Problem Getting Some XP Clients to connect to W2k3 Server

Posted on 2007-12-02
Last Modified: 2010-08-05
I have a 30-user average office network running on a Windows Server 2003 R2 server. The server is running AD, DNS, DHCP and WINS on a single box running as the domain controller. (In the future I plan to add a second domain controller to reduce the number of single points of failure.) This is a single-homed box behind a firewall device. While the box has two NICs I have disabled one of them.

I am having major intermittent problems with several computers on the network unable to connect to the server. One third to one half of the users on the network are reporting intermittent problems connecting to the network. The server event log has no relevant events recorded.

Here are some clues:

1) Sometimes users can connect, sometimes they cant. Sometimes simply shutting down and restarting two or three times may resolve the problem, other times it wont. At least half the users report no problems connecting to the server.

2) The server is no longer listed when browsing the network but the workstations are. However if I Start/Run \\servername then all the servers resources are listed and accessible. This is only so on the computers that have no problem accessing the drives. That is, the logon.bat file works fine for them but if I browse the network the server is not listed.

3) I have three switches on the network. The problematic workstations are spread across all three switches so it isnt a faulty switch.

4) The only Vista user can connect to the server but the network access is extremely slow. I tried connecting her computer to another jack with a different cable in the event there was a cabling problem but that had no effect. She was able to connect fine until about a week ago.

5) DNS is handed out via DHCP. The only DNS server for the clients is the DC. The DC then forwards to the ISPs DNS servers for resolution of external addresses.

6) Two users have reported that all their printers are missing. I have the printers set to deploy with the domain controller group policy. Worked fine for them and all others but stopped working for these two.

Thanks for any help. Ive tried all I can think of to no avail.
Question by:newparadigm
  • 2
  • 2

Expert Comment

ID: 20394200
it might be a machine authentication to the DC issue. i really dont know, but it';s worth a try. do the following, then restart the affected pc's and try access the DC/other recources again:
1) Open regedit using Start | Run
2) Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
3) Change the value of DisablePasswordChange to 1
LVL 10

Expert Comment

ID: 20394540
On XP Machines if they are not listed in the network, I do this trick and it works always.

The trick is....

Do a search for the computer name and after it finds the computer name, your network neighbourhood will also be populated.

Author Comment

ID: 20564202
I tried this and it made no difference. Thanks for the suggestion.
LVL 10

Expert Comment

ID: 20564306

Accepted Solution

newparadigm earned 0 total points
ID: 22809603
I was able to resolve the problem by turning off Spanning Tree Protocol on all the Dell switches. I tried this based on the following info from (this cached link):

"The problem is not with the NIC or DNS, but rather with the Microsoft XP OS. The Netlogon service is not robust enough to account for variances with some network cards and network environments. Most switches will run the Spanning Tree Protocol (STP) to detect network loops and shut down any ports with a loop. The process of detecting loop causes the switch port to go through multiple states: blocking, listening, learning, and finally forwarding. The switch is not able to transfer any traffic until the port reaches forwarding state. On most switches, this takes about 30 seconds after starting STP initialization. As the PC boots, some NICs perform a reset, which also forces the switch port to reset. If spanning tree is enabled it will take a minimum of 30 seconds before that port is capable of traffic. If XP is not able to transmit during that 30 seconds it will be logged as a failure and it will not retry. Windows 2000 is generally more robust in this respect. PortFast is Cisco terminology and allows you to set specific ports so they go straight from the blocking state to the forwarding state. It should be enabled on all ports with clients attached, to avoid timing problems. The reason you do not see a problem with all NICs is because some never perform a reset. This means the spanning tree cycle is never initiated. See Dell Support Forum for more details."

Featured Post

Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
AD user acount change history 4 75
OPINIONS please : best Active Directory Monitoring tool 5 179
Windows server 2003 bootable iso 9 275
need help with active directory 4 65
Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question