Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Win7, Remote Site, endless Logon

Posted on 2010-08-19
4
690 Views
Last Modified: 2012-08-14
Hi Experts,

i have a Problem with a Win7 machine. Long story short: The machine has absolute no problem at the Headquarter, but at a remote site it needs endless until the logon screen appears and endless until the users desktop appears.

Short story long :-)
I dont want to affect your opinions, but i think it has something to do with the fact, that there is no DC at the remote site. The problem occurs only as domain member. when we take it out of the domain, it boots fast.
Some facts:
the user has no server profile
the sites are connected via IPsec
the client gets his ip via DHCP and has the SBS2003 at the HQ as prim. DNS
There is another DC at HQ but without DNS
There are other DCS at others sites, but cant be reached, no routing
I checked the AD sites&services, the site is created, the subnet is configured, there is a intersite-connection to HQ with lowest costs
I checked the RegKey  HKLM\system\curr.contr.set\services\netlogon\parameters\dynamicsitename
the value on the client is the site it should be
i checked the entries in DNS _ldap.tcp_.<sitename>._sites.dc._msdcs.domain.local
there are entries from the two dc at HQ
the windows logfile on both DC at HQ have an entry->
5792 Logon : the remote site has no LDAP entries, LDAP-Server from site HQ will govern this site due to replication costs

after endless logon there are entries in windows logfiles
event 6006 logon : GPClient needed 206 sec. to create session
event 6005 logon : GPClient needs some time to logon
event 6006 logon : GPClient needed 252 sec. to logon

the networkdrives from the startscript are connected and accessable

i checked gpupdate /force
it takes about a minute
ive seen gpupdate failed one time, after a (long :-) reboot it worked again

i checked viáriable logonserver, its the sbs2003 at HQ

i checked nblookup, works
i checked nslookup, works
i can ping across the tunnel everthing from everywhere

you can work with the machine after this long boot and logon periode as normal.
access shares and so on

a winXP machine on this site has no problems

can anybody help?
i can prioide drawings of the network, screenshots, anything you need

thanks in advance
0
Comment
Question by:deibel
  • 2
  • 2
4 Comments
 
LVL 17

Expert Comment

by:aoakeley
ID: 33473349
If there is no DC at the remote site, then I do not believe there is any reason to have that remote site in AD Sites and Services. Attach the subnet of the remote site to the HQ Site. This will ensure that the computers in the remote site always try the HQ domain controller (which they can route to) first.

Andy
0
 
LVL 5

Author Comment

by:deibel
ID: 33473701
ok, we dont have site dependend rules so i gave it a try
changed the subnet to HQ site, left the remote site in AD but with no subnets
replicated it to other dc

but it didnt help
boot and logon still endless

ich checked the regkey dynamicsitename again. its now HQ site
0
 
LVL 17

Expert Comment

by:aoakeley
ID: 33475110
Does the workstation have IIS running on it?
Does it have a printer using the HP CUE DeviceDiscovery Service configured on it?
Is there anything else that could be looking for something on another site? Printer etc?
You say there is no server profile - what about folder redirection?
Anything in this thread look useful ? http://social.technet.microsoft.com/Forums/en-US/itprovistanetworking/thread/56310e15-32df-457a-bc38-4cc2fce0a5e5 
0
 
LVL 5

Accepted Solution

by:
deibel earned 0 total points
ID: 33834174
we finally opened a case at ms support
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question