Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Why does this happen?

Posted on 2016-11-08
12
Medium Priority
?
53 Views
Last Modified: 2016-11-20
Problem: Boot GPO's fail to run.
Solution: MS has a reg fix, to make the GPO implementation wait until the network initialization completes.
https://support.microsoft.com/en-us/kb/2421599

I am having a discussion with a coworker, and the question is "Why is this happening?"  and how would I do further investigation on "Exactly what is going on?"

Note: Spanning tree on the switch is enabled, this is network wide, and there are no network errors.
0
Comment
Question by:loftyworm
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
  • +1
12 Comments
 
LVL 123
ID: 41879084
if you force a GPO update on the Client, does it give you any error messages ?

have you also looked at the event logs on the DCs and Workstations ?
0
 
LVL 11

Author Comment

by:loftyworm
ID: 41879163
1) no error messages after boot.  the gpupdate /force works with no issues (because the network is up and all is working)
2) there is an event in the boot up event logs, that match the KB from MS, the GPO failed to run

One more addition as will, an updated Network driver (all drivers) has no effect (and flash of all bios)
Another symptom can be seen, when you login right away, the network drives all have that red X, but go away when you navigate them, again pointing at the network.

Perhaps I should look more closely at the spanning tree???  Could the network be holding up the NIC from starting?
0
 
LVL 123
ID: 41879251
GPO updates are working, and being applied to all workstations correctly ?

it's just this update which is not working ?

do you have a different network interface or switch to try ?
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 
LVL 11

Author Comment

by:loftyworm
ID: 41879579
1) no they are not.  there are some specific boot GPO's that will not run.

No I don't.

But I think the issue is being missed.  I know how to fix it.  The question is why is this happening?
I am getting some beurocractic blowback, and I need to say "because this and this log says so", or something to that effect.  The windows event log shows there is an error, but not why the network card is not booting as fast as the OS.
0
 
LVL 123
ID: 41879585
Sorry, I'm a little confused, do GPO updates work in your organisation, ANY?

lets just park this specific update.
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 668 total points
ID: 41879670
... "but not why the network card is not booting as fast as the OS. "

The OS must get up and running before it can set the network settings for the network card to use.  So the OS will be up and running prior to the network card.

How are the switch ports configured?  Access, trunk, or dynamic?  Are the switch port/network card configured as fixed speed/fixed duplex or learn?
0
 
LVL 123

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE^2)
Andrew Hancock (VMware vExpert / EE MVE^2) earned 668 total points
ID: 41879703
We experience this, with MDT deployments, on our new i7 Desktops, MDT BOOTS so fast, the network interface has not initialized, and therefore fails obtaining a DHCP lease, and MDT has already booted, and trying to map to Network Share. if we then wait 60 seconds, and hit Retry it works, but this does not help, as PXE/MDT deployments are supposed to be automatic!....

and this was with an Intel Network Interface on the motherboard, if we switched to the RealTek, it solved the issue for us!

Motherboard has two nics, strangely an Intel and Realtek, this is on a customer site, which has HPE networking.
0
 
LVL 47

Assisted Solution

by:Craig Beck
Craig Beck earned 664 total points
ID: 41879820
Spanning tree on the switch is enabled, this is network wide, and there are no network errors.

In Cisco-speak, we enable spanning-tree portfast to enable the port to forward frames instantly.  If STP is enabled and portfast isn't enabled, the device won't be able to pass any traffic for around 30s after the link is established.  This is why the wait for network GPO needs to be applied.
0
 
LVL 11

Accepted Solution

by:
loftyworm earned 0 total points
ID: 41888247
SO, I want to close this up.
This is not a spanning tree issue or even a switch issue.  I believe (70%) that this is a AV Symantec issue.  In essence, there is a 3rd party program that is controlling the network connection.  In this case the Symantec Firewall.  This is where the delay is coming from. I have past the political hurtle and am moving forward with the fix I originally stated.  TY all for you assistance.
0
 
LVL 123
ID: 41888341
no firewalls here on our workstations, and it happens!
0
 
LVL 47

Expert Comment

by:Craig Beck
ID: 41888521
Check portfast, Andrew :-)
0
 
LVL 11

Author Closing Comment

by:loftyworm
ID: 41894663
solution found
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
By default Outlook 2016 displays only one time zone in the Calendar. The following article explains how to display two time zones in one calendar view.
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question