Slow server logon with computers running Windows XP 3

[computerdragon79]

I'm having an issue with all the XP computers on my Windows 2000 domain... They all take a really long time to log in users. I've included the IP info for both the server and one of the workstations, so I can get some help with the troubleshooting.

Server Info (runs windows 2000 advanced server)

Windows 2000 IP configuration

Node Type.. Hybrid
IP Routing Enabled..Yes
WINS Proxy Enabled..No

Ethernet adapter WAN

DHCP Enabled..No
IP Address..141.217.203.191
Subnet Mask..255.255.248.0
Default Gateway..141.217.200.1
DNS Servers..141.217.202.31
..141.217.202.13
Primary WINS Server..141.217.12.2
Secondary WINS Server..141.217.1.91

Ethernet Adaptor LAN

DHCP Enabled..Yes
IP Address..192.168.1.100
Subnet Mask..255.255.255.0
Default Gateway..192.168.1.1
DNS Servers..141.217.202.31
..141.217.202.13
Primary WINS Server..141.217.12.2
Secondary WINS Server..141.217.1.91

Workstation Info (All workstations run Windows XP)

Windows IP Configuration

IP Routing Enabled...No
WINS Poxy Enabled...No

Ethernet Local Area Connection:

DHCP Enabled..Yes
Autoconfiguration enabled..Yes
IP Address..192.168.1.101
Subnet Mask..255.255.255.0
Default Gateway..192.168.1.1
DHCP Server..192.168.1.1
DNS Servers..141.217.202.31
..141.217.202.35

 

[eluis]

Hi,

The solution is simple...
You have a bad configuration on all your workstations.
Windows 2000 and Windows XP needs the DNS to be very well configured.
Only you have to do is to point your DNS on XP workstations to 192.168.1.100.
And be sure that the DNS Server on 192.168.1.100 is installed and very weel configured (like making Queries Forwarding)

Regards,
EduardoLuis

 

[computerdragon79]

Two questions, how do I go about pointing the DNS, and how do I check things like queries forwarding?

 

[eluis]

It seems that you have DHCP Server installed on the 2000.
Are your XP workstations getting IP addresses from the DHCP server or are you setting them manually?
If you get the IP addresses from the DHCP Server, then you have to reconfigure the DHCP Server to set the 192.168.1.100 as a DNS server on the pool of IP's.
If you set them manually, then, go to the TCP/IP Properties, on LocalAreaConnection-Properties and set that on USE THE FOLLOWING DNS SERVER ADDRESSES.

This is TCP/IP basics.....

 

[dbMark]

Yes, your workstations should have a DNS address pointing to the domain controller (your server), in your case 192.168.1.100.

This may be beyond my expertise, but your domain server can run DHCP as a serice but probably its own IP address should be hardcoded into the LAN/NIC card.

A typo on your workstation example, the outside DNS should end with .13 not .35
DNS Servers..141.217.202.31
..141.217.202.35

 

[dbMark]

Oh yes, don't forget to have your server point to itself. Sounds dumb, but it works. That is, on the server's LAN connection, edit the properties for TCP/IP and add its own address (192.168.1.100) to the DNS address list.

 

[computerdragon79]

The 192.168.1.100 address is assigned by the router. The server and all the workstations are connected to the same router. The server computer has two network cards, one is set to obtain IP and DNS automatically, and one is set to the settings listed above under "Ethernet Adaptor WAN." I'm not entirely sure why two cards were needed (I inhereted control of this server from someone else and I'm still learning), but I do know that if one is disabled, the server will not work.

 

[computerdragon79]

I tried pointing the DNS on one of the workstations to 192.168.1.100, and the instant I did that, the internet on the workstation stopped working. Might it have something to do with the fact that the router is what's controlling the DHCP?

 

[allenEd]

How is your internet service provided? ADSL modem/Router, or ICS on the server?

 

[fazil1]

Hello,
Your problem may not be DNS servers, as long as DNS servers are properly configured and avallable for Name resolution your Netowork may be slower, what time does this happen, is it during peak hrs, if so your DNS and Domain controllers may be very busy, do you have Active directory or no, you may need addtional DNS servers placed stetergically to reduce overload and may need addtional DC's to serve autentication request.
bombay4u@hotmail.com

 

[computerdragon79]

To answer both questions since the last post, our internet is cable. It's in a building, and each room has it's own static IP address it needs to get internet access. The router that controls my entire network needs to be set up with that static IP address to give net access to the computers in the room. By the way, the static addresses that need to be entered into the router are the addresses that are under "ethernet adaptor WAN" in my first post. As far as traffic goes, there are only 8 computers in my domain, server included. All 8 computers are connected to the same router. Usually traffic has never been an issue, but ever since the 7 workstations were upgraded to XP, user login has been slow, and if two people log in at once, both computers involved will slow down. Oh, and yes, all the users are stored in the active directory on the server.

 

[dbMark]

Did you know that a computer does not have to be limited to just one DNS IP address? Many ISP providers provide 2 DNS addresses, I guess just in case the other one is down or too busy, and that's just for the internet, not local network usage. It is okay to have the domain server's IP address in the workstations' DNS records along with the ISP provider's DNS server addresses.

 

[kmcferrin]

This is my thinking. You are using the ISPs DNS servers as your DNS server. This will not work if you're running Win2K/AD. Active Directory requires DNS to function properly. It is likely that your domain controller is configured as a DNS server already. When you're trying to log on from an XP workstation, the workstation is trying to communicate with the DNS server (which should be your domain controller), but instead it is trying to talk to the ISP.

You mention that you have a number of routers that pass out DHCP addresses. Unfortunately they are passing out the information from the ISP, and not the information for your internal network. If you can configure the IP address info that your router devices are passing out via DHCP, then you need to make them use your DC (the .100 address, I believe) as the primary DNS server. They can still use the router's IP address as a secondary DNS server in the event that your internal DNS server can't complete a query for some reason.

If you cannot configure the router to pass out your domain controller's IP address as a DNS server, then you should disable DHCP on the router and configure your domain controller to be a DHCP server and pass out the correct information.

Changing the primary DNS server on a workstation to point back to your Domain Controller may not be enough to solve the problem. You need to verify that DNS is installed and properly configured on your domain controller, and make sure that it has the root servers list for walking the DNS hierarchy for Internet DNS requests.

Keep in mind that it's almost like there are two kinds of DNS servers. One provides internal DNS info to your network and handles the registrations from AD client PCs. This one must be your domain controller. The other is simply providing generic DNS lookup info to resolve Internet domains, not you internal domais.

 

[computerdragon79]

Okay, I've gotten quite a few good ideas on where to go from here, could someone give me an idea of where to start? I don't want to loose track of what I'm doing and mess things up even more, so it it help if someone could outline how I should go about trying to correct my problem.

 

[PhillyCheeseSteak]

1) Install DNS on a server in your local network.

2) Create an active-directory integrated primary zone equivalent to your fully qualified domain name (e.g. mydomain.corp) within DNS.

3) Right-click the server in DNS (not the zone!) and go to the Forwarding tab. Enable forwarding and enter in the IP addresses of your ISPs DNS servers in the list.

4) Point all of your computers -- domain controllers and PCs -- to the INTERNAL address of this machine. ALL MACHINES should have this config, even the external NIC on your proxy. Nothing should point to a server outside your network for dns except the forwarders.


5) On your domain controllers, go to a command prompt and type NET STOP NETLOGON <hit enter> NET START NETLOGON <hit enter>

6) You're done. Now try logging in with your clients and be happy with the results.

-Phil

 

[computerdragon79]

Okay, now I think I've got a game plan . I just have a few questions, as I'm not used to using win2k server, so I'll ask them numerically as I go through each point.

1.) There's only one server on the local network, the others are all workstations running XP Pro, so I'm guessing I'm right to assume that I install DNS on there. My question is, how do I check if it's already been installed (before the workstations were upgraded to XP), and how do I go about installing it if it's not?

2.) No clue how to do that.

3.) No questions here.

4.) The only domain controller is the server itself. All the other computers are workstations where the users log in (provided their name is in the servers active directory) Does that change things at all? Also, what is the internal address? Is it one of the IP's listed under my server setting above?

5.) This question completely threw me because the only domain controller in the room is the computer running Win 2k server.

 

[computerdragon79]

Oops, forgot one thing. In #4, which card from the config at the beginning of the post is the external NIC?

 

[PhillyCheeseSteak]

1) It's in Control Panel - Add Remove Programs - Add/Remove Windows Components (on the panel on the left) - and the service is located under Network Services i believe. It will be checked if it is installed.

2) You'll open up the DNS applet under Administrative Tools, expand your server, right click under Forward Lookup Zones and choose New Zone.

3) ok.

4) The Ethernet WAN interface that you specified in your post is the "external" interface. Is that even a Win2k box, or is it a router, or what? If its a router you dont have to worry about it. The internal address starts with 192.168. the external is 144.whatever.

5) Just do it on the one domain controller then.

Good luck.

-Phil

 

[minxca]

Hi,

You said that all PCs and server connect directly to the router, so you can disable External NIC and make sure that the binding order is correct (internal on the top)
Like everybody said:
Use your internal dns to resolve LAN browsing and configure the forwarder to your ISP. I prefer to add WINS (faster browsing).

 

[computerdragon79]

To answer the question for #4, it's a Win2k server with two network cards installed. One card is set to the settings you see under Ethernet Adaptor WAN, and the other card is set to obtain settings autmatically, the settings you see under Ethernet adaptor LAN. Both cards are connected to the router. The settings under the LAN are provided by the router, the settings for WAN were manually entered (but they match the static settings that the router needs to connect to the internet). I'm not sure what the purpose of both cards is, but I know BOTH must be active in order to enable internet access for users, as well as give them access to the server.