Boot slowdown after installing Active Directory

[Arkos Reed 0]

I have the following problem.

Right after installing Win2K server on our main server, I have installed the Active Directory services to set up the machine as a domain controller, this far nothing special. The problem is that after installing it, when booting the system apparently pauses when preparing the network connections (though some network activity is monitored on the network). Its paused for 5 minutes then continues to boot properly and everything works.

 

Knowing that this behavior does not occur normally (I have installed Win2K server on several other machines) I suspect a problem with the two NICs we have in this server, these are two Realtek 8029(AS) PCI cards. One is on the LAN, the other is linked to a DSL external modem.

 

Any clue about what may be the cause of this problem?

 

P.S : if I remove the Active Dir. services the machine boots normally

[VENUGOPAL 0]

friend same problem hunting me also.

Hope this may solve with help of our other

friends.

regards

vens

[OLEerror 0]

Disable the NIC connected to DSL and see what happens. If the boot time improves, AD is probably conflicting with your ISP. Quite a few ISPs won't provide support for Windows 2000 Server because of this type of problem.

[Arkos Reed 0]

The problem isn't with the ISP as the connection to it isn't even established at that time of the boot process. the connection is established manually and is done via a VPN tunnel

 

to quickly sum it up : the NIC (ip 10.0.0.10) is hooked via a direct RJ45 cable to a DSL modem (Alcatel ANT ADSL 1000 - ip 10.0.0.138) then a VPN tunnel using PPtP is established between the NIC and the Modem, nothing to do with AD.

[clutch 1]

Actually, OLEerror is on the right track with that comment. Some side effects of AD (herein referred to as A.D.D.- Active Directory Disorder ) cause a ton of traffic to fly across networks, including over routers and such to ISPs. In my case, I have to practice setting up the DHCP and DNS services for the upgrade exam to Win2K. There are many new and wonderful errors ***ociated with A.D.D., including DHCP anomalies where the server waits for authentication to service the local network. Since A.D. needs Win2K DDNS (which in turn loves DHCP), you can't get long delays in waiting for this authentication, only to have the DHCP service denied. In addition, I found numerous erros with the Win2K DNS system, which led me to narrow downt the important errors to 4, and then hit Technet to resolve them. Some of these problems (like A.D. claiming DDNS is disabled, when it may not be) have fixes that you can pay for or just wait until SP2 to get them. What I did to resolve most of the wait time, was lock down the router further by canning the bootp port and a few others in order to allow DHCP to work again. It did shave off about 2 min off the boot time, but SP2 should kill most of the issues (I hope). So, while A.D. may not be directly causing the problems, it is due to A.D. that you are having them. WinNT DNS didn't have these issues, so I am hoping the DDNS will get worked out.

 

------------------

Regards,

 

clutch

[Arkos Reed 0]

mmmmh, I see your point but the trouble is the DHCP service works perfectly for me wether A.D is on or not. Adresses are a.s.signed without problems, actually no error is reported in the event viewer.

Oh well, if you say SP2 will clear out those probs then lets just wait for it. (hehe, when? lets have a guess... March?)

 

[This message has been edited by Arkos Reed (edited 04 December 2000).]

[Arkos Reed 0]

err, little note to Philipp or SHS

Is there a way to disable this £%@!! censor option? every occurence of a.s.s in words of a sentence is systematically masked and it bugs me quite a lot.

[clutch 1]

Well, it will probably be a long wait for SP2. BTW, how is DNS doing? I know that with the base config, it had quite a few issues to the point where it wouldn't work. But it works quite well now, it's just a matter of tuning it to your needs. The NT4 WINS/DNS combo was "dynamic" enough (you could have WINS update the DNS with its own database thereby having the dynamic registration) and seemed to work well. I am not sure why this new version has to be so complicated.

 

Oh, and one other thing. If this server also acts as a DNS server, it *could* be looking for another box to replicate its database. If you have a decent packet sniffer, run it on another box and watch what happens with your AD server at boot up. A TON of traffic comes pouring out.

 

------------------

Regards,

 

clutch

 

[This message has been edited by clutch (edited 04 December 2000).]

[Arkos Reed 0]

Ok thanks, I'm gonna look into this tomorrow on the machine =)