Re: slow login problems at branch office

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

If your network name resolution works fine, and your machines are taking
20min or more to logon, my advise to you is MAKE A GC per site if you want
to speed up logons.

--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Charles Hunt" <Charles(trying to reduce spam)huntrad.net> wrote in message
news:utbreujiGHA.1208@xxxxxxxxxxxxxxxxxxxxxxx
Hi,

Thanks for your reply.

just to go through your list.

I don't have a GC at the branch office, according to my MS resource kit
manual, it isn't necessary for just a few PCs across a VPN with reasonable
bandwidth. (>500Kbs)

Yes, I have set up the subnets in Sites and Services

The DNS servers point to themselves and the backup AD DC.

I have set up a local DNS which appears to work properly.

I am not using NetBIOS / WINS.

I don't have a problem resolving FQDNs (both forward and reverse)

I am checking the trouble shooting guide in Q247811 to see if that can
shed any light on the problem.

kind regards

Charles

"Jorge Silva" <jorgesilva_pt@xxxxxxxxxxx> wrote in message
news:uW95mgjiGHA.1508@xxxxxxxxxxxxxxxxxxxxxxx
Hi


Couple of things:



- Make sure that you have at least 1 GC per site.

- Make sure that you defined the appropriate subnets in AD Sites and
Services.

- Make Sure that each Dns server only points to itself under Nic
properties.

- Make sure that local clients only use their local Dns server.

- If your between subnets, and you use NetBIOS resolution (for example to
browse network neighborhood), make sure that you have Wins in both Sites
replicating with each other.

- Make sure that your Dns servers can resolve each other domain, or each
other FQDN.




--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Charles Hunt" <Charles(trying to reduce spam)huntrad.net> wrote in
message news:erUutpiiGHA.4040@xxxxxxxxxxxxxxxxxxxxxxx
Hi,

I have two sites linked by a VPN connection which works fine. I can ping
machines from both sides and DNS seems to be happily resolving FQDNs etc
as well as machine names. I can also access the DCs by using the
\\mydomain.com\sysvol so (with a bit of trickery).. All my DCs are 2000
SP4 machines and based in the main site.

The branch office is new and i have moved across some existing
workstations to that office.

BUT all machines in the branch office, are not logging in properly. The
XP/2000 machines take an age to log in (20mins+) and things are not
really working correctly. I have a 2003 member server which i put in to
perform DHCP which I managed to authorize remotely. (after a bit of
effort and it took about 15 mins to finally authorize)

When I try to login to the 2003 server remotely using RDP it won't let
me, the error message is "access denied" and the event log shows a 40960
error which is "domain controller unavailable". What really perplexes me
is that I can ping and access the machines, the DNS seems to be OK, but
obviously there is some kind of problem with the AD. I am wondering if
there is a TCP/UDP port which is being blocked or some other
communication problem which isn't apparent with ping and DNS look ups.
(i have checked the reverse zone on the DNS which seems to be updating
and working fine)

I have the RESKIT2000 but not entirely sure which tool can help me in
this particular problem.

any ideas or tools that could help me get a fix on this problem would be
VERY VERY welcome.

kind regards

Charles







.

Relevant Pages

  • Re: slow login problems at branch office
    ... I don't have a GC at the branch office, according to my MS resource kit ... The DNS servers point to themselves and the backup AD DC. ... SP4 machines and based in the main site. ...
    (microsoft.public.win2000.active_directory)
  • Re: How to enable communication between Two different lans (subnets)/ domains 2003 server based? Ass
    ... You will also almost certainly have DNS problems running a domain behind ... server domain, with a DHCP server running on one of the 2003 boxes. ... the "inner" subnet can see the original subnet and the Internet, ... The .227 machines can see the machines on the 192.168.1.0 subnet and the ...
    (microsoft.public.windows.server.networking)
  • Re: Event ID: 3000
    ... Adding more machines and changing the network around would be ... DNS servers etc. ...
    (microsoft.public.win2000.dns)
  • Re: Guessing problem with AD and AD Integrated DNS
    ... With that said I had to re-image the machines to fix this issue. ... What the head it guy try to was to delete the old computer’s name from DNS in the forward and reverse lookup zone. ... Clients set to different DNS servers which are NOT replicated ... There can be ordinary secondaries associated with either type of master. ...
    (microsoft.public.windows.server.active_directory)
  • RE: suspicious firewall rules in WinXP firewall
    ... When that site got taken down, DNS ... suspicious firewall rules in WinXP firewall ... I can ping out of these two machines, ... World renowned security experts reveal tomorrow's threats today. ...
    (Incidents)