• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1242
  • Last Modified:

Slow to login to Domain Server from all workstations

I am working with a Small Business Server 2003 domain setup.
All workstations are Windows XP SP2.

About 3 months ago, when a workstation logged in, it started taking about 5 minutes to get to the desktop. Suddenly last week, it started taking from 20 minutes to 2 hours to boot a workstation and login.  This happens for all workstations.  As far as I know, nothing on the server has changed. I do not maintain this server but they call me when there are problems.

It is not a one time delay but the whole logon process takes forever.  Even after the desktop comes up, the user can't do anything for 3-4 minutes. Once this whole process is done, every thingn works fine.

All the searching I have done indicates I should be looking at the DNS settings of the clients.  I would think if that was the problem, I would have one long delay and then logon would proceed as normal. Anyway, the DNS settings on the clients has not changed in the last year.

On one workstation, I enabled the UserEnv logging and you can see the delay.
The following 12 lines cover 1 hour of waiting.

USERENV(320.4b8) 11:25:50:078 PingComputer:  First time:  0
USERENV(320.4b8) 11:25:50:078 PingComputer:  Fast link.  Exiting.
USERENV(320.4b8) 11:44:45:218 MyGetUserName:  GetUserNameEx failed with 1727.
USERENV(320.4b8) 11:44:45:218 MyGetUserName:  Retrying call to GetUserNameEx in 1/2 second.
USERENV(320.4b8) 12:03:40:968 MyGetUserName:  GetUserNameEx failed with 1727.
USERENV(320.4b8) 12:03:40:968 MyGetUserName:  Retrying call to GetUserNameEx in 1/2 second.
USERENV(320.4b8) 12:22:36:609 MyGetUserName:  GetUserNameEx failed with 1727.
USERENV(320.4b8) 12:22:36:609 MyGetUserName:  Retrying call to GetUserNameEx in 1/2 second.
USERENV(320.324) 12:25:50:156 IsSyncForegroundPolicyRefresh: Synchronous, Reason: NonCachedCredentials
USERENV(320.4b8) 12:27:04:656 MyGetUserName:  GetUserNameEx failed with 1355.
USERENV(320.4b8) 12:27:04:656 ProcessGPOs: MyGetUserName failed with 1355.
USERENV(320.4b8) 12:27:04:656 ProcessGPOs: No WMI logging done in this policy cycle.

At this point, I disconnected the network cable and the computer desktop came right up. Of course the network shares, etc were not available.

I tried setting "Always wait for the network at computer startup and logon" to disabled. It was 'Not Configured', No difference.

Any advice?
2 Solutions
With slow logon DNS is usually the chief culprit.

do an IPCONFIG /all on the client machines and make sure that the one and only DNS server listed is the Windows Server
According this log your workstation seems to be unable to reach the logon server, you should check the DNS but also the NETLOGON service on the server and the Group Policy assigned to your computers (you could try disabling any GPO)...

For long logon time, you should also check the size of your users profiles if they store it on the server (this does not seems to be the problem according your log, but it's better to check) .

Also verify that your DNS services aren't having problems.  Even though the clients could be pointed to the right place your DNS server could be screwed up.  There are DNS Server Logs in the event viewer, and you should be able to open the DNS console and see that all of the entries are there for the DC (Start of Authority, Name Server should both have Data of the server name) and then a Host (A) record for that server name as well.
Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

Just in case it isnt DNS....

Look in Network Connections>Tools>Advanced (at the top), and list what your connection order is. Any bindings that arent in use listed? Check the next tab as well, and list what the providers are ordered in...

Reason I suggest this, is that maybe you have had an update/application install that might have hosed the order...
Please check with nslookup tool and try to resolve your domain, and don't forget check if you have software for protection like firewall on your workstations.
techmastercomputerAuthor Commented:

Ok, I set Network Connection TCP/IP DNS to the server with no ALT DNS. I was able to logon relatively fast, <1min. All server related functions were working but the internet connection (IE) would not work.  I set the LAN settings or IE to "Use a proxy server for your LAN..." and entered the address and port. At this point IE was working. Seems a little slow at start up but didn't test it enough to be sure.  At this point I thought I was done.  Then determined that the email on the client did not work. Using OUTLOOK 2003 and all email is on yahoo.  It appears that it can not find the yahoo servers.  I would assume it is a DNS problem but will not be able to look at until tomorrow.

So I have fixed one problem but caused multiple others.

I don't understand how their server worked up until this point. For the last 2 1/2 years they have not used the DNS server but used the IP's DNS server. I don't know how they were able to log in to the domain over the last 2 years.  I didn't change it because it was working.

My original problem I can fix but now I need to fix the others. Maybe this should be closed and a different thread opened for the other problems.
techmastercomputerAuthor Commented:
Did not solve all my problems.
On the 2003 server, add the IP of the dns servers of your ISP (your "alt dns" probably) in the DNS Server configuration as "Forwarders".

*not in the DNS configuration of your network adapter*, but in the configuration of the DNS server itself...

Administrative Tools / DNS / Properties of your server / Forwarders

Check also that you do not have a "." zone in the "forward lookup zone"

The right setup : your workstations use the server as DNS Resolver, the server reply directly for everything related to the local network, and forward every other request to the ISP.

If you configure the workstation to use directly the ISP server, as this server cannot reply for anything about your local network -> error and timeout/delay

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now