Jump to content
Compatible Support Forums
sapiens74

Slow login to Domain

Recommended Posts

I have Server 2003 running on my DC and everytime I log into the domain from a workstation it takes forever to login,

 

 

Also have this problem when trying to access shared folders for the first time after a reboot or an idle period.

Share this post


Link to post

I can't find anything in the logs, expect for some issues with sharepoint, but don't think that is related

 

Anything I should be looking for?

Share this post


Link to post

As I can't post from work (thanks to our Colecovision-powered proxy) I was going to suggest checking for policy application. Also, is the machine using DHCP? If so, what NIC? There is a glitch in certain combinations of NIC hardware and drivers, where during boot Windows will get an IP, then shutdown the NIC, and restart it. However, due to the asynchronous nature of booting, the system will try to locate domain controllers and GPOs at the same time. A quick way to determine if the issue affects you is to check for policy application/domain controller connection problems during boot. Then, try gpupdate to reapply any policies. If that works, try using a static IP and rebooting. I have seen several machines with this issue, and the NICs have ranged from Broadcom to SiS, with the exception of Intel and 3Com. There is a way to "correct" this issue, but it involves disabling DHCPMediaSense in the registry.

Share this post


Link to post

To my knowledge its using a Realtek nic, one of those onboard nics

 

Ill try giving it a static IP, DHCP is not running on the DC but coming from my linksys router

 

I may also try DNS settings, It may be looking through the ISP DNS first, cause the settings are coming from my Router and not the DC

 

GOing to give it a try

Share this post


Link to post
Quote:

I may also try DNS settings, It may be looking through the ISP DNS first, cause the settings are coming from my Router and not the DC


Ack, that would do it. All of the member systems and peer DCs need to be resolving inside the domain. If the client looks for your DNS name via the allocation from the router (which is probably passing on what it gleened from the ISP's DHCP allocation) you're sunk. If you can, the ideal way would be to setup DHCP on the DC. If you can't, setup the allocated DNS entry in the router's DHCP config to that of the DC. In addition, do NOT provide any other DNS entry. This will keep the client from recursing on its own. Setup the forwarders in the DC's DNS Service config to point to the ISP's DNS servers. This way the DC can quickly resolve IPs for domains (zones) it isn't responsible for (rather than waiting for a query to be returned from root servers, which frequently times out or will simply never given a response).

Share this post


Link to post

Wicked! I had the same problem, bumped the DNS entry for my server ahead of my ISP's and PRESTO! Worked a treat!

 

Too bad this isn't better documented, can't believe microsoft wants u to call em! hope those that do don't have to PAY

 

Thanks for the tip

Share this post


Link to post
Quote:
Wicked! I had the same problem, bumped the DNS entry for my server ahead of my ISP's and PRESTO! Worked a treat!

Too bad this isn't better documented, can't believe microsoft wants u to call em! hope those that do don't have to PAY

Thanks for the tip


It is documented, but it's documented in areas that refer to initial setup. This is something that should be done on most (if not all) DNS setups. You want to have the DNS servers pointing to each in their respective IP settings, with forwarders pointing to parent domain DNS boxes (if applicable) or outside DNS servers.

For example, if you had parent.com and a child domain named child.parent.com, you would want the parent servers pointing to each other in their IP settings, with delegations for "child.parent.com" pointing to the child DNS servers, and forwarders pointing to outside DNS servers. In the child DNS servers, you would have them pointing to each other in their IP settings, with forwarders pointing to DNS servers in parent.com. This way, you completely control name resolution throughout both domains from the root (parent.com). All member servers, clients, and any other system that needs to resolve internal resources would have the corresponding DNS servers in their IP setting for their domain (member server in child.parent.com would have the DNS server IPs for the child domain in its IP settings, while an admin client in parent.com would have the DNS IPs for parent.com in its respective settings).
  • Like 1

Share this post


Link to post

I'm currently having this extended ridiculous wait time on client computer w/in my domain. I'm not an MCSE or anything, just a student managing some computers, and am clueless on how to go about this. It pretty much arose out of nothing and I see you are talking about DNS and DHCP. The server's IP is statically specified, and it is currently running as the DNS server for the domain. Can i get some instructions on how to go about getting this resolved? It sounds that it's an internal name resolution problem, which would also explain why clients on the network must 'Retry' 3-5 times before their Outlook clients will finally connect to the exchange server running on the same box. It's win2k Server with all updates.

 

Thanks for any help that can be offered.

 

Brandon

Share this post


Link to post

I should add i have literally hundreds of the following 'NetLogon' error in my System Event Log.

 

Code:
Registration of the DNS record '_ldap._tcp.pdc._msdcs.<removed for security>. 600 IN SRV 0 100 389 GSBSERV.<removed for security>.' failed with the following error: DNS server unable to interpret format.  

Share this post


Link to post

Well, I have windows 2000 sbs, and windows 2000 server... both at 2 different locations, and both work fine until you get to windows xp logging into the domain. I have the dhcp server set to deliver the server ip address as the first, and also have hard-coded the server ip as the first on several machines. "Applying personal settings" takes like 2 minutes still. Some machines are working fine, and an identical one 2 feet away takes forever. Clean-loaded machines do it, as do recently upgraded windows xp sp2 boxes. <- but there are a few that do work. I am unable to find any resolution anywhere.

 

Thanks in advance.

Tony

Share this post


Link to post

I am not sure about your sentence dealing with DHCP, but one issue is with the media sense functionality of XP. What can happen with certain NICs and drivers, is that during boot when running DHCP the NIC will get an address, and then when the OS needs to talk to the DC the NIC will turn off, and then back on. The client will then bomb and error out with a Group Policy processing failure (or a failure to contact a DC). Once booted and logged on, the client will behave normally.

 

http://support.microsoft.com/default.aspx?scid=kb;en-us;239924

 

 

Share this post


Link to post

I know this is an old thread but I have a similar problem. I have my server at the top of the DNS list though.

I don't believe that is my problem. Recently I changed/upgraded servers and the old pcs work just fine, but when I have a new computer join the domain, or I remove a PC and re-join the domain they connect very slow. (XP computers and server 2003)

 

Is there a way to get a Verbose login or a login log to see what is hanging it up? there are no errors on the server

I do get this error ocassionally

***

The DNS server was unable to complete directory service enumeration of zone cccs100. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.

***

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now

×