Newbie -- Slow login to Domain

[spelltwister]

Hey,

I've done some searching around the internet for ways to "fix" my domain login time. It takes roughly 5-10 mins to login if you haven't logged into that machine before, and 3 if you have.

I'm not really too savvy with all this domain controller stuff so I'm really in need of a very basic instruction on how to fix it.

Here's the setup:

Domain controller called NTSERVER running windows NT. This machine is the machine that has the DCS domain on it. This is where people currently log in to.

Domain controller called Magnum with the DCS2 domain on it. This is where we want people to log in to.

Machines has windows XP Pro SP2 on them and I have already tried to set the "Always wait for network ..." in the group policy and no increased speed.

I don't really understand the other stuff I've read about setting up DNS properly so it could be that lol.

Any help is very appreciated.

Thanks,

Mike

Online multiplayer strategy games huh? Try, 1483online.com where the games are FREE and the community drives enhancements to the game. ;-D

 

[pgaliardo]

I don't really understand the other stuff I've read about setting up DNS properly so it could be that lol.

That would be my first suggestion. You have to make sure DNS is configured properly. In short, one of your domain controllers is a DNS server. In the TCP/IP settings on the workstations, they should be using the IP Address of the DC as their primary DNS server. You should be using DHCP to assign these settings to your workstations.

 

[LWComputingMVP]

DNS! DNS! DNS!

Put simply, Windows workstations in an Active Directory Domain (which 2000 provides) uses DNS to locate network resources. If your DNS is misconfigured, windows tries other, less desireable methods to locate the resources, and that takes time. As pgaliardo says, check your DNS. If you want, post the results of an IPCONFIG /ALL on the server and an IPCONFIG /ALL from a slow logon workstation and we'll tell you if they are right or not.

Another possible reason for slow logons is if you are using Roaming profiles. Roaming profiles can result in very long logon times if users have large files or lots of small files on the desktop or otherwise in their profile. Windows has to copy these files to and from the network with each logoff and logon - and even on a 100Mb link, that can mean MINUTES for a user with a copy of Fedora Core 2 ISO images on their desktop.

 

[bobsa32]

A common problem i see at new client site we take on is that the workstations have statip ip address's and point to the wrong DNS address.

the first dns should be the Server
the second dns should be the router/gateway ( if you really have to use a second)

 

[elsie9]

My only experience of a long wait to log in has been the folder size of my roaming profile; sometimes stuff gets put in this folder by mistake or other reasons. If you have a profile or a roaming profile look at its folder size and compare it to others. See if there is anything that you can delete from it if you feel confident to do so of course. Check sizes of other folders and files within the profile.
I had to learn all this whilst doing my job as well. One of my students accidently had a large .avi file in his profile and it took forever to load. Hope this is of some help!

 

[Seaspray0]

not a good settup, bobsa32. Please perform the following steps.

1. If you have internet access for your network and wish the clients to access it, goto your DNS server (probably on your 2000 domain controller) and delete the "." root zone. Configure a forward to your ISP's DNS server.
2. Set your domain forward lookup zone as active directory integrated if it isn't, and allow secure updates.
3. Goto your DHCP server (would prefer you use the DHCP services off the 2000 server), highlight the server, properties, DNS tab. Check box "enable DNS updates for the settings below", check "dynamically update DNS A and PTR only if requested, check "discard A and PTR records when lease is deleted, only if you have any NT or 95 clients then check "dynamically update.... for clients that do not request updates". If your DHCP server is on a different PC than the DNS, then make that server a member of the "DNSUpdateProxy group".

One of the delays in logins is when the DHCP and the XP client both try to dynamically update the records in DNS. If the DHCP does it first, then it owns the records and the XP client must time out before giving up the dynamic update. If you have 98 or above, you must not let your DHCP server "always" update DNS. See above settings.

4. On your DHCP server scope, you should always hand out the following options: 3 - your default gateway (router), 6 - DNS servers, 15 - DNS domain name. You will probably also hand out options 44 and 46 for WINS if you use it. Note: never give your clients an internet DNS server in DHCP, only give them your DNS server and let your DNS server resolve the internet for them. XP clients find domain resources through DNS and if you give them an internet DNS that knows nothing about your domain... ouch! (this is why, bobsa32). Make sure all your fixed IP clients contain the same settings as the options you give out.

Consider setting your lease times in DHCP to 4 days. In DNS set the aging 2 days no refresh and 2 days refresh intervals.




Start, Help. You'll be surprised what's there. A+/MCP/MCSE/MCDBA