Problem Getting Some XP Clients to connect to W2k3 Server

Posted on 2007-12-02
Last Modified: 2010-08-05
I have a 30-user average office network running on a Windows Server 2003 R2 server. The server is running AD, DNS, DHCP and WINS on a single box running as the domain controller. (In the future I plan to add a second domain controller to reduce the number of single points of failure.) This is a single-homed box behind a firewall device. While the box has two NICs I have disabled one of them.

I am having major intermittent problems with several computers on the network unable to connect to the server. One third to one half of the users on the network are reporting intermittent problems connecting to the network. The server event log has no relevant events recorded.

Here are some clues:

1) Sometimes users can connect, sometimes they cant. Sometimes simply shutting down and restarting two or three times may resolve the problem, other times it wont. At least half the users report no problems connecting to the server.

2) The server is no longer listed when browsing the network but the workstations are. However if I Start/Run \\servername then all the servers resources are listed and accessible. This is only so on the computers that have no problem accessing the drives. That is, the logon.bat file works fine for them but if I browse the network the server is not listed.

3) I have three switches on the network. The problematic workstations are spread across all three switches so it isnt a faulty switch.

4) The only Vista user can connect to the server but the network access is extremely slow. I tried connecting her computer to another jack with a different cable in the event there was a cabling problem but that had no effect. She was able to connect fine until about a week ago.

5) DNS is handed out via DHCP. The only DNS server for the clients is the DC. The DC then forwards to the ISPs DNS servers for resolution of external addresses.

6) Two users have reported that all their printers are missing. I have the printers set to deploy with the domain controller group policy. Worked fine for them and all others but stopped working for these two.

Thanks for any help. Ive tried all I can think of to no avail.
Question by:newparadigm
  • 2
  • 2

Expert Comment

ID: 20394200
it might be a machine authentication to the DC issue. i really dont know, but it';s worth a try. do the following, then restart the affected pc's and try access the DC/other recources again:
1) Open regedit using Start | Run
2) Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
3) Change the value of DisablePasswordChange to 1
LVL 10

Expert Comment

ID: 20394540
On XP Machines if they are not listed in the network, I do this trick and it works always.

The trick is....

Do a search for the computer name and after it finds the computer name, your network neighbourhood will also be populated.

Author Comment

ID: 20564202
I tried this and it made no difference. Thanks for the suggestion.
LVL 10

Expert Comment

ID: 20564306

Accepted Solution

newparadigm earned 0 total points
ID: 22809603
I was able to resolve the problem by turning off Spanning Tree Protocol on all the Dell switches. I tried this based on the following info from (this cached link):

"The problem is not with the NIC or DNS, but rather with the Microsoft XP OS. The Netlogon service is not robust enough to account for variances with some network cards and network environments. Most switches will run the Spanning Tree Protocol (STP) to detect network loops and shut down any ports with a loop. The process of detecting loop causes the switch port to go through multiple states: blocking, listening, learning, and finally forwarding. The switch is not able to transfer any traffic until the port reaches forwarding state. On most switches, this takes about 30 seconds after starting STP initialization. As the PC boots, some NICs perform a reset, which also forces the switch port to reset. If spanning tree is enabled it will take a minimum of 30 seconds before that port is capable of traffic. If XP is not able to transmit during that 30 seconds it will be logged as a failure and it will not retry. Windows 2000 is generally more robust in this respect. PortFast is Cisco terminology and allows you to set specific ports so they go straight from the blocking state to the forwarding state. It should be enabled on all ports with clients attached, to avoid timing problems. The reason you do not see a problem with all NICs is because some never perform a reset. This means the spanning tree cycle is never initiated. See Dell Support Forum for more details."

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now