DC change slow network

We just changed from a RODC to a RWDC. We are experiencing slow network performance. Login script is slow and computers hang on applying computer settings. Accessing applications on our fileserver has also become slower. We still have the old DC, we just shut it down for testing before we demote it. Just powered it back on to see if it changes anything. Any ideas?
eltel-it-norAsked:
Who is Participating?
 
qf3l3kCommented:
You can also check if people are authenticated against new domain controller or not.
Maybe what happened is, that computer are accessing another domain controller over the WAN rather than authenticate users against local machine?

In command prompt you can check: echo %logonserver%

Also, same time, make sure that new domain controller is placed in same site as computers and appropriate IP subnet is assigned to that site to allow computers to identify closest DC.
0
 
Vinchenzo-the-SecondCommented:
Is the DC a Global Catalogue.  If not enable.

Open up ADSS, navigate to the DC and go to properties, put a check box in the Global Catalogue
0
 
SaadAhmedFarooquiCommented:
What about DNS entries on teh client computers? were they pointing to the new DC or old DC.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
AwinishCommented:
Did you change DNS setting to the clients as well as on other DC's to point to new RWDC for getting DNS.
Systems in domain should always point local dns server only.
Also, make sure DC is global catalog server too.

0
 
eltel-it-norAuthor Commented:
Server is GC. DNS changed. WINS changed. DNS and WINS changed in DHCP scope. DNS records checked. DNS in routers and FWs changed. Clients OK.
0
 
AwinishCommented:
Is it still slow or issue resolved, make sure DC is not multihomed DC.
http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/a1583d7f-fa59-4497-89de-666d683e53a0/

0
 
Vinchenzo-the-SecondCommented:
make sure the DC is pointing to itself first for dns resolution
0
 
eltel-it-norAuthor Commented:
Still slow. DC is not multihomed. Looks more to be related to VPN or possibly vmware hosts (both DCs on same vmware cluster, all multihomed ESX hosts). DC has always been pointing to itself for DNS resolution.
0
 
eltel-it-norAuthor Commented:
See here we forgot to change the WINS server IPs on some member servers. DHCP scope was OK, but some servers had old WINS IP.
0
 
eltel-it-norAuthor Commented:
Looks more and more like routing problems of some sort
0
 
eltel-it-norAuthor Commented:
We have very high latency on tracert against all of our branch offices except 3 (using different ISP). ISP denies having had problems, however latency problem just dissapeared without a trace...
0
 
Vinchenzo-the-SecondCommented:
how many users do you have at each location?  it would be wise if you can to place a DC with DNS at each location.
0
 
eltel-it-norAuthor Commented:
Just a few users. Not possible to place DC at each location as we are bound by corporate policies and budgets.
0
 
eltel-it-norAuthor Commented:
It seems WINS was a possible culprit here. After changing WINS server address on some servers and routers where it was missing/wrong there has been no more reports of high latency. However as we have not yet demoted the old RODC XP users report that clients use a long time at "applying computer settings". Typically 20-60 sec.
0
 
AwinishCommented:
0
 
NetfloCommented:
Hi eltel-it-nor

I would recommend enabling Userenv  Logging and take a look at the log file which will tell you exactly what is going on under the hood during the "applying computer settings"

http://blogs.technet.com/b/askds/archive/2008/11/11/understanding-how-to-read-a-userenv-log-part-1.aspx]

Hope this helps.
0
 
eltel-it-norAuthor Commented:
echo %logonserver% is ok. The server is in ADSS in the correct site, however the demoted server was still there. I deleted that object and we'll see. As of now i still have complaints about extreemely slow logons at times. Seems to be sporadic. sometimes ok sometimes 20 sec and sometimes 20 min(!!)
0
 
NetfloCommented:
Did you view the USERENV.LOG file? As this would tell you exactly what is going on behind the screen?
0
 
qf3l3kCommented:
As you had old domain controller in ADSS there is a chance that it is still listed in DNS.
That might cause computers to logon slow... as they might pickup old domain controller's IP from DNS and try to contact it for some time and then move to existing one.
Check DNS and if  remove old DC is still there.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.