Non-Domain SP2 systems, SLOW domain access
- From: "Keith Jakobs, MCP" <elohir@xxxxxxxxxxxxxxxxxx>
- Date: Thu, 8 Dec 2005 14:43:51 -0800
Greetings:
I am hoping one of the high-end experts/MVPs can help me out with this, as I
consider myself reasonably well-versed in network issues, but I am stumped
on how to resolve this issue.
In a nut shell, I am having problems connecting Windows XP SP2 laptops to
our network that are NOT part of the domain. I have recreated the issue,
and am reasonably sure it is a combination of SP2 and the XP system not
being part of our domain that is causing network slow-downs so extreme, that
it is actually locking up our hardware switches (yes, we have had to
hard-boot them several times since this became an issue this week)!
First, these laptops belong to employees that do not work on site normally,
nor do they connect to the coporate network from home. They belong to the
employees, who come from other states to our premises for about 1 month a
year. As such, we do not make their laptops part of the domain when they
bring them here.
Second, we did not have these issues when they were here last year. At
which point none of them had upgraded to SP2. The one user whose laptop had
SP2 uninstalled is the one user who is actually able to access the network
at an acceptable performance level.
Third... all Internet functions work fine. There is only a problem when
accessing domain resources.
Fourth, our primary symptom, is that a custom application we deisgn is
loading very slowly for these users, to the point that the program times
out, or responds like access is being denied to certain network-based files.
Though this is our primary issue I need to resolve, I don't expect
assistance debugging our application.... but I have narrowed it down to a
Windows only symptom:
The user logs on locally to a machine with SP2 (XP Professional) that is not
part of the domain. That user then maps drives on their local system to a
domain share, using a domain account (Domain\Username). When that user
opens the properties of any file on the domain share, and browses the
security tab, the security identifiers take a very long time to enumerate.
Basic identifiers (e.g., Everyone) appear right away, but the list of
approximately 10-12 SIDs takes a minute or more to fully enumerate (usually
in spurts).
Now, if I make that computer a member of the domain, and try this again,
this is what happens...
User logs on with local account, maps drives with domain account: Security
identifiers enumerate substantially faster, but still notably slow.
User logs on to system with domain account: Security Identifiers enumerate
instantaneously.
As I said, since the laptops belong to the employees, making those systems
members of the corporate domain is not an option. Also, we can not unload
SP2 from those laptops that still have it installed.
So my question is: What domain wide or GPO setting I can change to stop
these non-domain SP2 XP Professional systems from having such pitifully slow
network response? I am guessing they are reacting so slow due to excess
security overhead, but that is only an educated guess, and I have no idea
where to look (I am avoiding have to connect a packet sniffer, cause it is
not an easy option to implement on our switched network).
(FYI, our custom app loads in about 5-10 seconds when the system is part of
the domain, but can take 3-5 minutes when the system is NOT a domain
member). As best we can tell, this is because of network latency, which as
I described, can be demonstrated without referring to our custom
application.
Please, can anyone help me figure out how to improve their network
performance????!!!! I need help ASAP.
TIA
Keith C. Jakobs, MCP
Modesto, CA
.
- Prev by Date: Re: Ineternet Gateway and Wireless router installation
- Next by Date: Re: Setup Basic.
- Previous by thread: Re: Ineternet Gateway and Wireless router installation
- Next by thread: Re: Setup Basic.
- Index(es):
Relevant Pages
|
