Solved

Very slow applying security policies before logon prompt - Win2K

Posted on 2003-11-10
4
276 Views
Last Modified: 2010-04-13
Hi,
I have recently joined a Windows 2000 Pro laptop to our new Win2K server domain. It was previously joined to an NT4 domain. The change-over went fine, until the first boot up when the laptop took 10 minutes to get to the logon prompt, claiming all along that it was applying the security policy. It did eventually get there and once logged in all was well.
I just thought that this was taking forever because it was the intial log in. However, every subsequent log on takes this long!
When I remove the network connection the laptop loads up in an instant. This delay happens only when it is plugged into the network. Network speeds are 100Mb/s between it and the domain controller, so does anyone have any ideas why it is taking so long?
Another spanner in the works is that it's the only machine that has this problem on my network, which incidentally has no security policies set yet... oh yes, and it's the managing director's laptop!
So can anyone help?!
Many thanks...

Additional info: laptop is running SP4, is a P4 Toshiba; server is a Xeon Proliant running at 10% capacity. i have tried adding a blank security policy to see what that does but it makes no difference.
0
Comment
Question by:thomasleng
  • 2
4 Comments
 
LVL 82

Expert Comment

by:oBdA
Comment Utility
Logon issues with W2k/XP clients in a W2k AD are mostly DNS problems.
The most important stuff in short (check the FAQ for a verbose version): On your DC, the DNS entry should point *only* to itself. On your clients, the DNS entry should point *only* to your DC. This makes sure your internal name resoultion works properly. For external resolution to function, delete the "." forward lookup zone if present (and configure forwarders).
Those should help:

Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS
http://support.microsoft.com/?kbid=291382

How Domain Controllers Are Located in Windows
http://support.microsoft.com/?kbid=247811

HOW TO: Troubleshoot DNS Name Resolution on the Internet in Windows 2000
http://support.microsoft.com/?kbid=316341

HOW TO: Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/?kbid=300202

Troubleshooting Common Active Directory Setup Issues in Windows 2000
http://support.microsoft.com/?kbid=260371

How to Verify the Creation of SRV Records for a Domain Controller
http://support.microsoft.com/?kbid=241515

HOW TO: Use the Network Diagnostics Tool (Netdiag.exe) in Windows 2000
http://support.microsoft.com/?kbid=321708
0
 
LVL 6

Accepted Solution

by:
Casca1 earned 175 total points
Comment Utility
Are you using Security policies? If not, you migh want to apply the compatws.inf; Not terribly secure, but sets all the settings to minimal.
Sounds like the Laptop may have had security settings applied through NT4 policy files. If this is so, that should resolve the issue.
0
 
LVL 6

Expert Comment

by:Casca1
Comment Utility
Thanks for the points and score.
I assume that resolved your issue?
0

Featured Post

Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

Join & Write a Comment

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now