Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Puzzled. Please help.

Status
Not open for further replies.
Tagsley

Tagsley

IS-IT--Management
Jun 25, 2002
23
US
We recently started to upgrade our network from NT to W2K. Upon upgrading the PDC to AD, we found that it took a long time to login. The delay was very similar to logging on with XP when the DNS settings are incorrect....long loading profile, etc.

DNS server is running on the upgraded PDC. It seems to be working ok, because I can ping around our network using NetBios names. It is also the only DNS Server configured on our machines.

So here's the weird thing. When I turn off the Net Logon Service, the XP machines log in quickly once again. I imagine that they are probably logging in off of on of the old BDCs which are still up and running.

Does anyone have any clues on where I can start troubleshooting this? I am baffled.
 
Sort by date Sort by votes
Have you tried pinging by FQDN? Pinging by Netbios name uses WINS not DNS. Also make sure the SRV records were created when you set up DNS.

john
 
Upvote 0 Downvote
Is it taking a long time for the clients to login or to login to the server itself?

Ensure the DC holds all 5 FSMO roles and that it is also a GC.

Steven S.
MCSA
A+, Network+, Server+, i-Net+
 
Upvote 0 Downvote
Titleist -
I am sorry but I dont quite understand. I made sure that the servers where listed as hosts on the DNS server, but I dont think that is what you are meaning. How can I check the SRV records to see if they were created? I just pinged from a DOS box using their server names.

Aznluvmc -
It takes them a long time to log in and load the personal profile. How can I check wheither the DC holds all the FSMO roles, and is also a GC? I was under the impression that it would get that automatically during the upgrade. Is there something additional I need to do?

Much thanks to you both for the feedback.

 
Upvote 0 Downvote
You can check the FSMO roles by right clicking the domain in Active Directory Users and Computers and selecting Operations Master. AD Users and Computers holds 3 roles. AD Domain and Trusts holds another role and the AD Schema snap-in holds that last role. You can check the GC setting in Active Directory Sites and Services in the NTDS Settings for the server.

When you ping the server, does it repsond with just a servername or servername.domainname?

Steven S.
MCSA
A+, Network+, Server+, i-Net+
 
Upvote 0 Downvote
I checked and it looks like it has the FSMO role for the AD portion, and I can't tell for the Domain. I dont have a Schema.

When I ping it via the IP address, it just replies normally. When I ping it via its name, "ping ntserver" it says just says reply and gives the IP address.

What am I doing wrong?
 
Upvote 0 Downvote
Seems lke the server is not registered in DNS. Try running ipconfig /registerdns. Ensure your DNS is also configured to allow dynamic updates.

Steven S.
MCSA
A+, Network+, Server+, i-Net+
 
Upvote 0 Downvote
Yes, that DNS might be the problem. I assume your DNS structure was an NT4 DNS? They didn't support dynamic updates until Windows 2000 so when you upgraded to Windows 2000 the DNS might have defaulted to Do Not Allow Dynamic Updates.

Steven S.
MCSA
A+, Network+, Server+, i-Net+
 
Upvote 0 Downvote
To check for SRV records open the DNS console and expand your server, expand the forward lookup zone, then expand 'your domain'. You should have 4 folders called _msdcs, _sites, _tcp and _udp.

If these aren't there open a command prompt and type these commands:
ipconfig /flushdns
ipconfig /registerdns
netstop netlogon
netstart netlogon

john
 
Upvote 0 Downvote
Thanks to all for your help. I finally got it working.

I did not know the name of the dns zone needed to be the same as my AD domain. I had set up the DNS zone to be local.xxxxxx.org, and our AD domain was simply xxxxxx.org (which was the upgraded NT domain name.)

Would there be a better way to do this in the future? I would have liked to have a different local domain name, but was afraid to mess up the AD upgrade.

Thank you all very much.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Abdullah Al Maruf
  • Locked
  • Question
Telnet help for
Replies
2
Views
236
gbaughma
gbaughma
Fireksf
  • Locked
  • Question
Avaya IPOCC not generate Report, Please any body if you a have any idea help me.
Replies
1
Views
110
MarkSweetland
MarkSweetland
on3mansh0w
  • Locked
  • Question
[HELP] AD GPO not applied unexpectedly
Replies
0
Views
112
on3mansh0w
on3mansh0w
CDIV
  • Locked
  • Question
Dear all, Please how can I team
Replies
0
Views
66
CDIV
CDIV
serge901cre
  • Locked
  • Question
Please help: can't install packaged exes on 2012
Replies
0
Views
37
serge901cre
serge901cre

Part and Inventory Search

Sponsor

Back
Top