Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


SBS Network Problem???

Posted on 2008-10-08
Medium Priority
Last Modified: 2010-04-19
We have a SBS 2003 R2 that was installed a few months ago... We keep having situations where client machines get stuck in the windows login blue screen (not the blue screen of death)  It has been just one or two machines periodically but today it was all of them (9).  After rebooting the server, everyone was able to log in as usual.  There are a string of W3SVC errors on the server, all referencing different process IDs.  I am not an IT pro and our network consultants can not seem to fix this problem so I'm hoping someone out there can point me in the right direction before I pull all of my hair out!  THANKS IN ADVANCE!
Question by:MBH_44
  • 3
LVL 78

Expert Comment

by:Rob Williams
ID: 22669499
Most often delays at logon are caused by incorrectly configured DNS. DNS can affect many other services as well.
The clients must point to the SBS ONLY for DNS. Adding the ISP's DNS even as an alternate can cause delays at log on of up to 10 minutes.
With SBS, though not absolutely necessary, IP information should be supplied using DHCP with the SBS being the DHCP server, as it will hand out more scope options than possible with a router.
LVL 78

Expert Comment

by:Rob Williams
ID: 22669524
ps- the following is from an earlier post of mine with more detail. It may be of some help if you need to make changes:
It is very important with Windows Active Director domains that DNS be configured properly. If not you can run into all sorts of issues, many of which seem totally unrelated. One of the most obvious problems is slow logons and name resolution issues Some of the most obvious problems are slow logons, loss of some services, and name resolution issues.

Below is a check list for Windows 2003 servers, however if you are running Windows Small Business Server, though the rules still apply, the method for configuring is slightly different. The server NIC/s must point only to the server itself for DNS. If you have additional internal DCs/DNS servers, you can add those. Any others such as the ISPs must be removed from all NICs. Then run the CEICW (Configure E-mail and Internet Connection Wizard) which is located by going to Server Management | Internet and E-mail | Connect to the Internet. Within the wizard you will be prompted for the ISPs DNS servers which will automatically be added to the forwarders list. This also verifies DNS is properly configured, and assists with the configuration of your network related services. The wizard can be run as often as you like. If running it through a remote desktop session you may be disconnected for 5 to 30 seconds as it completes.

Clients MUST also point ONLY to your internal DNS servers. (likely just the SBS). Make sure whether assigned static addressing or DHCP addressing (preferred) they do not receive the ISPs DNS, even as an alternate.

As mentioned below, and especially with SBS, the server should be the DHCP server. If it is not have a look at the following document explaining how to move the DHCP service from the router to the SBS.
Set up DHCP on existing SBS
See "Configuring Settings for an Existing DHCP Server Service on Your Network" 1/2 way down the page.

The following link explains in detail configuring networking with an SBS:
How to configure Internet access in Windows Small Business Server 2003

Assuming you have completed the server installation, installed Active Directory, and joined the workstations to the Domain, make sure DNS is configured as follows, assuming a single network adapter:
-The server's NIC should be configured with a static IP, the Internet router as the gateway, and only the server itself as the DNS server. Do not use an ISP DNS server here
-Each workstation should be configured using DHCP (obtain and IP address and DNS automatically) or if configured with static addresses; a static IP in the same subnet as the server, same subnet mask as the server, the gateway pointing to your Internet router, and the DNS server pointing ONLY to the server/domain controller. Again do not put an ISP's DNS server here
-In the DNS management console under Administrative tools, right click on the server name and choose properties. On the Forwarders tab add your ISP's DNS servers
-If the workstations are using DHCP, open the DHCP management console on the server under Administrative tools and click on the server name to expand it, click on the scope to expand it, right click on scope options and choose configure options. On the general tab add the Internet router's IP in #003 router, the server's IP in #006 DNS Servers, and the domain name and suffix under #015 such as mydomain.local
-If  DHCP is enabled on the router, rather than the server, it should really be disabled on the router and configured on the server. Enabling DHCP on the server assists with dynamic updates to DNS for older clients, allows for central management, and far more scope options.
-The DHCP client service should be running on servers and workstations even where you are not using DHCP assignments. The DHCP client service controls the dynamic DNS updates
If you have been having DNS problems, on the workstations that have been having problems you should clear the DNS cache by entering at a command line  
  ipconfig  /flushdns
and then
  ipconfig  /registerdns

Accepted Solution

MBH_44 earned 0 total points
ID: 23148265
After months of headaches, lockups and strange random crashes - my server is finally behaving.  I'm not sure what or what combination of the following actually fixed the problem, but this is what I did:

- Updated the NIC drivers, BIOS, and various other hardware & firmware.
- Ran SBS BPA, disabled task offloading
- Configured various McAfee exclusions

No lockups, No crashes, No slow logins...  for now :)
LVL 78

Expert Comment

by:Rob Williams
ID: 23148293
Good to hear. Thanks for updating MBH_44.

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The SBS 2011 release date (RTM) is supposed to be around Christmas, 2011.  This article is a compilation of my notes -- things I have learned first hand.  The items are in a rather random order, but I think this list covers most of what is new and d…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question