Solved

Very slow applying security policies before logon prompt - Win2K

Posted on 2003-11-10
4
277 Views
Last Modified: 2010-04-13
Hi,
I have recently joined a Windows 2000 Pro laptop to our new Win2K server domain. It was previously joined to an NT4 domain. The change-over went fine, until the first boot up when the laptop took 10 minutes to get to the logon prompt, claiming all along that it was applying the security policy. It did eventually get there and once logged in all was well.
I just thought that this was taking forever because it was the intial log in. However, every subsequent log on takes this long!
When I remove the network connection the laptop loads up in an instant. This delay happens only when it is plugged into the network. Network speeds are 100Mb/s between it and the domain controller, so does anyone have any ideas why it is taking so long?
Another spanner in the works is that it's the only machine that has this problem on my network, which incidentally has no security policies set yet... oh yes, and it's the managing director's laptop!
So can anyone help?!
Many thanks...

Additional info: laptop is running SP4, is a P4 Toshiba; server is a Xeon Proliant running at 10% capacity. i have tried adding a blank security policy to see what that does but it makes no difference.
0
Comment
Question by:thomasleng
  • 2
4 Comments
 
LVL 83

Expert Comment

by:oBdA
ID: 9720939
Logon issues with W2k/XP clients in a W2k AD are mostly DNS problems.
The most important stuff in short (check the FAQ for a verbose version): On your DC, the DNS entry should point *only* to itself. On your clients, the DNS entry should point *only* to your DC. This makes sure your internal name resoultion works properly. For external resolution to function, delete the "." forward lookup zone if present (and configure forwarders).
Those should help:

Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS
http://support.microsoft.com/?kbid=291382

How Domain Controllers Are Located in Windows
http://support.microsoft.com/?kbid=247811

HOW TO: Troubleshoot DNS Name Resolution on the Internet in Windows 2000
http://support.microsoft.com/?kbid=316341

HOW TO: Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/?kbid=300202

Troubleshooting Common Active Directory Setup Issues in Windows 2000
http://support.microsoft.com/?kbid=260371

How to Verify the Creation of SRV Records for a Domain Controller
http://support.microsoft.com/?kbid=241515

HOW TO: Use the Network Diagnostics Tool (Netdiag.exe) in Windows 2000
http://support.microsoft.com/?kbid=321708
0
 
LVL 6

Accepted Solution

by:
Casca1 earned 175 total points
ID: 9723165
Are you using Security policies? If not, you migh want to apply the compatws.inf; Not terribly secure, but sets all the settings to minimal.
Sounds like the Laptop may have had security settings applied through NT4 policy files. If this is so, that should resolve the issue.
0
 
LVL 6

Expert Comment

by:Casca1
ID: 10727013
Thanks for the points and score.
I assume that resolved your issue?
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Recovering backup .Qic files on Windows 7 6 2,188
Windows timing on domain Pcs 4 443
Outlook 2013 Certicate error 1 286
Dell PowerEdge raid drive replacement 13 488
What does UTC stand for?  “Coordinated Universal Time” – Think of this as the true time on Planet Earth that never changes with the exception of minor leap seconds here and there to account for the changes in the planet's rotation.   What does th…
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now