Re: Explorer is non-responsive with tray activity when domain (AD) traffic is dropped.

From: Cinq (cj.sibonBLAH_at_BRRchello.nl)
Date: 08/18/04 

Date: Wed, 18 Aug 2004 23:28:25 +0200

Hello Jason,

You're not alone (comments inline)

Jason R. Coombs wrote:

> *(repost from 11-Aug-2004)*

I started reading this newsgroup only 3 days ago and my ISP has very
short retention times even for text only newsgroups :(

> **
> *Introduction*
> I've been experiencing this problem for some time now (~months), and I'm
> surprised other mobile users aren't experiencing the same problem.

I am too!

> It does seem remotely related to a previous post in
> windows.server.active_directory with the title, "Windows XP Clients
> Explorer hangs when accessing DFS shares".

I have it on all kind of shares, not only DFS.

> *Problem description*
> I have a Windows Server 2003 AD (in native mode) with a single domain
> controller (jaraco.com). The domain controller is co-located with an
> ISP. The domain name resolves to three IP addresses currently.
>
> I have several domain client systems, all running Windows XP. Some of
> these clients have been added to the domain via a PPTP or other VPN
> connection to the server because of blocked traffic (ports 445, 135, etc).
>
> When these client machines are running and are on a network connection
> where traffic is blocked and there is activity in the explorer tray
> (such as an IM client updating an icon or a network adapter indicating
> traffic), explorer will stop responding. Explorer will eventually begin
> responding again after some timeouts take place (30-120 seconds or
> more). If I disconnect the network connectivity (either by disabling a
> wireless adapter or disconnecting the cable for the network), explorer
> will begin responding in a few seconds.

While sniffing on the firewall, I indeed see more traffic hitting the
'block' rules when this happens.

> After the timeouts occur, explorer will begin responding normally again,
> and tray events function normally as well. After a new login or change
> of network or suspend/resume cycle, the problem will arise once again.

I am experiencing it also after disconnecting the VPN tunnel and wanting
to access my offline folders.

> If the client machine is on a network which does not drop RPC/CIFS
> traffic (directly or via VPN), this problem does not occur. If the
> client machine is not on a network at all, the problem does not occur.
>
> When explorer is not responding, other applications continue to operate
> normally. If no applications are running, I can use Ctrl-Alt-Delete to
> launch Task Manager and other programs. Only other programs that
> communicate with Explorer are affected.
>
> *Discussion*
> It seems clear to me that explorer is attempting to communicate with the
> domain controller and blocking until communication succeeds or fails via
> lengthy timeouts. I also believe, but am not certain, that the delay is
> relative to the number of IP addresses assigned to the domain controller
> (as if the timeout must occur for each DC address).
>
> This problem occurs on at least four member workstations.
>
> I am an expert computer user, intimately familiar with networking and
> software. I am a novice AD administrator, however. I was unable to
> find this problem in the KB, but would humbly and gratefully receive
> links to articles that address this issue.
>
> I appreciate any feedback.
>
> *More Information*
> It occurred again a minute ago. While it was occurring, I pulled up a
> command prompt and ran netstat. I indeed did confirm that it was
> attempting to contact the DC on the Endpoint Mapper port (135?). It
> seemed to be checking each of the three IP addresses at least twice, and
> had to wait for the TCP timeout each time.
>
>
> TCP metaorganism:4644 unused-colo-10.swcp.com:epmap SYN_SENT
> TCP metaorganism:4645 69.49.174.1.swcp.com:epmap SYN_SENT
> TCP metaorganism:4646 69.49.174.5.swcp.com:epmap SYN_SENT
>
> The three lines above were not seen together, but seen upon successive
> calls to netstat. I guessed on the outgoing ports, but the other
> information is cut/paste.

I was unable to catch them on my laptop but the firewall logged them :-)

What bothers me is that I block with the option 'icmp-port-unreachable'
so you would expect the Windows client to stop trying right away but it
isn't... It tries at least several times.

Fortunately for me I don't have multiple IP's it has to test so the
timeout is annoying but I can live with it...

Kind regards,

Cinq

Relevant Pages

  • Re: DNS failover
    ... Our network is divided into sites and we are adding additional Windows 2000 ... At each site each client is setup so that on the DNS configuration the ... The site I was testing has two PCs running on Windows NT ... "A Domain Controller for your domain could not be contacted. ...
    (microsoft.public.windows.server.dns)
  • Re: map local drive
    ... > When I am in Explorer and I try and map a drive to for instance ... the default Admin share C$ on the "client" machine. ... >>> added as Network Places? ... >>> I know I can add directories under favorites but I have so many web ...
    (microsoft.public.win2000.active_directory)
  • Re: explorer view in document library
    ... I stop the webclient and start again and cleaned up the My Network Places ... PC then explorer view is working fine? ... "Ian Morrish" wrote: ... > On the client, try stopping the Web Client Service. ...
    (microsoft.public.sharepoint.windowsservices)
  • hidden computer under my network places
    ... i have a problem on my domain controller. ... under my network place, i can ... all ping command from server to client and client to server work well ...
    (microsoft.public.windows.server.networking)
  • Re: SBS2003 Client dropped by mistake
    ... How did you add the client back? ... > In the process of adding a new system to my network, ... > that the domain controller is down or otherwise ... > unavailble or the account was not found. ...
    (microsoft.public.windows.server.sbs)