We help IT Professionals succeed at work.

Slow SBS 2008 after Migration from SBS 2003

horseman2003
horseman2003 asked
on
I have recently migrated a client from SBS 2003 TO SBS 2008.  Everything has migrated across ok, users, computers, exchange and all seem to be working fine, but the client is suffering a majour issue with slow speed accessing shared files on the server from client pc's.  Client PC 's are running a mixture of Win XP and Win 7, but thats irrelivant as the client PCs were accessing the 2003 box without speed issues.
For example opening a standard excel spreadsheet it could take anything up to one minute and as sage is stored on the server this is proving impossible for reports etc.  Opening this files directly from the server is fine so this problem must be network related.
I have attached a screen dump of the SBS2008 BPA Report.  I have left it open on the "There are no DNS name server records" warning.  I have checked this and can verify that there actually is, but BPA keeps spitting this up.  
Also under the "Task Overload" warning I have ran the: netsh int ip set global taskoffload=disabled command as suggested but this warning keeps coming up.
BPA
I have also attached a screen dump of the Fix My network wizard
 fix my network
Any pointers in the right direction to solve this issue would be greatly appreciated
Comment
Watch Question

Commented:
Did you change the name of your DC when migrating?  When I migrated from SBS 2003 to SBS 2011 I had the same issue. I don't know if you are using folder redirection for my docs to save to the user network folder, but I had to change the target on the my docs folder, because it was still looking for the old servername...it slowed server based files to halt.  Once I corrected that and ran a gpupdate on the workstations, they've been running great.  

Author

Commented:
Yes changed the DC name from "server1" on SBS 2003 BOX to "SBS2008" on the SBS 2008 BOX
Maen Abu-TabanjehNetwork Administrator, Network Consultant
Top Expert 2011

Commented:
ok i guess that The _msdcs zone needs to be replicated to all DNS servers in the entire AD forest and therefore should be a separate zone rather than child entries of the root zone. Of course, since SBS doesn't support forests this shouldn't matter in the slightest.

In theory you can delete the child entries, recreate _msdcs as its own zone, and run ipconfig /registerdns on all DCs to repopulate the zone.
Maen Abu-TabanjehNetwork Administrator, Network Consultant
Top Expert 2011

Commented:
please read this :

http://blogs.technet.com/b/sbs/

Author

Commented:
Could you possibly explain this in step by step:

"In theory you can delete the child entries, recreate _msdcs as its own zone, and run ipconfig /registerdns on all DCs to repopulate the zone."
Maen Abu-TabanjehNetwork Administrator, Network Consultant
Top Expert 2011

Commented:
zz
delete the _msdcs , then follow this link :

http://support.microsoft.com/kb/817470/

then restart DNS server , and on client side run the command

ipconfig /flushdns
ipconfig /registerdns

Author

Commented:
Tried this but no joy.  Under the fix my network wizard it is still saying "DNS is using a DNS Forwarder"

Author

Commented:
Oh and now my shared drives are not working on the client PC's
I cannot map to nor see my server under "My Network Places"
Top Expert 2013
Commented:
I'll let you folks address the newer issues but as for the initial question goes......
In the BPA:
The group policy issues are likely not an issues with performance but rather just need to be cleaned up. They are carry over from the previous domain
Task offload I will address below, but can definitely be a performance problem.
The "no DNS name server records" is probably a red herring it is popping up in many server migrations and is a false report. Usually the _msdc zone is fine dispite thsi warning.

The Fix my network issues:
The could not configure the router just indicates NPnP is disabled on the router, which is good. NPnP needs to be enabled for SBS to configure the router, but that is a security risk. I would leave it as is.
DNS is using a forwarder is also fine and I would leave alone. SBS 2003 uses forwarders by default. SBS 2008/2011 use root hints by default. Both work fine. Your forwarders was carried over during the migration. Having said that in a few cases there is a known issue with root hints on SBS 201, so I wouldn’t change.

As for performance issues:
There are some known issues with newer advanced NIC properties such as "Task Offloading", and “Receive-Side Scaling” which drastically affect performance and stability of file share access if enabled and especially if you are running older drivers. The following outline  changing for the command line but I have found in some cases you have to do so within the advanced NIC properties for them to take effect. Any of these changes require a reboot to take effect.

To disable Receive-Side Scaling, at a command prompt, with elevated privileges, run the the following command:
netsh int tcp set global rss=disabled

To disable Task Offload, at a command prompt, with elevated privileges, run the the following command:
netsh int ip set global taskoffload=disabled

To disable Add-On Congestion Control Provider, at a command prompt, with elevated privileges, run the the following command:
netsh int tcp set global congestion=none

For more information Information about the TCP Chimney Offload, Receive Side Scaling, and Network Direct Memory Access features in Windows Server 2008
http://go.microsoft.com/fwlink/?LinkId=189029

Related blog articles:
http://blogs.technet.com/b/networking/archive/2008/11/14/the-effect-of-tcp-chimney-offload-on-viewing-network-traffic.aspx
http://blogs.dirteam.com/blogs/sanderberkouwer/archive/2008/05/15/backward-compatible-networking-with-server-core.aspx
http://support.microsoft.com/kb/951037
http://msmvps.com/blogs/thenakedmvp/archive/2010/02/23/rss-tcp-offloading-strikes-again-microsoft-should-kill-this-feature-for-the-masses.aspx
http://www.petestilgoe.com/2008/01/sbs-2003-sp2-broadcom-nics-slow-network/

Additional performance issues:
Slow opening of files, especially Office files, is often related to Windows searching for old links that no longer exist. Finding these can sometimes be a bit time consuming. A few places to look:
-Network places. Look for links/connections that no longer exist.
  (I prefer to also turn off "automatically search for network folders and printers". Locate by going to the menu bar of my computer | tools | folder options | View | fist item)
-My computer. Look for mapped drives that are disconnected.
-Start menu "recent Documents". To clear; right click on task bar and choose properties | start menu tab | customize | advanced | clear list
-If the Word or Excel applications are slow opening the files from the menu, clear the recent document list within the application. To do so in Word; open the application | on the menu bar choose  tools | options | general | un-check "recently used file list | choose OK to apply | then you can go back in and re-enable. Excel is similar.

Maen Abu-TabanjehNetwork Administrator, Network Consultant
Top Expert 2011
Commented:
did you clean up metadata after migration?

follow these :

http://support.microsoft.com/kb/216498

http://support.microsoft.com/kb/255504

also as other suggestion backup your DNS data and remove DNS and recreate it again
Top Expert 2013

Commented:
No, I meant clean up the group polices. There are some group polices from 2003 that are carried forward. They will not cause problems but are ineffective on the new server and show up in the BPA.

Author

Commented:
Just a note to say the old server is switched off but may not have been correctly removed as it kept crashing hence the need for a migration.
Also this morning I have tried a bog standard pci express Lan card in the server and disabled the other 2 onboard, but the server didn't like this and every time upon reboot it would lock up and wouldn't load necessary services.
Clients today are also reportingh very slow logon times.
Your advice is greatly appreciated thus far, any other suggestions?
Top Expert 2013

Commented:
Might you have disabled IPv6? That will cause some of the issues you described. You must leave it enabled.
You can only have 1 NIC enabled on an SBS. All others must be disabled, not just disconnected, and after installing you must run the fix my network wizard.

Slow logons are usually due to improperly configured DNS. Makes sure the SBS points ONLY to itself for DNS. If adding ISP's or routers to DNS on the SBS they must be added as forwarders, not on the NIC. The workstations whether using dynamic or static IP's must point ONLY to the SBS for DNS, do not add an alternate of any sort in the NIC DNS configuration. Your SBS should also be the DHCP server, not the router.

Author

Commented:
Im using IPv4, does IPv6 still need to be enabled.  Don't thing I have disabled it, where would i check this?
All network cards are disabled except the one I am using.

Is it necessary to add my router to the DNS.  My router is connected via a firewal, and the ip address of the firewall is what I have configured as my Gateway just like the old Server. Server as you suggested is the DHCP server...
Maen Abu-TabanjehNetwork Administrator, Network Consultant
Top Expert 2011

Commented:
try to disable IPv6 from registry .. and why you don't backup DNS and reinstall it again?
Top Expert 2013

Commented:
Do not disable IPv6. Doing so breaks numerous "things" with SBS causing problems such as reboots. What causes the problem is in the NIC configuration under properties, unchecking IPv6.

No you do not need to add the router to DNS.

Have you run the fix my network issue? Did it report any problems?

Author

Commented:
ipv6 is ticked, but when I went into the properties, it has a stactic address set, even though I have't set it and I don't use IPv6.  See attached Screen Grab ip6

Author

Commented:
On fix my network wizzard I'm getting a new error report: DHCP is not configured for IPV6....
Top Expert 2013

Commented:
That is correct. The server assigns itself an IPv6 IP and points itself to that IP for DNS.

Do the PC's point ONLY to the server for DNS?
Maen Abu-TabanjehNetwork Administrator, Network Consultant
Top Expert 2011

Commented:
disable IPv6 from server follow these steps :

Uncheck Internet Protocol Version 6 (TCP/IPv6) on your Network Card.
In Registry Editor, locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\
Double-click DisabledComponents to modify the DisabledComponents entry.
Note If the DisabledComponents entry is unavailable, you must create it. To do this, follow these steps:
In the Edit menu, point to New, and then click DWORD (32-bit) Value.
Type DisabledComponents, and then press ENTER.
Double-click DisabledComponents.
Enter "ffffffff" (eight f’s), and then click OK.

go to DHCP you will find two nodes :
ipv4 and IPv6 , remove IPv6 node , right click then delete , also dont forget to untick IPv6 from all Nics on your server... then reboot server and try
Top Expert 2013

Commented:
Was a scope created for IPv6 DHCP? normally IPv6 is present in the DHCP console but shows "server options" only, and no Scope. Under server options there are usually only 2 options DNS recursive name and domain search list

Author

Commented:
Ok, haven't done much work with IPv6.
Yes all machines are pointing to the server ***.***.***.55 for both dns and dhcp
I re-ran "Fix My network and it only came up with Could not configure router as per my first post, but thats ok as my router sits behind a firewall.

I re-ram BPA and the problems that stand out at me and make me think the whole issue is dns related are as follows:
horseman2003-528574.flv
Maen Abu-TabanjehNetwork Administrator, Network Consultant
Top Expert 2011

Commented:
ok , follow this :

Deleted the _msdcs.domain.local.com zone completely.
Deleted the _msdcs entry in domain.local.com DNS zone.
net stop netlogon
net start dns logon


Maen Abu-TabanjehNetwork Administrator, Network Consultant
Top Expert 2011

Commented:
sorry i meant in last line :
netlogon not dnslogon .. the launch the wizard again , it will work perfectly

Author

Commented:
Jordannet - I have deleted the _msdcs.domain.local.com zone completely
but can't find or not sure where you mean by the "_msdcs entry in domain.local.com DNS zone"
Thanks for your fast responses guys...

Author

Commented:
RobWill - there is no scope created for ipv6.  Do I need to even though I'M using IP4?
Maen Abu-TabanjehNetwork Administrator, Network Consultant
Top Expert 2011

Commented:
try :

Click Start, click Run, type regedit in the Open box, and then click OK.
In Registry Editor, locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
In the right pane, right-click Domain, and then click Delete.
When you are prompted to confirm the deletion, click Yes.
Repeat steps 3 and 4 for the Hostname, NV Domain, and NV Hostname registry entries.
On the Edit menu, point to New, and then click String Value.
Type Domain, and then double-click Domain.
In the Value data box, type the Active Directory domain name, and then click OK. For example, you may type contoso.com as the domain name.
Repeat steps 6 through 8 for the NV Domain registry entry.
On the Edit menu, point to New, and then click String Value.
Type Hostname, and then double-click Hostname.
In the Value data box, type the computer name, and then click OK.
Repeat steps 10 through 12 for the NV Hostname registry value.
Quit Registry Editor.
Click Start, click Run, type services.msc in the Open box, and then click OK.
In the right pane of the Services window, locate and then click Net Logon.
On the Action menu, click Stop.
On the Action menu, click Start.
Maen Abu-TabanjehNetwork Administrator, Network Consultant
Top Expert 2011

Commented:
after the above one .. try to run wizard

Author

Commented:
I have done as you suggested but this has opened up a whole can of worms.
"Fix my Network wizzard will no longer run - (crashes out)
and BPA Has coughed up a lot more problems; See below
horseman2003-528607.flv
Maen Abu-TabanjehNetwork Administrator, Network Consultant
Top Expert 2011

Commented:
ok don't worry i think it will be solved ,just to eliminate this error follow this link :

http://blogs.technet.com/b/sbs/archive/2009/09/03/how-to-manually-create-the-sbs-2008-and-wsus-group-policies-objects.aspx
Top Expert 2013

Commented:
Sorry horseman2003, I have been called away on a service call. Just checking in as time allows.
>>"RobWill - there is no scope created for ipv6.  Do I need to even though I'M using IP4? "
No, and I would recomend not doing so.

As for the other changes, they make me a little nervous this is SBS not server standard and has to be treated differently where there are so many interrelated services.

Author

Commented:
Guy, I have sorted majority of issues with the BPA that would be having an affect on speed accessing shared folders but still frustratingly no improvement.
I noticed the below under "Informational Items" in BPA.: BPA2
Why is it stating Windows SBS 2008 domain funtional level is: Windows Server 2003 domain level?
also
Why is it stating that it is able to ping "SBS2008" (its own name) - Would it not be obvious it could ping itself?
I found this blog http://blog.chrisara.com.au/2009/02/slow-opening-of-office-2007-documents.html which describes exactly the problem I am have.  I tried what was suggested but still no joy :-(
Maen Abu-TabanjehNetwork Administrator, Network Consultant
Top Expert 2011

Commented:
Windows 2003 Level :
Supported domain controllers: Windows Server 2003, Windows Server 2008, Windows Server 2008 R2
Supported features: domain controller rename, logon timestamp attribute updated and replicated. User password support on the InetOrgPerson objectClass. Constrained delegation, you can redirect the Users and Computers containers.

here is difference between these functional level :

http://technet.microsoft.com/en-us/library/understanding-active-directory-functional-levels(WS.10).aspx

am not sure if you raise the level to 2008 it will solve the problem , but be careful if you raise to 2008 you will not be able to roll back to 2003
Top Expert 2013

Commented:
Domain functional level has no bearing on any of your issues. The default is server 2003. It means you can add server 2003 domain controllers to your domain. If you raise the functional level you will be limited to the new functional level servers but have some additional security features. Once you raise it you can never go back.

>>"Why is it stating that it is able to ping "SBS2008""
Items with an 'i' in front are informational only. They do bot indicate a problem, but in this case are simply the results of tests/checks.

As for slow opening of files, did you review the list I provided at the first of this thread? They address all of the common known issues with SBS, assuming DNS is all in order (the #1 culprit)

Author

Commented:
The DNS is working fine now and I thought it was the culprit to.  More research today has pointed me in the direction of disabling the SMB 2.0
sEE HERE:
http://blog.korteksolutions.com/disable-smb-20-on-windows-server-2008/
Would this help?  Just waiting to restart the server as the client has been using it today.
Maen Abu-TabanjehNetwork Administrator, Network Consultant
Top Expert 2011

Commented:
can you reboot your server and try again???

Author

Commented:
Problem eventually Solved :-) Turned our to be a faulty Switch! Replaced it last night and everything kicked into normal speed.  Will split points between jordannet and RobWill.  Thanks for your help guys.
Top Expert 2013

Commented:
Any chance the server, PCs, or the switch may have had speed and duplex manual set on one and not the other? They must be set the same, so if one is auto-negotiate the others must be as well or performance can be cut by 60% by the switch.
Maen Abu-TabanjehNetwork Administrator, Network Consultant
Top Expert 2011

Commented:
ha?? what the news?

Author

Commented:
All were on Auto negotiate which is Odd..
Maen Abu-TabanjehNetwork Administrator, Network Consultant
Top Expert 2011

Commented:
lol , but wish your problem solved , this what am trying to know