Public and adds a 2 at the end (exampledomain.local 2)
Hello. We have been having this problem for about 3 weeks now on about 20 machines. Random Windows 7 machines when on the domain, change their active network to a "Public Network" and for the name, adds a 2 at the end. When this happens, they cant get to any internal network resources obviously. The only way we can fix it is be removing the machine from the domain and readding it a different names. We found patch KB2524478 http://support.microsoft.com/kb/2524478 but still have the same issue. Internet access does work and pinging internal resources by IP does work. All DHCP information it gets is correct. This is happening in multiple sites. I have done the following: Ran all MS updatesHard set IPUpdated all driversReset TCP/IP: netsh int ip reset c:\resetlog.txtReset WINSOCK entries to installation defaults: netsh winsock reset catalogReset IPv4 TCP/IP stack to installation defaults: netsh int ipv4 reset reset.logReset IPv6 TCP/IP stack to installation defaults: netsh int ipv6 reset reset.logReboot the machine Does anyone have any ideas? Example machine: *Windows 7 X64 with SP1 and all updates applied 
March 21st, 2012 1:43pm

Hi, The issue seems to be a Secure Channel Broken when the client fails to connect to the Domain to perform some pivotal transactions such as the machine password change. After that the previous exampledomain.local is regarded as a non-existing domain and the the network becomes a "Public" non-domain connection with the Internet access. Per my knowledge, whether the network is "Domain" or not is controlled via the "Network Location Awareness" Service and it is not able to manually force it to be "Domain". What error message is displayed when accessing the internal resources? Cannot find the host, an user credential prompt or it just hangs? On the other hand, if the Secure Channel is not the cause, I would like to provide you with a troubleshooting test that we set the Windows Firewall off since the rules of the Public profile is somewhat stricter than that of the Domain profile. To disable the Windows Firewall rules of all the profiles, use the command "netsh advfirewall set allprofiles state off". Best regards, Steven Xiao Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
March 23rd, 2012 4:49am

Hi, Does my suggestion make sense to the issue in your environment? Please feel free to let me know if there is any update regarding the problem. Best regards, Steven XiaoPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
March 26th, 2012 11:30am

Hi, if it is possible i would like to participate in this case, since we have the same problem on some very small amount of machines. So at the moment i have no machine to test with, but the next one i discover i could provide for @Steven: Maybe you could provide testings steps now so we can test by ourselfs, the next time this happens. greetings from germany Paddy
Free Windows Admin Tool Kit Click here and download it now
March 27th, 2012 10:32am

Hi Paddy, Once the same issue recurs, you can gather an MPS Report which generate basic system information on the problematic machine, and then have a look at the netdiag.txt to see if there is any "Secure Channel Test" related error reported. To do this: a. Download the MPS report tool from the link below. http://www.microsoft.com/downloads/en/details.aspx?displaylang=en&FamilyID=cebf3c7c-7ca5-408f-88b7-f9c79b7306c0 b. Run it as administrator and select the options below: General Internet and networking Business networks Server components c. Check the servernam_netdiag.txt under the results\Internet and Networking subfolder. The MPS Reporting Tool is utilized to gather detailed information regarding a systems current configuration. The reporting tool DOES NOT make any registry changes or modifications to the operating system. System Requirements Supported Operating Systems: Windows 7; Windows Server 2003; Windows Server 2003 x64 editions; Windows Server 2008; Windows Server 2008 R2; Windows Vista; Windows XP; Windows XP 64-bit Requires Microsoft .NET Framework 2.0 or higher Requires Microsoft Core XML Services (MSXML) 6.0 Requires Windows Installer 3.1 Microsoft Product Support Reports requires Windows Powershell 1.0 or higher Best regards, Steven Xiao Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
March 28th, 2012 3:16am

Oddly, this hasnt reoccurred again since this post. This was mostly happening during a windows 7 rollout/laptop refresh. I do know that all the sites that we saw this problem at so far have had windows 2008 R2 DC/DNS/DHCP servers. The rollouts to sites with 2003 DC/DNS/DHCP servers appear to not have had the problem. That being said, as I stated, it hasnt re-occurred but if/when it does, I will post back the information requested. Thanks
Free Windows Admin Tool Kit Click here and download it now
March 28th, 2012 11:36am

Hi Steven, i just got one machine which had the same error and executet the MPS Tools. In the NetDiag logfile i found this section Trust relationship test. . . . . . : Failed Test to ensure DomainSid of domain 'DomainName' is correct. [FATAL] Secure channel to domain 'DomainName' is broken. [ERROR_ACCESS_DENIED] Is this the issue you thought off? How can i go on in investigating? thx for your reply c ya Paddy
April 30th, 2012 10:27am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics