Peter Vogelaar
asked on
Workstations slow after domain migration
Hello everyone,
Today we worked on installing a new server at an office that has around 50 users. We planned out and deployed a server migration from Server 2008 R2 to Server 2019.
All worked well, FSMO, DHCP, DNS, everything moved over without a hitch. After modifing the login script to recognize the new file server, all users were able to login without any problem and access files.
That all changed about an hour later. A network connection was disconnected from the new server. And ever since then, the computers have slowed to pas a crawl.
Like it literrally takes 15-20 mins just to LOG IN!
Once logged in, you simply can't click any applications or even the start menu. They aren't locked, just every operation takes minutes when they should be mili-seconds.
I started investigating. One issue I found was the GPO objects didn't move from the old server. So when I tried to modify them in the GPO manager, it gave errors saying it couldn't be found. So I copied them out of SYSVOL on that old server. Great. I was now able to edit those GPOs.
I cleaned up some DNS entries, but I cannot find anything in the event log of any of the servers to indicate any problems. Since the workstations are soooooooooooo slow, I can't even open the event viewer to see what is going on. Every command I send it, times out. I can't find any errors in DNS or DCDIAG.
Please help
Today we worked on installing a new server at an office that has around 50 users. We planned out and deployed a server migration from Server 2008 R2 to Server 2019.
All worked well, FSMO, DHCP, DNS, everything moved over without a hitch. After modifing the login script to recognize the new file server, all users were able to login without any problem and access files.
That all changed about an hour later. A network connection was disconnected from the new server. And ever since then, the computers have slowed to pas a crawl.
Like it literrally takes 15-20 mins just to LOG IN!
Once logged in, you simply can't click any applications or even the start menu. They aren't locked, just every operation takes minutes when they should be mili-seconds.
I started investigating. One issue I found was the GPO objects didn't move from the old server. So when I tried to modify them in the GPO manager, it gave errors saying it couldn't be found. So I copied them out of SYSVOL on that old server. Great. I was now able to edit those GPOs.
I cleaned up some DNS entries, but I cannot find anything in the event log of any of the servers to indicate any problems. Since the workstations are soooooooooooo slow, I can't even open the event viewer to see what is going on. Every command I send it, times out. I can't find any errors in DNS or DCDIAG.
Please help
Also I'm confused, is it a single server that is a domain controller holding all roles including dhcp and a file server, because, well that's just bad. No other dc? Man I need so much more info. But I know I could fix. Are there multiple servers. Was just a file server upgraded or a dc or both.
ASKER
Office had a single physical server with 3 virtual machines running. A DC, FS and TS.
New server is a DC, a FS and TS (not configured yet). DC and FS are seperate machines. No other DC than the new server.
FS and DC both replaced.
New server is a DC, a FS and TS (not configured yet). DC and FS are seperate machines. No other DC than the new server.
FS and DC both replaced.
man, I dont care if it's a 10 yr old white box, get a second dc on any other hardware than the vm host as a backup, you will be a hero in a few years from now.
So is the 2008 machine down, and what happens when you bring it back up. And ips,did they change? did dns change with them, and the dns addresses in dhcP. Because dns. When things slow down after a a domain move like this it's usually because things are waiting to timeout. Because they cannot find what they are looking for.
Also maybe expand on what this outage was to the new dc.
Going back to dns, if you forgot to update dns address in dhcp then an hour later when machines talked dhcp they got lost?
.
So is the 2008 machine down, and what happens when you bring it back up. And ips,did they change? did dns change with them, and the dns addresses in dhcP. Because dns. When things slow down after a a domain move like this it's usually because things are waiting to timeout. Because they cannot find what they are looking for.
Also maybe expand on what this outage was to the new dc.
Going back to dns, if you forgot to update dns address in dhcp then an hour later when machines talked dhcp they got lost?
.
Do one thing join any new machine/VM to the domain and see what is happening.
I agree that DNS is a likely suspect. What do you see for DNS when you run ipconfig /all on a workstation that is having speed issues?
Also, have all old servers been removed from the DNS entries on the new DNS server?
Also, have all old servers been removed from the DNS entries on the new DNS server?
@Dave:
"get a second dc on any other hardware than the vm host as a backup"
I'll agree that this is generally good advice, but I've had trouble selling it to my clients because of cost, It's not just the cost of hardware (can be less than $500 with used equipment) but the cost of the Server software (about $800) that is the obstacle. Am I missing something?
"get a second dc on any other hardware than the vm host as a backup"
I'll agree that this is generally good advice, but I've had trouble selling it to my clients because of cost, It's not just the cost of hardware (can be less than $500 with used equipment) but the cost of the Server software (about $800) that is the obstacle. Am I missing something?
Touche, I live in a world of licenses that makes me forget about them, have more than you can use to avoid the dreaded Microsoft ENGAGEMENT!! Right an engagement to try to take my money!!.
I wouldnt be looking at client dns, I'd be looking at the dns server.
I wouldnt be looking at client dns, I'd be looking at the dns server.
ASKER
I cannot even get any affected computers to open command prompt. They take 10+ mins just to log in, then cannot open any programs. Computers do not freeze, they just do not respond. Time keeps going.
Even if disconnected from the server, the speed is still the same. Working at trying to get local administrator working, for some reason it is saying wrong password.
Even if disconnected from the server, the speed is still the same. Working at trying to get local administrator working, for some reason it is saying wrong password.
"cannot open any programs" doesn't sound like a DNS issue if the programs are local (such as CMD). It may be that it's taking longer than the 10 minutes to fully log in and that's holding everything else up.
Do you get a response to ctrl-alt-del after logging in? Can you run Task Manager and look at Performance?
Do the servers show the same extremely slow login and activities?
It's very odd that a workstation that is booted with no connection to the server should experience such an issue after the server was changed. Are you using roaming profiles or redirected folders?
"A network connection was disconnected from the new server." Could you give details on exactly what that means? Since that appears to have been the trigger, it may be significant.
Do you get a response to ctrl-alt-del after logging in? Can you run Task Manager and look at Performance?
Do the servers show the same extremely slow login and activities?
It's very odd that a workstation that is booted with no connection to the server should experience such an issue after the server was changed. Are you using roaming profiles or redirected folders?
"A network connection was disconnected from the new server." Could you give details on exactly what that means? Since that appears to have been the trigger, it may be significant.
ASKER
AN UPDATE
I got into the local administrator account on a computer, and the symptoms carried over. Took over 10 mins just to log in, and clicking on the start menu does nothing. Network was disconnected during this time.
What else is interesting is that about half of 35 users are logged in and working totally fine. No errors.
We are trying to find the correlation, but am having trouble. Antivirus, what switch they are on, and user groups all are not consistent.
I got into the local administrator account on a computer, and the symptoms carried over. Took over 10 mins just to log in, and clicking on the start menu does nothing. Network was disconnected during this time.
What else is interesting is that about half of 35 users are logged in and working totally fine. No errors.
We are trying to find the correlation, but am having trouble. Antivirus, what switch they are on, and user groups all are not consistent.
ASKER
A network cable was disconnected for about 2 mins, and it roughly fits the timeline of issues.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Oftentimes there are registry entries for things on the workstations that point to the old 2008 server. Did you shut that down? And make the new dc the same ip. Man it seems like DNS, did I say tat lol. It probably isnt but I have to say it. Because it would def be my focus until I ruled it out completely. If old server is off and it could be the issue search the reg for any mentions of it.
Also glad to know I'm not the only one stuck dealing with last minute omg we have to decommission 2008!!!