Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 285
  • Last Modified:

Very slow applying security policies before logon prompt - Win2K

Hi,
I have recently joined a Windows 2000 Pro laptop to our new Win2K server domain. It was previously joined to an NT4 domain. The change-over went fine, until the first boot up when the laptop took 10 minutes to get to the logon prompt, claiming all along that it was applying the security policy. It did eventually get there and once logged in all was well.
I just thought that this was taking forever because it was the intial log in. However, every subsequent log on takes this long!
When I remove the network connection the laptop loads up in an instant. This delay happens only when it is plugged into the network. Network speeds are 100Mb/s between it and the domain controller, so does anyone have any ideas why it is taking so long?
Another spanner in the works is that it's the only machine that has this problem on my network, which incidentally has no security policies set yet... oh yes, and it's the managing director's laptop!
So can anyone help?!
Many thanks...

Additional info: laptop is running SP4, is a P4 Toshiba; server is a Xeon Proliant running at 10% capacity. i have tried adding a blank security policy to see what that does but it makes no difference.
0
thomasleng
Asked:
thomasleng
  • 2
1 Solution
 
oBdACommented:
Logon issues with W2k/XP clients in a W2k AD are mostly DNS problems.
The most important stuff in short (check the FAQ for a verbose version): On your DC, the DNS entry should point *only* to itself. On your clients, the DNS entry should point *only* to your DC. This makes sure your internal name resoultion works properly. For external resolution to function, delete the "." forward lookup zone if present (and configure forwarders).
Those should help:

Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS
http://support.microsoft.com/?kbid=291382

How Domain Controllers Are Located in Windows
http://support.microsoft.com/?kbid=247811

HOW TO: Troubleshoot DNS Name Resolution on the Internet in Windows 2000
http://support.microsoft.com/?kbid=316341

HOW TO: Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/?kbid=300202

Troubleshooting Common Active Directory Setup Issues in Windows 2000
http://support.microsoft.com/?kbid=260371

How to Verify the Creation of SRV Records for a Domain Controller
http://support.microsoft.com/?kbid=241515

HOW TO: Use the Network Diagnostics Tool (Netdiag.exe) in Windows 2000
http://support.microsoft.com/?kbid=321708
0
 
Casca1Commented:
Are you using Security policies? If not, you migh want to apply the compatws.inf; Not terribly secure, but sets all the settings to minimal.
Sounds like the Laptop may have had security settings applied through NT4 policy files. If this is so, that should resolve the issue.
0
 
Casca1Commented:
Thanks for the points and score.
I assume that resolved your issue?
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now