Re: Folder security properties slow to resolve SID's to user ID names
- From: "Ace Fekay [MVP]" <PleaseAskMe@xxxxxxxxxxxxxx>
- Date: Sat, 17 Jun 2006 18:28:36 -0400
In news:eGjYtZLkGHA.3572@xxxxxxxxxxxxxxxxxxxx,
Microsoft Public Newsgroups <citpaj@xxxxxxxxxxxxxxx> stated, which I
commented on below:
We just recently did an in-place upgrade of our single NT4 Domain to a
single W2K3 AD Domain. Since that we've noticed that when we check
the security properties of a network folder from a client PC it takes
forever to resolve SID's to user ID's, particularly on folder with
many sub-folders beneath. Prior to the AD Domain this took less than
a minute, and now it takes up to ten minutes to completely resolve
every last SID. Can anyone give me some pointers on this? Thanks in
advance.
PJ.
Since no configuration information was provided, it is difficult to diagnose
without guessing. We can go over a few things that can cause this, but it
would be beneficial to know your configuration (ipconfig, AD DNS domain
name, remote sites, multiple domains, etc).
First thing that comes to mind is a client side DNS configuration issue. I'm
sure that part of the upgrade plan you installed DNS (part of the dcpromo
process if you didn't do it manually) and are now only using your new domain
controller for the DNS address of ALL internal machines. If you are using an
ISP's, or mixing ISP's and the internal DNS, that can cause numerous issues
with AD communication.
The other thing that comes to mind is that when you upgraded to AD from NT4,
that an incorrect, or more specifically, a single label name AD DNS domain
name was chosen. An incorrect example of such is "DOMAIN", whereas a correct
choice would have been "domain.com", "domain.net", "domain.local", etc.
Another issue that can cause this (either in conjunction with the above
issues or as a stand alone issue) is the DC has multiple NICs. Multiple NICs
are not recommended with DCs. However there are steps to configure a DC in
such a configuration, albeit not recommended.
To better assist, if you can post an ipconfig /all (unedited please) of your
DC and of an example client machine, (along with anything else that may be
pertinent), it will give us a great start in providing a diagnosis.
Thanks,
--
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
Having difficulty reading or finding responses to your post?
Instead of the website you're using, I suggest to use OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. This is a direct link to the Microsoft Public
Newsgroups. It is FREE and requires NO ISP's Usenet account. OEx allows you
to easily find, track threads, cross-post, sort by date, poster's name,
watched threads or subject.
It's easy:
How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Directory Services
Microsoft Certified Trainer
Infinite Diversities in Infinite Combinations
Assimilation Imminent. Resistance is Futile
"Very funny Scotty. Now, beam down my clothes."
The only thing in life is change. Anything more is a blackhole consuming
unnecessary energy. - [Me]
.
- Follow-Ups:
- Re: Folder security properties slow to resolve SID's to user ID names
- From: Microsoft Public Newsgroups
- Re: Folder security properties slow to resolve SID's to user ID names
- References:
- Folder security properties slow to resolve SID's to user ID names
- From: Microsoft Public Newsgroups
- Folder security properties slow to resolve SID's to user ID names
- Prev by Date: GPO update issue, \\domain.net\sysvol not accesible
- Next by Date: Re: How to decide on which network interface domain controller is available
- Previous by thread: Folder security properties slow to resolve SID's to user ID names
- Next by thread: Re: Folder security properties slow to resolve SID's to user ID names
- Index(es):
Relevant Pages
|
Loading
