Before joining a Windows Server to a domain, you might’ve had to request firewall rules from the network team to be opened up. The network requirements can be pretty complex, and the requirements will vary depending on your environment.

This post is to note a few checks to carry out after joining to a domain, particularly within a new environment.

# GPResult / GPUpdate.
# Nltest.
# Windows Event Viewer.

---

GPUpdate / GPResult

Using gpupdate, update and ensure the Computer and User Policies update successfully.

We can then have a look at those policies using the /v param.

---

Nltest

Nltest.exe allows you to perform network administrative tasks, which includes the ability to query/test the status of domain controllers & trust relationships. Here’s a few examples;

/dclist lists all the domain controllers in the domain.

/dsgetdc queries DNS and returns a list of domain controllers (with IPs).

/dsgetsite returns the site name of the domain controller.

/sc_query reports the state of the secure channel for when it was last used.

---

Windows Event Viewer

Not all events require investigation… The idea is to try understand what the Warning or Error message means and then go from there.

---