Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 768
  • Last Modified:

Extended delay logging into domain - SBS 2003 and Vista Business

I have an SBS 2003 box with a desktop and two laptops as clients. The server has 1 NIC and the IP addresses are: -

router - 192.168.16.1 (DHCP off)
hardware firewall - 192.168.16.2
WAP - 192.168.16.3
print server - 192.168.16.4
SBS server - 192.168.16.9 (DHCP on)
everything else - dynamic address.

The desktop and both laptops are Vista Business. All configured using the //servername/connectcomputer wizard from the SBS box.

Everything is OK except for one laptop - when switching on it takes upwards of 10 minutes to get to the login screen and similarly after logging in - the 'Please Wait' screen is there for what seems like 10-15 mins. When the laptop is not on the domain, it fires up as normal. The TCP/IP settings are identical with the other laptop and has the SBS box as the first DNS server and my ISP's as the second.

The SBS box is up to date on the Windows Update, including the Vista Outlook patch.

Any help would be appreciated.
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Alex-PC
   Primary Dns Suffix  . . . . . . . : domain.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.local
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : domain.local
   Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection
   Physical Address. . . . . . . . . : 00-A0-D1-6C-1D-CC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : domain.local
   Description . . . . . . . . . . . : Atheros AR5006EG Wireless Network Adapter
   Physical Address. . . . . . . . . : 00-16-E3-CD-92-94
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::3559:7e36:564b:b47c%7(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.16.12(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 22 February 2009 13:38:28
   Lease Expires . . . . . . . . . . : 02 March 2009 13:38:34
   Default Gateway . . . . . . . . . : 192.168.16.1
   DHCP Server . . . . . . . . . . . : 192.168.16.9
   DHCPv6 IAID . . . . . . . . . . . : 151000803
   DNS Servers . . . . . . . . . . . : 192.168.16.9
                                       195.7.224.143
   Primary WINS Server . . . . . . . : 192.168.16.9
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter Local Area Connection* 11:
 
   Connection-specific DNS Suffix  . : domain.local
   Description . . . . . . . . . . . : isatap.domain.local
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5efe:192.168.16.12%10(Preferred) 
   Default Gateway . . . . . . . . . : 
   DNS Servers . . . . . . . . . . . : 192.168.16.9
                                       195.7.224.143
   NetBIOS over Tcpip. . . . . . . . : Disabled

Open in new window

0
CSHTech
Asked:
CSHTech
4 Solutions
 
suppsawsCommented:
here is youtr problem: 195.7.224.143
get that externad dns server OUT of the tcp/ip properties.
external dns servers need to be configured in the connect to the internet wizard where they will be set as dns forwarders.
0
 
CSHTechAuthor Commented:
Thanks for the reply.

Settings changed to automatic, but still a massive delay. The laptop has been fully updated (including SP1).

It looks like I still have an issue with the initial connection to the network...................
0
 
suppsawsCommented:
if you are sure the client is on dhcp and pointing the dns to the SBS everything should be fine.
did you also do an update of the NIC drivers?
there are issues on some NIC drivers on vista with SBS:
http://sbs.editme.com/vista
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
CSHTechAuthor Commented:
DNS is fine. The NIC drivers are the latest (from the Windows Update site). I have already installed KB 926505 downloads.

I cannot see it being an NIC issue, as this is occurring with both ethernet and wireless LAN interfaces...?
0
 
CSHTechAuthor Commented:
I am going to try netdiag.exe to see if it throws up something as I understand that it works in Vista.
0
 
suppsawsCommented:
certainly try it with the ethernet nic, let's skip the wireless one for now.
" The TCP/IP settings are identical with the other laptop and has the SBS box as the first DNS server and my ISP's as the second.
"
so did you remove the second dns, and RERUN the connect to the internet wizard??
that should solve it
0
 
CSHTechAuthor Commented:
The laptop had the SBS server and 1 ISP DNS server in the TCP/IP settings - it now obtains automatically from the server and ipconfig shows the server only for DNS.
The server has the ISP DNS addresses configured during the initial CEIW setup.

I have to go elsewhere for the time being but will post back any updates later today. Many thanks for your help, BTW.

0
 
Hypercat (Deb)Commented:
Be sure that the server itself is also only pointing to itself for DNS.  The CEICW will put the ISP's DNS addresses in the properties of your DNS service as forwarders, and that's fine. However, you need to be sure that the ISP's DNS server address is not in the IP Properties of the server's NIC. Only the server's own IP address should be there.
0
 
CSHTechAuthor Commented:
Update - ethernet driver updated to latest version from website and working correctly. Still getting delay - 20 mins to get to login screen!
Checked event viewer (eventually) and found the below warnings re Winlogon and GroupPolicy.

The other two Vista clients connect OK, so I'm at a loss as to why this should be the case with this machine....?
Log Name:      Application
Source:        Microsoft-Windows-Winlogon
Date:          23/02/2009 21:04:27
Event ID:      6006
Task Category: None
Level:         Warning
 
Description:
The winlogon notification subscriber <GPClient> took 1080 second(s) to handle the notification event (Logon).
 
 
Log Name:      System
Source:        Microsoft-Windows-GroupPolicy
Date:          23/02/2009 21:04:24
Event ID:      1104
Task Category: None
Level:         Warning
Keywords:      
User:          domain\Will
Computer:      Will-PC.domain.local
Description:
Windows was unable to read the Windows Management Instrumentation (WMI) filter information associated with the Group Policy object CN={C5F7B8DA-0854-40AB-A193-A24E1F36C7CC},CN=Policies,CN=System,DC=cshcomputerservices,DC=local.This may be caused by a deleted WMI Filter defined in the domain that is still in use by Group Policy objects. Group Policy settings for this Group Policy object will not be enforced. Other Group Policy objects may still apply. Windows will attempt to retrieve this information at the next policy cycle. This speciffic problem may be resolved by identifying all GPOs that reference the WMI filter and removing the references. Contact an administrator if this event recurs for several hours.
    <Data Name="GPOCNName">CN={C5F7B8DA-0854-40AB-A193-A24E1F36C7CC},CN=Policies,CN=System,DC=domain,DC=local</Data>
  </EventData>
</Event>

Open in new window

0
 
suppsawsCommented:
0
 
CSHTechAuthor Commented:
The client was connected by the Connectcomputer wizard but did not go through all that process to 'unjoin' - just chnaged it back into workgroup.

Further info - the C5F7B8DA-0854-40AB-A193-A24E1F36C7CC Group Policy referred to relates to the Windows Vista policy which as I mentioned, works fine for the other two Vista clients.
0
 
suppsawsCommented:
you need to unjoin it correctly using that tutorial, it's very important thzt the pc is joined correctly to an sbs domain.
0
 
CSHTechAuthor Commented:
OK, will try the process in the tutorial.

Re the network config wizard referred to in the tutorial as I'm a little confused about one point - the username and password step (before assigning the user window) - does this require the server admin user/password details or the actual client user/password details?  
0
 
suppsawsCommented:
server username and pass.
assigning a computer is to make the user local admin of the pc.
0
 
CSHTechAuthor Commented:
Apologies for being thick (late night!) - when you say server username, is that the new user or the server administrator?
0
 
suppsawsCommented:
server domain admin account
0
 
CSHTechAuthor Commented:
Thanks - will update.
0
 
CSHTechAuthor Commented:
Unfortunately still has a delay even after running the tutorial - still 'Please wait' after 8 mins and counting.....
0
 
PopeKaelCommented:
I'm going to chime in at this point because I'm also getting this problem and can focus the attention on Group Policy.

I've been seeing this delayed login on most of out new Vista laptops. It doesn't happen on every system, but enough for it to be an issue. It's especially become an issue for me since receiving my new laptop yesterday.

I have used group policy quite a bit in our network over the years, but Vista has new caviats which I'm yet to get my head around. Anyway, this error is telling me that it took 600 seconds, which is the default time set in GP for 'Maximum wait time for Group Policy scripts. I have reset this timer to 60 seconds and found that the 10 minute wait to login to the client PC has now been reduced to 1 minute.

What I would like to know is what is causing this issue as it has nothing to do with NIC's or Domain controllers as everything points to Group Policy processing.

If I move the equipment into an OU without any policy, I don't see this problem. This issue is only seen on Vista loaded PC's and all our XP systems login fine.
0
 
CSHTechAuthor Commented:
I suspect that this is may be due to an issue with the WMI processing in Vista.

Although the laptop in question had SP1 (which alledgedly has the fix mentioned in http://support.microsoft.com/kb/930955 - "Moveuser.exe is incompatible with Windows Vista and is replaced by the new Win32_UserProfile WMI functionality") - processing of WMI and Vista policy just resulted in a continuous loop.

Having reformatted and reinstalling Vista, I installed the hotfix at kb930955 before SP1 and the laptop can now log in to the network normally, with no issues.

This is only a suspicion, but it seems to be the only logical one as the issue seemed to be with Vista itself.

HTH.
0
 
suppsawsCommented:
hm PopeKael, could your also try this kb? kb930955
I've installed so much vista's, never had this problem before, very strange.
0
 
CSHTechAuthor Commented:
suppsaws, many thanks for your help. Have awarded 500 points as you helped me get this resolved. Regards.
0
 
CSHTechAuthor Commented:
FWIW, I also believe that the combination of Updates on the individual Vista machines also affects the processing of policies between SBS 2003 and Vista, as in my case the initial (failed) connection involved a Vista machine with full updates and the successful one was based on minimal updates initially.

It is a pity that Vista has these issues - hopefully Windows 7 will be a little bit better....
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now