ainselyb
asked on
Computer slow joining domain
For some reason when we join a computer to our domain, it takes about 15 minutes before they show up in Active Directory.
Any tips?
Any tips?
With Active Directory you may experience extremely long delays (up to 5 minutes) when logging into domains. This is caused by the asyncronous loading of networking during the boot up process. This speeds up the login process in a stand-alone workstation by allowing the user to log in with cached logon credentials before the network is fully ready.
To disable this "feature" and restore your domain logons to their normal speed, open the MMC and add the group policy snap-in. Under Computer Configuration-->Administra
To disable this "feature" and restore your domain logons to their normal speed, open the MMC and add the group policy snap-in. Under Computer Configuration-->Administra
Do you have Firewall or Portfilter between Server and Client?? Check open Ports with netsh or PortQuery, i'm not shure, but i think 88 Kerberos, 139, 445 should be open
ainselyb,
This is a normal behaviour when you have more than 1 Site, the computer account is created on the closer Domain Controller and you must wait for Inter-Site replication (about 15 min) to see the computer account in the others domain controllers. To force replication open
AD Sites & Services/Sites/_your_site_
select all Active Directory connections and click "Replicate now", still you must wait for replication occurs.
This is a normal behaviour when you have more than 1 Site, the computer account is created on the closer Domain Controller and you must wait for Inter-Site replication (about 15 min) to see the computer account in the others domain controllers. To force replication open
AD Sites & Services/Sites/_your_site_
select all Active Directory connections and click "Replicate now", still you must wait for replication occurs.
ASKER
I'm sorry, I should have provided more information.
1. The problem is not logging on, but when adding a new PC to a domain, it takes about 15 minutes before the PC is accessible or shows in active directory.
2. I only have one site- a pretty small domain.
Thanks.
1. The problem is not logging on, but when adding a new PC to a domain, it takes about 15 minutes before the PC is accessible or shows in active directory.
2. I only have one site- a pretty small domain.
Thanks.
How many domain controllers do you have?
Try to clean your events in event viewer.
Check your Virtual Memory is enough.
try with
http://www.tune-up.com/
https://www.experts-exchange.com/questions/21761816/A-question.html
BR Dushan
Check your Virtual Memory is enough.
try with
http://www.tune-up.com/
https://www.experts-exchange.com/questions/21761816/A-question.html
BR Dushan
I'd also check DNS ptrs. I've seen cases where someone has played around or added a new DNS server and the ptr records have sent the new machines looking for a DC that doesn't exist causing a long delay in the time it takes to register that machine.
HTH,
L
HTH,
L
thats cool i see what you were getting at with the machines not appearing,
i was just wondering in my original post, if you can log on to the machines even though the accounts doesnt show in AD
i was just wondering in my original post, if you can log on to the machines even though the accounts doesnt show in AD
when you have any more than one server, you have to wait for NTDS replication. It cannot be sped up faster than 4 times per hour, but you can initiate a replication NOW in active directory sites and services
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
thank you
Cheers
Cheers
can the machines log on ok straight after being joined?
Cheers!