Solved

Windows 7 64-bit logon to Windows 2008 DC slow.

Posted on 2010-11-26
5
830 Views
Last Modified: 2012-05-10
Hello;

I just read some articles to mention that why the Windows 7 slow logon to Windows 2K8 DC, some articles said that if the DC is a multi-home server, it will cause this problem.

I am not sure if it is 100% apply to my case but my DC is a multi-home server because it is running as a file server too and this server has 3 network interfaces, one for LAN and 2 for iSCSI SAN.  The ip address for iSCSI SAN is different from LAN.

This server is the first DC in my domain and I have another 2 DCs in LAN as backup.   My current DNS is pointing to there

IP address : 192.168.1.55
Subnet mask : 255.255.255.0
Gateway : 192.168.1.254
DNS Server: 192.168.1.3, 192.168.2.1, 192.168.1.2

The ip 192.168.1.2 is my first DC.  

Based on this information, how can I improve the user's logon speed?
0
Comment
Question by:KANEWONG
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 34219353
On the interfaces being used for iSCSI, disable all protocols and services except for TCP/IP. Under TCP/IP, tell it not to register the connection in DNS (under TCP/IP advanced tab).

run "ipconfig /registerdns" from an elevated command prompt on the DC. If you check DNS, you should see only the main IP address of the DC listed in DNS. Delete all references to the IP addresses used for iSCSI.
0
 
LVL 1

Author Comment

by:KANEWONG
ID: 34219461
I checked the DNS tab of TCP/IP on network interface for iSCSI, they have been disable for DNS since setup.  When I looked at the DNS server, even though I removed the one I don't need but it come back automatically.   I am not sure if because the DNS for DC and this iSCSI are on the same box.
0
 
LVL 42

Assisted Solution

by:kevinhsieh
kevinhsieh earned 100 total points
ID: 34219484
Add a static DNS entry for your DC, and clear "Allow any authenticated user to update DNS records...".  Delete all of the dynamic entries for your DC. This should prevent the DC from registering additional IP addresses into DNS.
0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 150 total points
ID: 34219652
First you need to go into DNS make sure DNS is listening on only one IP address.

http://technet.microsoft.com/en-us/library/cc759481(WS.10).aspx

You should not be running a multihomed server as a Domain Controller.


0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34219674
One more thing as well. Go to your Network Connections click Advance Settings make sure your primary NIC is listed first
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question