Problem Getting Some XP Clients to connect to W2k3 Server

I have a 30-user average office network running on a Windows Server 2003 R2 server. The server is running AD, DNS, DHCP and WINS on a single box running as the domain controller. (In the future I plan to add a second domain controller to reduce the number of single points of failure.) This is a single-homed box behind a firewall device. While the box has two NICs I have disabled one of them.

I am having major intermittent problems with several computers on the network unable to connect to the server. One third to one half of the users on the network are reporting intermittent problems connecting to the network. The server event log has no relevant events recorded.

Here are some clues:

1) Sometimes users can connect, sometimes they cant. Sometimes simply shutting down and restarting two or three times may resolve the problem, other times it wont. At least half the users report no problems connecting to the server.

2) The server is no longer listed when browsing the network but the workstations are. However if I Start/Run \\servername then all the servers resources are listed and accessible. This is only so on the computers that have no problem accessing the drives. That is, the logon.bat file works fine for them but if I browse the network the server is not listed.

3) I have three switches on the network. The problematic workstations are spread across all three switches so it isnt a faulty switch.

4) The only Vista user can connect to the server but the network access is extremely slow. I tried connecting her computer to another jack with a different cable in the event there was a cabling problem but that had no effect. She was able to connect fine until about a week ago.

5) DNS is handed out via DHCP. The only DNS server for the clients is the DC. The DC then forwards to the ISPs DNS servers for resolution of external addresses.

6) Two users have reported that all their printers are missing. I have the printers set to deploy with the domain controller group policy. Worked fine for them and all others but stopped working for these two.

Thanks for any help. Ive tried all I can think of to no avail.
Who is Participating?
newparadigmConnect With a Mentor Author Commented:
I was able to resolve the problem by turning off Spanning Tree Protocol on all the Dell switches. I tried this based on the following info from (this cached link):

"The problem is not with the NIC or DNS, but rather with the Microsoft XP OS. The Netlogon service is not robust enough to account for variances with some network cards and network environments. Most switches will run the Spanning Tree Protocol (STP) to detect network loops and shut down any ports with a loop. The process of detecting loop causes the switch port to go through multiple states: blocking, listening, learning, and finally forwarding. The switch is not able to transfer any traffic until the port reaches forwarding state. On most switches, this takes about 30 seconds after starting STP initialization. As the PC boots, some NICs perform a reset, which also forces the switch port to reset. If spanning tree is enabled it will take a minimum of 30 seconds before that port is capable of traffic. If XP is not able to transmit during that 30 seconds it will be logged as a failure and it will not retry. Windows 2000 is generally more robust in this respect. PortFast is Cisco terminology and allows you to set specific ports so they go straight from the blocking state to the forwarding state. It should be enabled on all ports with clients attached, to avoid timing problems. The reason you do not see a problem with all NICs is because some never perform a reset. This means the spanning tree cycle is never initiated. See Dell Support Forum for more details."
it might be a machine authentication to the DC issue. i really dont know, but it';s worth a try. do the following, then restart the affected pc's and try access the DC/other recources again:
1) Open regedit using Start | Run
2) Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
3) Change the value of DisablePasswordChange to 1
On XP Machines if they are not listed in the network, I do this trick and it works always.

The trick is....

Do a search for the computer name and after it finds the computer name, your network neighbourhood will also be populated.
newparadigmAuthor Commented:
I tried this and it made no difference. Thanks for the suggestion.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.