question

JonathanBell-6724 avatar image
0 Votes"
JonathanBell-6724 asked JonathanBell-6724 action

Netbios name has a period and using NPS servers for 802.1x

Hello,

I have an Active Directory Domain called company.local, however, the NetBIOS name is company.uk. The domain consists of x2 Windows Server 2008 R2 domain controllers and x2 Windows Server 2008 R2 NPS servers which service connections for our radius clients for 802.1x.

I want to upgrade the entire environment to Windows Server 2019, however, the issue I am experiencing is that when I introduce a Windows Server 2019 NPS server and point the RADIUS clients to it no one can authenticate and within the event viewer of the NPS server is it saying that it cannot find the domain company.uk, which is the NetBIOS name.

I doubt there is an easy way to rename the NetBIOS name in the environment, so I was wondering if there is a work around or does it mean we need to create an entirely new domain without a period in the NetBIOS name?



windows-active-directorywindows-server-2019
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered

Please post the event log error with source and ID

Also note: The two prerequisites to introducing the first 2019 domain controller are that domain functional level needs to be 2008 or higher and older sysvol FRS replication needs to have been migrated to DFSR
https://techcommunity.microsoft.com/t5/Storage-at-Microsoft/Streamlined-Migration-of-FRS-to-DFSR-SYSVOL/ba-p/425405



5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JonathanBell-6724 avatar image
0 Votes"
JonathanBell-6724 answered

Hi,

Yep understand that I need to raise the functional level above 2008, which it currently is, also I understand that I need to migrate over to DFSR for sysvol. The issue still remains on how to get a workaround for having a period in the NetBIOS name. That is my main query because it's not allowing authentication on NPS servers.

So far everywhere I've looked is reporting that I need to build an entirely new domain, which will be a massive job because there is over 200+ servers and Exchange in a Hybrid, so I would like to try and avoid migrating to an entirely new domain if possible.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered

Sounds good, I'd suggest starting a case here with product support.
https://support.serviceshub.microsoft.com/supportforbusiness


--please don't forget to Accept as answer if the reply is helpful--


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JonathanBell-6724 avatar image
0 Votes"
JonathanBell-6724 answered

Hi,

Thanks, I will raise a case with Microsoft, the difficultly I'm having is that the OS is no longer supported, unfortunately, this is a client that hasn't done anything with their environment for a very long time so trying to get them upgraded. I am guessing that Microsoft support will most likely tell me to go away because the product is no longer supported.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered

am guessing that Microsoft support will most likely tell me to go away

Highly unlikely

--please don't forget to Accept as answer if the reply is helpful--




5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

CandyLuo-MSFT avatar image
0 Votes"
CandyLuo-MSFT answered

Hi,

Based on my understanding, you issue is that NPS is treating the dotted NetBIOS name as a FQDN and it results in NPS doing a dns lookup on the company.uk name. This fails because this is NetBIOS name and DNS does not host a zone.

I doubt there is an easy way to rename the NetBIOS name in the environment, so I was wondering if there is a work around or does it mean we need to create an entirely new domain without a period in the NetBIOS name?

It's not recommended to use dotted NetBIOS Domain name. In your case, just as you said, you have to create a new domain without a period in the NetBIOS name.

Best Regards,
Candy


If the Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.