Windows OS Hub
  • Windows
    • Windows 11
    • Windows 10
    • Windows Server 2025
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
  • Microsoft
    • Active Directory (AD DS)
    • Group Policies (GPOs)
    • Exchange Server
    • Azure and Microsoft 365
    • Microsoft Office
  • Virtualization
    • VMware
    • Hyper-V
    • Proxmox
  • PowerShell
  • Linux
  • Home
  • About

Windows OS Hub

  • Windows
    • Windows 11
    • Windows 10
    • Windows Server 2025
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
  • Microsoft
    • Active Directory (AD DS)
    • Group Policies (GPOs)
    • Exchange Server
    • Azure and Microsoft 365
    • Microsoft Office
  • Virtualization
    • VMware
    • Hyper-V
    • Proxmox
  • PowerShell
  • Linux

 Windows OS Hub / Windows Server 2025 / Wrong Network Profile on Windows Server after Reboot

October 9, 2025

Wrong Network Profile on Windows Server after Reboot

On domain controllers running Windows Server 2025, an issue occurs where the server incorrectly identifies the network as Public instead of Domain after a reboot. If some of your Windows Defender Firewall rules are applied to a network profile (location), it may cause issues with the server’s network availability.

Domain network Profile not detected on Windows Server after restart

The issue of the network type changing to the incorrect one after a restart is an old bug that has been encountered in domain controllers and member servers running Windows Server versions 2019 and 2022. Restarting the Network Location Awareness service (NlaSvc) was enough to automatically switch back to the Domain network profile in these versions of Windows Server. It is also possible to configure the startup delay for the NlaSvc service or implement a registry option that changes the behavior of the NLA service when it attempts to re-establish the domain connection.

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters" -Name "AlwaysExpectDomainController" -Value 1 -Type DWORD

However, Network Location Awareness is disabled by default in Windows Server 2025.

Network Location Awareness service is disabled

To ensure that a Windows Server 2025 host correctly detects the network type, simply re-enable the network adapter after the computer reboots. If you have access to the server console (iLO or equivalent), you can disable and re-enable the network adapter via the ‘Network Connections’ control panel (ncpa.cpl).

Disable and then Enable network adapter via ncpa.cpl

If you only have RDP or PowerShell Remoting access to the DC, it’s possible to restart the network adapters using the PowerShell command:

Get-NetAdapter -Physical | Where-Object { $_.Status -eq "Up" } | Restart-NetAdapter

After this, the network will be correctly identified as a domain network (DomainAuthenticated).

Get-NetConnectionProfile

Change profile from Public to DomainAuthenticated

The issue with resetting the network type on Windows Server domain controllers is related to the DNS server settings. If the server uses itself as the DNS server, it may not respond quickly enough to DNS queries during startup (before the DNS server service is fully initialized) to determine the correct network status. That is why the secure Public profile will be assigned as the network type.

Therefore, ensure that the secondary DNS on the domain controllers points to the addresses of the other domain controllers, and avoid rebooting them all at once by spacing out scheduled reboots.

Alternatively, you can create a workaround using a simple PowerShell script in the Task Scheduler. It should wait for the DNS service to start and then restart the network adapter (run the task as SYSTEM):

Program/script: powershell.exe
Add arguments (optional): -ExecutionPolicy Bypass -NonInteractive -WindowStyle Hidden -command "do {$status = (Get-Service dns)} until ($status.Status -eq 'Running'); Get-NetAdapter -Physical | Restart-NetAdapter"

PowerShell script to Restart-NetAdapter on Windows Server after reboot

In order to apply this script to all DCs, you can deploy a scheduler task to the Domain Controllers OU via GPO.

1 comment
0
Facebook Twitter Google + Pinterest
Windows Server 2025
previous post
How to Get Windows 10 Extended Security Updates After End-Of-Life
next post
Converting Windows 10 to Enterprise LTSC Without Losing Data

Related Reading

Find a Process Causing High Disk Usage on...

July 16, 2025

Cannot Install Network Adapter Drivers on Windows Server

May 6, 2025

Configuring Windows Protected Print Mode (WPP)

May 28, 2025

Fix: Microsoft Defender Not Updating Automatically in Windows

July 15, 2025

Proxmox: Share a Host Directory with VMs via...

August 21, 2025

Blocking NTLM Connections on Windows 11 and Windows...

October 6, 2025

WMIC Command Not Found on Windows

May 19, 2025

Unable to Map Drive: An extended error has...

May 13, 2025

1 comment

admin October 1, 2025 - 4:35 am

⚙️ If you are using Windows Server hosts in a domain network, you may experience an issue where the network profile type switches from ‘Domain’ to ‘Private’ after rebooting. This can cause problems with server or service availability if custom domain-based firewall rules are applied to a host and the network type has been reset to the wrong one

⚠️ The root cause is typically that, during boot, the host does not receive a timely response from the DNS server configured on its network adapter. This is particularly common on domain controllers, where the preferred DNS server is usually set to either the controller’s own IP address or the loopback address (127.0.0.1).

👉 Best practice: on a DC, configure another DC as the Preferred DNS server, and set the local DC as the Alternate DNS. Also, avoid rebooting all DCs at the same time 😊.

Alternatively, there are some workarounds:

🔹 In Windows Server 2016/2019/2022, the issue could be mitigated by configuring a delayed start for the NlaSvc (Network Location Awareness) service so that it starts after DNS.
🔹 In Windows Server 2025, NlaSvc is disabled by default, so a workaround is to add a PowerShell script to startup that waits for the DNS service to run and then restarts the network adapter:

Reply

Leave a Comment Cancel Reply

join us telegram channel https://t.me/woshub
Join WindowsHub Telegram channel to get the latest updates!

Recent Posts

  • How to Find a Previous Computer Name in Windows

    October 28, 2025
  • How to Delete a Windows Service via CMD or PowerShell

    October 16, 2025
  • Resource Fair Sharing in Windows Server Remote Desktop Services (RDS)

    October 6, 2025
  • How to Disable (Enable) Credential Guard in Windows 11

    October 6, 2025
  • Wrong Network Profile on Windows Server after Reboot

    September 30, 2025
  • How to Get Windows 10 Extended Security Updates After End-Of-Life

    September 24, 2025
  • Blocking NTLM Connections on Windows 11 and Windows Server 2025

    September 23, 2025
  • Windows Stucks at ‘Getting Windows Ready, Don’t Turn Off Computer’

    September 15, 2025
  • Clean Up ETL Log Files in ProgramData

    September 9, 2025
  • Fix: Slow Startup of PowerShell Console and Scripts

    September 3, 2025

Follow us

  • Facebook
  • Twitter
  • Telegram
Popular Posts
  • Proxmox: Share a Host Directory with VMs via VirtioFS
  • Resource Fair Sharing in Windows Server Remote Desktop Services (RDS)
  • Create a Windows Server VM on Proxmox (Step-by-Step)
  • Fix: Microsoft Defender Not Updating Automatically in Windows
  • Find a Process Causing High Disk Usage on Windows
  • Configure Windows to Auto Restart/Shutdown with Task Scheduler
  • How to Manually Install Any Driver on a Windows Computer
Footer Logo

@2014 - 2024 - Windows OS Hub. All about operating systems for sysadmins


Back To Top