Solved

SBS 2008 - Very long logon on clients (Please Wait)

Posted on 2014-02-03
7
803 Views
Last Modified: 2014-02-06
Hi Experts,

On a SBS 2008 Server network, we encounter some long time clients connection with the "Please Wait" message. I found the Winlogon Event IDs 6005 and 6006 :

System
 
Provider
 
[ Name]
Microsoft-Windows-Winlogon
 
[ Guid]
{DBxxxxxx-7xxx-43xx-91xx-AxxxxxxxBxx8}
 
[ EventSourceName]
Wlclntfy
 
-
EventID
6005
 
[ Qualifiers]
32768
 
Version
0
 
Level
3
 
Task
0
 
Opcode
0
 
Keywords
0x80000000000000
 
-
TimeCreated
 
[ SystemTime]
2014-02-03T07:51:12.000000000Z
 
EventRecordID
91971
 
Correlation
 
-
Execution
 
[ ProcessID]
0
 
[ ThreadID]
0
 
Channel
Application
 
Computer
clientcomputer1.domain.local
 
 
Security
 
-
EventData
 
GPClient
 
CreateSession
 
00000000
 
 
 
System
 
-
Provider
 
[ Name]
Microsoft-Windows-Winlogon
 
[ Guid]
{DBxxxxxx-7xxx-43xx-91xx-AxxxxxxxBxx8}
 
[ EventSourceName]
Wlclntfy
 
-
EventID
6006
 
[ Qualifiers]
32768
 
Version
0
 
Level
3
 
Task
0
 
Opcode
0
 
Keywords
0x80000000000000
 
-
TimeCreated
 
[ SystemTime]
2014-02-03T07:51:12.000000000Z
 
EventRecordID
91972
 
Correlation
 
-
Execution
 
[ ProcessID]
0
 
[ ThreadID]
0
 
Channel
Application
 
Computer
clientcomputer1.domain.local
 
 
Security
 
-
EventData
 
GPClient
 
60
 
CreateSession
 
04000000


Event ID 10 occurs with Source : WMI

Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 

I found that in the DNS local domain it was a _msdcs Host A and subdomains (_site, _TCP, _UDP, ForestDNSZone, DoaminDNSZone and even a Autodiscover greyed one) while there already exist autodiscover.domain.local and _msdcs.domain.local domains.
Could I delete these inside the domain.local and restart the Netlogon service without any problem ? If not what I have to do in the right order please ?

There is an IPV6 Reverse DNS lookup zone configured in 32 bits with SOA (SBSServer.domain.local, hostmaster.domain.local), NS (SBSServer.domain.local), domain.local and SBSserver.local PTR.

Ping and Nslookup work well in IPV4 and IPV6 for the domail.local name.
Ping works well for the SBSserver.domain.local in IPV4 and IPV6.
Reverse DNS doesn't work in IPV6 for the SBSServer.domain.local.
When I add the SBSServername Host AAAA in domain.local, it disapear after a while.

Finally, a very strange behaviour, I can't acces OWA on the SBS server when I type https://SBSserver/owa or https://SBSserver.domain.local/owa. Only the IP address works to access OWA while these names ping successfully in IPV4 and IPV6...

Thank you in advance for your help, best regards,
0
Comment
Question by:jet-info
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 12

Accepted Solution

by:
Gary Coltharp earned 500 total points
ID: 39829452
Have you run the fix my network wizard in the SBS console?
It is highly advised to stay in the console in SBS environments.

After running the fix my network wizard, you may need to rerun the connect to the internet wizard but not necessarily.

As for OWA, an implicit DNS record is created that mirrors your outside address, ie; remote.xyzdomain.com

so you would go to https://remote.xyzdomain.com/owa both inside and out.

HTH

Gary
0
 

Author Comment

by:jet-info
ID: 39829509
I did not dare do it on a  "Working" production server because it is one of SBS first steps wizard.
Is it safe at 110 % ? Does it recreate the autodiscover and the DNS config as well ?

Thank you for your help Gary !

PS : I saw a strange behaviour this morning, When connected to Exchange, Outlook open a small window and try to connect to address@domain.com (instead of address@domain.local). We only can click to cancel on this windows and when we do it, the connection is cutted between the client and the server, so we click on "Need Password" in Outlook and it connect back to the server, but 2 minute after it restart to connect to address@domain.com. If we let it alone Outlook works and the connection to the server remains...
0
 
LVL 12

Expert Comment

by:Gary Coltharp
ID: 39829516
It is very safe...there may be a brief interruption in internet services but your server will likely be much the better for it afterwards.

Gary
0
Save the day with this special offer from ATEN!

Save 30% on the CV211 using promo code EXPERTS30 now through April 30th. The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

 

Author Comment

by:jet-info
ID: 39832594
It changed the server IP address, the SMTP connectors and the DHCP options related to the new IP... Once the previous IP, DHCP settings and SMTP connectors restaured I launched the wizard again and it only mentioned the DNS Forwarders and the router errors.

Not again tested to restart a computer, not had the time today.

I check it ASAP.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39834648
The FIX My Network Wizard should NOT change the IP address of your server

Please post a COMPLETE ipconfig /all from both the server and a workstation.

Jeff
0
 
LVL 12

Expert Comment

by:Gary Coltharp
ID: 39835475
I concur...
Perhaps it wasn't configured from the console when it was deployed or migrated? As I understand it, the settings are stored in a database at configuration so that the fix network wizard can put things back.
0
 

Author Closing Comment

by:jet-info
ID: 39839256
Thanks.
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question