Solved

All client machines very slow to login to dc

Posted on 2008-10-06
10
409 Views
Last Modified: 2012-05-05
This is a school network.  

We have a Poweredge server with 2003 Server R2 and close to 65 users.  All computers are connected into a 10/100 switch with a 1000 connection to the server.  We also have several Linksys Access Points off of the switch.

It seems as if every client we have in our school takes forever when logging in.  The only time it does not take long is when your logging into a local user account on the PC.

Does anyone have any ideas on what is causing this?? Thanks!!

0
Comment
Question by:Kyle_B21
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +3
10 Comments
 
LVL 63

Expert Comment

by:SysExpert
ID: 22652411
1)  Any roaming profiles - That can be a killer if time is essential.

You may need to disallow certain stuff in the roaming profile if that is your case.

Anything in the local or server event logs ?


DCDIAG and NETDIAG show anything ?

I hope this helps !
0
 
LVL 7

Expert Comment

by:youngrmy
ID: 22652428
Check the DNS Setting on the server. If this was limited to one or two PC's it may be that the problem is with the local PC. where this is happeningto all. it is most likely with an setting on the server. DNS Make the most sense to check first.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 22652446

The most common situation in this case is when the DNS Server on the client workstations (or perhaps the server) is not the IP of the Domain Controller server itself. On any Active Directory network DNS is the most critical point to tie everything together; if the DNS Server list on a workstation or the server includes DNS Servers from the ISP, the router or anything else which is not the IP of the server, you will experience login issues.

-tigermatt
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 10

Expert Comment

by:kukno
ID: 22652539
Do you have "roaming profiles"? If so, is there a lot of data on the "Desktop"? The files on the Desktop are part of the profile. In case of roaming profiles, they must be copied from the server every time you log in.

If this is not the case, here are some other possible problems.

1.) General network problems, e.g. bad interface card at the DC, bad cable at the DC, bad switch port, etc.
2.) DNS is not configured properly on the clients first and only DNS server should be your DC) or on the DC.


Regards
Kurt
0
 

Author Comment

by:Kyle_B21
ID: 22652822
Everyone does have "roaming profiles".  However I created a test account in AD with all the same scripts and GPOs running.  It takes just as long with a brand new accounts, sometimes 2 minutes to be exact stuck on the applying personal settings.  I really do not have many GPOs setup either, more next to nothing then something.

How would I check DNS Settings
0
 
LVL 10

Expert Comment

by:kukno
ID: 22652853
check the client settings. ipconfig /all. What's the DNS server? Is it your DC?
0
 
LVL 10

Expert Comment

by:kukno
ID: 22652864
maybe your DHCP server distributes two DNS servers. First is an external one. Second is the DC.
0
 
LVL 4

Expert Comment

by:placebo69a
ID: 22655618
First of all, create a user with no roaming profile and see how long it takes for that user to log in from a client computer. If it takes as long as your other users this is most likely a DNS issue. If it doesn't take long at all you should reconsider using roaming profiles.
Run the IPCONFIG.EXE /ALL from the command prompt on both your domain controller and a client machine. The ip address on the line that says DNS Servers should be your domain controllers ip address.
If it isn't go to Network Connections, right click Local Area Connection and click Properties. Double-click the Internet Protocol ( TCP/IP ) and change the setting on the bottom to "Use the following DNS server addresses" and type in your domain controller ip address as the "Preffered DNS server". Click OK twice and then try logging in again, see if the time improves.
Note that the DNS setting must point to your domain controller on both the server and client machines to avoid lengthy login times.
Let me know if this helps. :)
0
 

Author Comment

by:Kyle_B21
ID: 22663006
I appreciate all the answers!! I will try the DNS Configuration tomorrow when I go on-site.

Just a question, but if it is a DNS Issue, is there a way to set the "Preferred DNS Server" on all the clients from the server such as a GP Push or something like that? Maybe even a script?

We are in the process of setting up Symantec Ghost and getting all the PCs licensed for it, so if this is the case and I can't do it from the server I will wait to change it on all PCs until we get ghost up and running.

Thanks!
0
 
LVL 58

Accepted Solution

by:
tigermatt earned 350 total points
ID: 22664069

DNS Servers are generally set using DHCP. There is a Group Policy to set DNS Servers which some people often suggest, but that policy is rather pointless in my opinion; if DNS settings are incorrect, Active Directory Domain Controllers cannot be located by workstations (due to incorrect / no DNS server settings), and thus Group Policy cannot be applied to get those DNS Server settings.

Run DHCP on one of your Server 2003 servers, and turn it off on any routers / firewalls. Using Server 2003 DHCP gives best flexibility, and allows for you to set options such as DNS, DNS Domain Name etc.

-tigermatt
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Network ports are the threads that hold network communication together. They are an essential part of networking that can be easily ignore or misunderstood, my goals is to show those who don't have a strong network foundation how network ports opera…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question