• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1814
  • Last Modified:

URGENT: Windows XP is slow logging onto 2003 Domain

Hello,

I have tried to find a solution to my problem but all in vain. I have 5 nodes in a network and they all log onto a domain. I added another PC to the domain with XP Pro on it and it takes forever to log on ( 3 - 4 minutes) I have a DNS server installed on the server and I have pointed to client pc to that IP address. I have also turned off Roaming profiles on the server.

I have tried every suggestion I have found so far on the net and nothing speeds the login up. On the other PC's in the network any username can login and it is fast.

Please help,

Zac
0
sacul
Asked:
sacul
  • 7
  • 4
  • 4
  • +6
1 Solution
 
zephyr_hex (Megan)DeveloperCommented:
make sure the new client has the DNS specified in the TCP/IP options.  also add the IP of the domain controller to the WINS tab under advanced settings in TCP/IP
0
 
victornegriCommented:
Do you have a lot of GPOs defined or any published software deployment? After the machine logs on can you browse to the DC's Sysvol share? Did the new XP machine successfully add an entry for itself in DNS?
0
 
Mad_JasperCommented:
You may experience extremely long delays (up to 5 minutes) when logging into domains using Windows XP Pro. This is caused by the asyncronous loading of networking during the boot up process. This speeds up the login process in a stand-alone workstation by allowing the user to log in with cached logon credentials before the network is fully ready.

To disable this "feature" and restore your domain logons to their normal speed, open the MMC and add the group policy snap-in. Under Computer Configuration-->Administrative Templates-->System-->Logon, change "Always wait for the network at computer startup and logon" to ENABLED.

This can be fed to clients via a group policy from a Windows 2000 server by upgrading the standard policy template with the XP policy template. Since this is an XP only command, non-XP systems will ignore it in a domain distributed group policy.

Make sure that you do not have any incorrectly mapped drives.

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q314861

0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
saculAuthor Commented:
Hello,

'make sure the new client has the DNS specified in the TCP/IP options.  also add the IP of the domain controller to the WINS tab under advanced settings in TCP/IP'
I did all of that already and no luck.

'Do you have a lot of GPOs defined or any published software deployment?'
no. There are no apps started at login and no GPO defined

'After the machine logs on can you browse to the DC's Sysvol share?'
I can remote into the server from the client PC. What do you mean by  'browse to the DC's Sysvol share' ?

'Did the new XP machine successfully add an entry for itself in DNS?'
How can I check this?

Thank you,

Zac
0
 
victornegriCommented:
To browse to the sysvol share: Either type "\\<domain controller name>\sysvol" or go to Network Neighborhood --> Domain --> Domain Controllre --> Sysvol.

Check DNS: Start --> Programs --> Administrative Tools --> DNS. Expand your domain and look for the computer name in the list.

Mad Jasper brings up a good point. There may be something up with the station getting a DHCP address (I'm assuming you only set a static DNS entry and not a Static IP). Try setting a static IP address on the station and define DNS, WINS, Primary Domain and see if that speeds anything up.

If that doesn't work, disjoin the computer from the domain and rejoin it. Make sure the computer object isn't in AD anymore after you disjoin but before you rejoin.
0
 
saculAuthor Commented:
'To disable this "feature" and restore your domain logons to their normal speed, open the MMC and add the group policy snap-in. Under Computer Configuration-->Administrative Templates-->System-->Logon, change "Always wait for the network at computer startup and logon" to ENABLED.'

tried that too. no luck

'Make sure that you do not have any incorrectly mapped drives.'
no mapped drives at all


Thank you,

Zac
0
 
saculAuthor Commented:
Hello,

'disjoin the computer from the domain and rejoin it'
tried that aswell without any luck

'Check DNS: Start --> Programs --> Administrative Tools --> DNS. Expand your domain and look for the computer name in the list.'

I dont see the IP or the name of the computer anywhere here. Where should the Computer name be?

Thank you,

Zac




0
 
victornegriCommented:
If you click on your domain it should be in the list of entries on the right column. If it's not there, the computer is trying to register itself with another DNS server(maybe your ISP's?) or it does not have permission to add itself to the DNS (maybe the computer account is bad). In which case it will not be able to find your domain controller to log on.

Check to make sure the computer account is in AD also.
0
 
Mad_JasperCommented:
Man, you're scewed. JK ;-)

Try to ping the name of the doman from the client computer.

ping yourdomain.com

Does DNS resolve the domain? If not, check your DHCP options and make sure that your domain name is specified in those options.

Start --> Programs --> Administrative Tools --> DHCP
Right click on DHCP and add your DHCP server to the list. Expand the selection and expand Scope. Select Scope Options and ensure that you have an entry like this:  

015 DNS Domain Name      Standard     yourdomain.com
0
 
Steve KnightIT ConsultancyCommented:
I would suggest opening a command prompt and doing IPCONFIG /ALL from one of the XP machines and pasting the results in here so we can check the DNS settings etc.

Steve
0
 
ZabagaRCommented:
Did you try wiping the user profile folder on the PC?  You'd log in using the local machine administrator account then go to c:\documents and settings\ and delete the profile(s) folders for the user(s) with the slow login.  Then logout and back in as one of the domain users with the slow login....see if that speeds it up.
I've experienced that before.


0
 
Rob WilliamsCommented:
You mention you have your DNS server as the primary DNS server in the XP machine's TCP/IP configuration, good. But, also make sure you do not have the ISP there as the secondary. This can often cause slow logons.

Assuming this is actually slow logon, i.e. after entering UserName and password, not slow boot up; the problem usually relates to DNS as discussed before, or a networking issue. With either, you may be able to diagnose to some degree if you run the Windows netdiag utility on the XP machine. It is available as part of the Windows resource kit or from:
http://www3.ns.sympatico.ca/malagash/Downloads/Net/netdiag.exe
0
 
victornegriCommented:
Did you try a static IP yet?
0
 
imreble1Commented:
Cutting DNS out of the picture here , have we tried looking at any 3rd party applications you may have on your workstations? I was thinking of some type of tcpdump or ethereal capture to check on what it was hanging on, is this possible? Other applications include anti-virus, personal firewalls with policies, etc etc.


RDC
Fishnet Security
www.fishnetsecurity.com
0
 
waqaswasibCommented:
when u log onb to domain from winxp pro it synchronizes with ads and updates users profile any gpo's defined most common problem of having slow logon is due to some security policy or may u have assigned or pulished any software in a gpo which installs everytime u logonto the machine chk for all these things as well as dns address do u have offlive files or folders or u have mapped any network drive chk system services as well which start with startup
bye
0
 
saculAuthor Commented:
Hello,

I am sorry I have not been able to update this issue[due to absence].

"Did you try a static IP yet?"
yes the pc is on a static IP

"have we tried looking at any 3rd party applications you may have on your workstations? "
Its a brand new configuration. fresh reformat with nothing on the pc but windows

"Did you try wiping the user profile folder on the PC?"
Yes. same problem occurs

"Assuming this is actually slow logon, i.e. after entering UserName and password, not slow boot up"
No. The pc boots really fast. Just the logon to the domain is slow.

"when u log onb to domain from winxp pro it synchronizes with ads and updates users profile"
Is there a way to avoid doing this during login? I think that is whats taking so long

Again, Sorry for taking so long to get back at this issue.

Thank you,

Zac
0
 
saculAuthor Commented:
Hello,

another thing I should ask.

What should a properly configured DNS look like. I know that might be a long answer and that it might depend on what you want to use the DNS for. I am just asking for the basics to ensure that the DNS is not configured wrong.

Thank you,

Zac
0
 
Rob WilliamsCommented:
>>"What should a properly configured DNS look like."

Assuming you have completed the server installation, installed Active Directory, and joined the workstations to the Domain, make sure DNS is configured as follows, assuming a single network adapter:
-The server's NIC should be configured with a static IP, the Internet router as the gateway, and only the server itself as the DNS server. Do not use an ISP DNS server here
-Each workstation should be configured using DHCP (obtain and IP address and DNS automatically) or if configured with static addresses; a static IP in the same subnet as the server, same subnet mask as the server, the gateway pointing to your Internet router, and the DNS server pointing ONLY to the server/domain controller. Again do not put an ISP's DNS server here
-In the DNS management console under Administrative tools, right click on the server name and choose properties. On the Forwarders tab add your ISP's DNS servers
-If the workstations are using DHCP, open the DHCP management console on the server under Administrative tools and click on the server name to expand it, click on the scope to expand it, right click on scope options and choose configure options. On the general tab add the Internet router's IP in #003 router, the server's IP in #006 DNS Servers. and the domain suffix [ mydomain.local] under option #015
- DHCP should be enabled on the server not on the router. Enabling DHCP on the server allows for dynamic updates to DNS

This should help with the slow logons. If you have the ISP's DNS's anywhere in the NIC's, the workstations will often go to the Internet to try to resolve names and cause them to "hang".
Also where you have been having problems, on the workstations that have been having problems you should clear the DNS cache by entering at a command line  IPConfig  /flushdns
0
 
saculAuthor Commented:
Hello,

Thank you for the advice. I am truly sorry for the long delays before I answer. We had some problems with the AD server and I think we will have to reinstall the server. I will try this today and update as soon as its done.

Thank you,

Zac
0
 
Rob WilliamsCommented:
Thanks for the update and let us know how you make out.
If you are rebuilding the server, it would be a good time to make sure DNS is set up correctly.
Good luck with it Zac.
0
 
saculAuthor Commented:
Hello,

I got it working after I rebuilt the server.

Thank you all for the help in this matter and again I do apologize for taking a long time to settle this question.

Thank you,

Zac
0
 
Rob WilliamsCommented:
Good to hear you were able to resolve Zac. Glad to have been able to help, or rather at least try to help.
Cheers !
--Rob
0

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

  • 7
  • 4
  • 4
  • +6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now