It would use public if there was no gateway defined on the "NIC" that holds the address. If you are able to and haven't already washed your hands of it, what happens if you reboot the server with the desired IP and the Windows FW turned off?
If it's choosing the public profile and you only have FW rules defined for the domain profile, it might be cutting off communications. If you have FW logging enabled for drops you should see those in the pfirewall.log file. From: Mayo, Bill [mailto:[email protected]] Sent: Monday, June 04, 2012 5:53 AM To: NT System Admin Issues Subject: RE: Windows 2008 won't forget IP When I am using any other IP, it is properly selecting "domain" profile. When this profile is on, everything is allowed (firewall is wide open). When using the problematic IP, it does not communicate with the domain at all, and I assume in that case it is using the "public" profile. From: Miller Bonnie L. [mailto:[email protected]] Sent: Friday, June 01, 2012 5:03 PM To: NT System Admin Issues Subject: RE: Windows 2008 won't forget IP NLA is referring to "Network Location Awareness". Do you have the Windows Firewall enabled, and if so, is it selecting the appropriate profile (domain vs private vs public)? I *think* that might be the domain profile (which should be correct), and it might be due to some FW rules you have in place. From: Mayo, Bill [mailto:[email protected]] Sent: Friday, June 01, 2012 1:28 PM To: NT System Admin Issues Subject: RE: Windows 2008 won't forget IP No dupe on the other system. It seems to be OK with it up until a reboot, where it has the issue. All the event log errors I see are related to services, et al not being able to talk to the network. When on a different IP, the only place it shows up in the registry is: HKLM\SOFTWARE\Microsoft\windows NT\CurrentVersion\NetworkList\Nla\Cache\IntranetAuth\1.1.x.x.x.x - where x.x.x.x represent the IP in question. The values here are "Failures" and "Successes". I did actually try wiping it out before to no avail (interestingly, it came back). The only thing I would know to do like that is kill the adapter and re-add it (what I did in the first place), which is what someone else suggested. I am able to workaround the issue by simply using a different IP, and I am OK doing that in this instance. It is worth noting that I did the same process with a nearly identical server and had no issue. I think I must have done something in a funky order the first time that caused the problem. From: Miller Bonnie L. [mailto:[email protected]] Sent: Friday, June 01, 2012 4:10 PM To: NT System Admin Issues Subject: RE: Windows 2008 won't forget IP Hm... and you're sure there isn't a dupe out there on another system? Very odd that it would go to an APIPA address, but that should show up in the event logs if it thinks it has a conflict. While you have it on a different IP, if you search via regedit for the desired IP, do you find it anywhere? I'm not familiar with VMWare, but if it were in Hyper-V, I'd maybe try to recreate the machine configuration after that, reattaching the vhds. Is something like that an option? From: Mayo, Bill [mailto:[email protected]] Sent: Friday, June 01, 2012 12:09 PM To: NT System Admin Issues Subject: RE: Windows 2008 won't forget IP That is the process I followed (shorthanded in my explanation). There is no NIC showing other than the current one. From: Miller Bonnie L. [mailto:[email protected]] Sent: Friday, June 01, 2012 2:32 PM To: NT System Admin Issues Subject: RE: Windows 2008 won't forget IP Run cmd as administrator set devmgr_show_nonpresent_devices=1 devmgmt.msc When device manager launches toggle it to show hidden devices again. Look for NICs that don't belong and remove them. Reboot From: Mayo, Bill [mailto:[email protected]] Sent: Friday, June 01, 2012 11:22 AM To: NT System Admin Issues Subject: Windows 2008 won't forget IP I wanted to upgrade the NIC on a vSphere based virtual server, so I powered down and removed the existing NIC and added a new one. The IP was statically assigned. After rebooting, I got rid of the old NIC (show hidden devices in Device Manager, uninstall), and I set the IP of the new NIC to match that of the old and reboot. After doing so, can't log into domain anymore and figure out IP is not responding. After much troubleshooting, I am able to get the machine working by changing the IP to something else via netsh (network control panel hangs). That's all working OK, reboot a couple of times, and confirm the old NIC is not a phantom. Change the IP back to the desired one again, and am able to ping it. Reboot, and same problem again (can't login to domain-based account, no response from IP). When I do an IPCONFIG, it shows a self-assigned address (169...). When I do a NETSH INTERFACE IP SHOW CONFIG, it shows my desired IP address (although it is not responding). I try to use netsh to change it to that address again and it rejects it (indicating it already exists). I assume the address is hung somewhere, but I can't find any sign of it in the registry or anywhere else. I also tried "netsh int ip reset" and "netsh winsock reset" (found while googling) to no avail. Basically, if I try to make this machine use the old/desired IP address, it will not work. Any other IP (that I have tested) works fine. It will work with the old IP until a reboot. Any clue what I might do to make this Windows 2008 R2 Server forget this old IP? Thanks, Bill Mayo ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
