After setting up a virtual domain environment on only one physical Server I encountered the following situation: My Domain Controller's NIC was listed as an "Unidentified Network" instead of a "Domain Network" as it should be.
The downside of an "Unidentified Network" is a resulting quite restrictive firewall profile.
The configuration is as follows:
Server 1: Hyper-V, host of several VMs and Domain Controller
Server 2: VM of Server 1 and TMG-Firewall (Gateway of Server1)
The problem in that configuration is a deadlock-situation. "Domain Network" is only assigned if the gateway which is Server 2 is reachable during the boot process. Since it is not, because the Hyper-V Host yet needs to load the gateway-VM, the network is being marked as an "Unidentified Network".
After some research on the topic I found out that you can manually change the network-type to "Work" or "Home" or "Public" but you can not set it to "Domain Network" at will. The only way I could achieve this was either by plugging out and in the cable or by deactivating and reactivating the NIC (within ncpa.cpl).
The workaround was to automatically de- and reactivate the NIC using the netsh command. To automatically do it on start up just create a batch file like this:
netsh interface set interface "LAN 1" disabled
netsh interface set interface "LAN 1" enabled
Make sure that you replace "LAN 1" with the name of your NIC and run the batch file as Administrator or another user with sufficient rights.
Then just hook it up to the task scheduler about 15 minutes after start up.
Popular Posts
Jun 7, 2011
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment