Why won't Windows XP firewall use domain settings on boot?

windows windows-xp windows-firewall

Although my XP workstations are connected to the domain, after booting firewall.cpl reports they're "using non-domain settings".

Official literature tells me it's an issue with the DNS suffix of its connection not matching the DNS name on the last group policy update, however this doesn't seem right as applying gpupdate /force correctly fixes it to "using domain settings".

How can I get the firewall to correctly detect it's on a domain upon boot?


I found the answer after scouring the net and thought to post my question and answer here to help others. Dave Nickason wrote:

On any workstation where the firewall is showing as using the non-domain settings, go into Services and set the Network Location Awareness service to start automatically, and then restart the workstation or do gpupdate /force. Setting NLA to automatic startup should fix it permanently. The issue is that with NLA set to manual, it starts too slowly to get the firewall to use the correct (domain) settings.

As far as I know, MS never documented this, but you'll notice that NLA is set to automatic by default in Vista.

Thanks Dave!

Related

Find out if an Apache module can be disabled from website usage
Do Microsoft Windows OS file versions contain ALL earlier hotfixes?
Using Y split cables to connect two servers to a single PDU receptacle
Non-deterministic behavior of `sudo`
Determine availability zone of AWS IP address
error while installing the libmemcached
Hide path to backend with Nginx
Creating a private network for two VMs
text compression in postfix
sftp vs ftps, securing SSH and virtual users vsftpd
Setting passenger with Apache virtual hosts?
Disabling Specific Options in Outlook 2010 through Group Policy?