This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 17%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESH%3C/text%3E%3C/svg%3E)
I have a windows 2019 domain controller
Some machines are losing connection to the domain. Others not. When I look at the DNS server entries (ipconfig /all) in those machines which are losing connection a misformed guid is shown fd00::de39:6fff:fe60:f64a first, followed by the domain controller (192.168.1.3) and then another misformed guid entry as above.
On those machines that are OK these are not shown. How do I ansure the domain controller DNS is shown first and the others deleted?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 80%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETB%3C/text%3E%3C/svg%3E)
Hi,
If you want keep IPv6 enabled on your machines , you can prioritise IPv4 over IPv6 through registry key :
You can use Group Policy Preference to deploy this registry key:
A reboot is required .
Please don't forget to mark helpful answer as accepted
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 68%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELT%3C/text%3E%3C/svg%3E)
Hello there,
The first thing you should look for and this is usually the culprit is a duplicate IP address on the network. Usually you can spot these by simply looking on your DHCP server for "BAD_ADDRESS".
Is it possible that the server is simply overloaded at times?
When NLA starts to detect the network location, the machine will contact the domain controller via port 389. If this detection successful, it will get the domain firewall profile (allowing for correct ports) and we cannot change the network location profile.
If the domain was not found or process failed, NLA will let you to determine which firewall profile will be used, private or public.
So I'd check the domain controller and problem client have the static address of DC listed for DNS and no others such as router or public DNS
Similar discussion here https://social.technet.microsoft.com/Forums/windowsserver/en-US/3711b370-af03-4916-9356-096d68649d64/server-loses-connection-with-domain-dns-issue?forum=winserverNIS
Hope this resolves your Query !!
--If the reply is helpful, please Upvote and Accept it as an answer–
This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Comments have been turned off. Learn more