Author Topic: Blocking domain controller?  (Read 2504 times)

0 Members and 1 Guest are viewing this topic.

Offline Visseroth

  • Newbie
  • *
  • Posts: 11
Blocking domain controller?
« on: March 31, 2017, 12:54:10 AM »
So I just swapped out a domain controller, rejoined machines to the domain but following re-joining, randomly Avast starts blocking connections from the workstations to the domain controller which also contains the shares.
It seems to be the firewall blocking the connections as when we disabled the firewall things seemed to get better but I am not seeing a way to add a exception for the local network via the web manager and I don't see in the interface the logs where it tells why it's blocking connections.
I looked through the text logs, some accessible, some not and I didn't see anything in there either that says why the connections to the domain controller are being blocked.
Any help would be appreciated.

Offline SMPlante

  • Jr. Member
  • **
  • Posts: 90
  • Avast! newbie
    • Les Services Michel Plante
Re: Blocking domain controller?
« Reply #1 on: April 03, 2017, 04:06:51 AM »
Hi Visseroth,

You can find Avast Network Shield Statistic in "Security Tab ; Icon "Network Sheild"


I think you will find what you are looking for in there:


If you moved your machine from an AD (Active Directory) to a new one, you probably have old GPO still in the Workstation.
You need to load the new GPO, from AD, when the machine is connected to the good network (Admin CMD dos command : gpupdate /force
Make sure your machine Network connexion is showing the same name then your AD DNS system.



« Last Edit: April 03, 2017, 04:14:06 AM by SMPlante »

Offline Visseroth

  • Newbie
  • *
  • Posts: 11
Re: Blocking domain controller?
« Reply #2 on: April 07, 2017, 12:30:01 AM »
Thank you  ;D

Any idea how I can set new rules via the web management for the firewall?

Offline SMPlante

  • Jr. Member
  • **
  • Posts: 90
  • Avast! newbie
    • Les Services Michel Plante
Re: Blocking domain controller?
« Reply #3 on: April 08, 2017, 04:31:35 AM »
Are we talking about "New rules" for Avast or Active Directory GPO ?

Two Completly different things / tasks ...

If I'm refering to your original text (request), you say that you moved some PC from a AD Domain to a new one.

As an IT consultant, every time I do that on a PC with Windows's Operating System, I clean lot of things, before joining the new AD Domain.

Otherwise, you will end up with many problems.

Here a summary of the task I do:
  • Activate and give a new password (one I will remember for step 3 & 7) to the Local Administrator account
  • Quit the AD Domain and just put the PC on his own Workgroup
  • Restart the PC and log using the Local Administrator account
  • Rename all OLD AD Domain users folder
  • Delete all Local Adminitrators Group user entry that was related with the Old AD Domain (S1xxxxxxx account)
  • Delete all ProfileList Registry Key related with Old AD Domain
  • Restart the PC and log again using the Local Administrator account
  • Join the new domain and make sure you add the administrator, from the new AD Domain in the local (PC) Administrator group
  • Restart the PC and Log as the New AD Domain administrator
  • At this point, if you still see the Old share (from the old AD Domain) just disconnect them
  • Log Off and Log In again
  • If your AD Domain GPO are correctly set (for folder share) you should see them and have normal access

I have applyied these steps to many Windows PC, I have moved from a domain to a new one, and I never had any problem related with avast not allowing me to access the share drive after the AD Domain change.

Hope it will help you
« Last Edit: April 08, 2017, 04:35:31 AM by SMPlante »