Solved

All client machines very slow to login to dc

Posted on 2008-10-06
10
406 Views
Last Modified: 2012-05-05
This is a school network.  

We have a Poweredge server with 2003 Server R2 and close to 65 users.  All computers are connected into a 10/100 switch with a 1000 connection to the server.  We also have several Linksys Access Points off of the switch.

It seems as if every client we have in our school takes forever when logging in.  The only time it does not take long is when your logging into a local user account on the PC.

Does anyone have any ideas on what is causing this?? Thanks!!

0
Comment
Question by:Kyle_B21
  • 3
  • 2
  • 2
  • +3
10 Comments
 
LVL 63

Expert Comment

by:SysExpert
ID: 22652411
1)  Any roaming profiles - That can be a killer if time is essential.

You may need to disallow certain stuff in the roaming profile if that is your case.

Anything in the local or server event logs ?


DCDIAG and NETDIAG show anything ?

I hope this helps !
0
 
LVL 7

Expert Comment

by:youngrmy
ID: 22652428
Check the DNS Setting on the server. If this was limited to one or two PC's it may be that the problem is with the local PC. where this is happeningto all. it is most likely with an setting on the server. DNS Make the most sense to check first.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 22652446

The most common situation in this case is when the DNS Server on the client workstations (or perhaps the server) is not the IP of the Domain Controller server itself. On any Active Directory network DNS is the most critical point to tie everything together; if the DNS Server list on a workstation or the server includes DNS Servers from the ISP, the router or anything else which is not the IP of the server, you will experience login issues.

-tigermatt
0
 
LVL 10

Expert Comment

by:kukno
ID: 22652539
Do you have "roaming profiles"? If so, is there a lot of data on the "Desktop"? The files on the Desktop are part of the profile. In case of roaming profiles, they must be copied from the server every time you log in.

If this is not the case, here are some other possible problems.

1.) General network problems, e.g. bad interface card at the DC, bad cable at the DC, bad switch port, etc.
2.) DNS is not configured properly on the clients first and only DNS server should be your DC) or on the DC.


Regards
Kurt
0
 

Author Comment

by:Kyle_B21
ID: 22652822
Everyone does have "roaming profiles".  However I created a test account in AD with all the same scripts and GPOs running.  It takes just as long with a brand new accounts, sometimes 2 minutes to be exact stuck on the applying personal settings.  I really do not have many GPOs setup either, more next to nothing then something.

How would I check DNS Settings
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 10

Expert Comment

by:kukno
ID: 22652853
check the client settings. ipconfig /all. What's the DNS server? Is it your DC?
0
 
LVL 10

Expert Comment

by:kukno
ID: 22652864
maybe your DHCP server distributes two DNS servers. First is an external one. Second is the DC.
0
 
LVL 4

Expert Comment

by:placebo69a
ID: 22655618
First of all, create a user with no roaming profile and see how long it takes for that user to log in from a client computer. If it takes as long as your other users this is most likely a DNS issue. If it doesn't take long at all you should reconsider using roaming profiles.
Run the IPCONFIG.EXE /ALL from the command prompt on both your domain controller and a client machine. The ip address on the line that says DNS Servers should be your domain controllers ip address.
If it isn't go to Network Connections, right click Local Area Connection and click Properties. Double-click the Internet Protocol ( TCP/IP ) and change the setting on the bottom to "Use the following DNS server addresses" and type in your domain controller ip address as the "Preffered DNS server". Click OK twice and then try logging in again, see if the time improves.
Note that the DNS setting must point to your domain controller on both the server and client machines to avoid lengthy login times.
Let me know if this helps. :)
0
 

Author Comment

by:Kyle_B21
ID: 22663006
I appreciate all the answers!! I will try the DNS Configuration tomorrow when I go on-site.

Just a question, but if it is a DNS Issue, is there a way to set the "Preferred DNS Server" on all the clients from the server such as a GP Push or something like that? Maybe even a script?

We are in the process of setting up Symantec Ghost and getting all the PCs licensed for it, so if this is the case and I can't do it from the server I will wait to change it on all PCs until we get ghost up and running.

Thanks!
0
 
LVL 58

Accepted Solution

by:
tigermatt earned 350 total points
ID: 22664069

DNS Servers are generally set using DHCP. There is a Group Policy to set DNS Servers which some people often suggest, but that policy is rather pointless in my opinion; if DNS settings are incorrect, Active Directory Domain Controllers cannot be located by workstations (due to incorrect / no DNS server settings), and thus Group Policy cannot be applied to get those DNS Server settings.

Run DHCP on one of your Server 2003 servers, and turn it off on any routers / firewalls. Using Server 2003 DHCP gives best flexibility, and allows for you to set options such as DNS, DNS Domain Name etc.

-tigermatt
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now