Solved

Problem Getting Some XP Clients to connect to W2k3 Server

Posted on 2007-12-02
6
191 Views
Last Modified: 2010-08-05
I have a 30-user average office network running on a Windows Server 2003 R2 server. The server is running AD, DNS, DHCP and WINS on a single box running as the domain controller. (In the future I plan to add a second domain controller to reduce the number of single points of failure.) This is a single-homed box behind a firewall device. While the box has two NICs I have disabled one of them.

I am having major intermittent problems with several computers on the network unable to connect to the server. One third to one half of the users on the network are reporting intermittent problems connecting to the network. The server event log has no relevant events recorded.

Here are some clues:

1) Sometimes users can connect, sometimes they cant. Sometimes simply shutting down and restarting two or three times may resolve the problem, other times it wont. At least half the users report no problems connecting to the server.

2) The server is no longer listed when browsing the network but the workstations are. However if I Start/Run \\servername then all the servers resources are listed and accessible. This is only so on the computers that have no problem accessing the drives. That is, the logon.bat file works fine for them but if I browse the network the server is not listed.

3) I have three switches on the network. The problematic workstations are spread across all three switches so it isnt a faulty switch.

4) The only Vista user can connect to the server but the network access is extremely slow. I tried connecting her computer to another jack with a different cable in the event there was a cabling problem but that had no effect. She was able to connect fine until about a week ago.

5) DNS is handed out via DHCP. The only DNS server for the clients is the DC. The DC then forwards to the ISPs DNS servers for resolution of external addresses.

6) Two users have reported that all their printers are missing. I have the printers set to deploy with the domain controller group policy. Worked fine for them and all others but stopped working for these two.

Thanks for any help. Ive tried all I can think of to no avail.
0
Comment
Question by:newparadigm
  • 2
  • 2
6 Comments
 
LVL 6

Expert Comment

by:cottsak
ID: 20394200
it might be a machine authentication to the DC issue. i really dont know, but it';s worth a try. do the following, then restart the affected pc's and try access the DC/other recources again:
1) Open regedit using Start | Run
2) Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
3) Change the value of DisablePasswordChange to 1
0
 
LVL 10

Expert Comment

by:santhoshu
ID: 20394540
On XP Machines if they are not listed in the network, I do this trick and it works always.

The trick is....

Do a search for the computer name and after it finds the computer name, your network neighbourhood will also be populated.
0
 

Author Comment

by:newparadigm
ID: 20564202
I tried this and it made no difference. Thanks for the suggestion.
0
 
LVL 10

Expert Comment

by:santhoshu
ID: 20564306
0
 

Accepted Solution

by:
newparadigm earned 0 total points
ID: 22809603
I was able to resolve the problem by turning off Spanning Tree Protocol on all the Dell switches. I tried this based on the following info from (this cached link): http://74.125.95.104/search?q=cache:http://www.eventid.net/display.asp%3Feventid%3D1054%26eventno%3D1393%26source%3DUserenv%26phase%3D1

"The problem is not with the NIC or DNS, but rather with the Microsoft XP OS. The Netlogon service is not robust enough to account for variances with some network cards and network environments. Most switches will run the Spanning Tree Protocol (STP) to detect network loops and shut down any ports with a loop. The process of detecting loop causes the switch port to go through multiple states: blocking, listening, learning, and finally forwarding. The switch is not able to transfer any traffic until the port reaches forwarding state. On most switches, this takes about 30 seconds after starting STP initialization. As the PC boots, some NICs perform a reset, which also forces the switch port to reset. If spanning tree is enabled it will take a minimum of 30 seconds before that port is capable of traffic. If XP is not able to transmit during that 30 seconds it will be logged as a failure and it will not retry. Windows 2000 is generally more robust in this respect. PortFast is Cisco terminology and allows you to set specific ports so they go straight from the blocking state to the forwarding state. It should be enabled on all ports with clients attached, to avoid timing problems. The reason you do not see a problem with all NICs is because some never perform a reset. This means the spanning tree cycle is never initiated. See Dell Support Forum for more details."
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question