Re: windows 2003 active directory and slow logons

are you saying that location has 10.30.0.0/16 for itself?

so WHY not create a subnet in AD that covers that. Instead of "10.30.x.x/26"
create one like "10.30.x.x/16" which covers all the IPs you mentioned below

because of that the clients and servers cannot determine the site they are
in and instead of asking a DC for a site they will ask for a DC in the
domain and that can be ANY DC in the domain no matter where it is!

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Windows Server - Directory Services

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
"exchange_confused" <exchangeconfused@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:23D0BD1B-2328-4042-ADCA-95266B08DCC8@xxxxxxxxxxxxxxxx
sorry,

the subnet mask is 255.255.0.0/16 they have a whole 10.30 to themselves
;-)


"Jorge de Almeida Pinto [MVP]" wrote:

and what is the subnet mask for clients and servers?

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Windows Server - Directory Services

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no
rights!
* Always test before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
"exchange_confused" <exchangeconfused@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:3BEFD983-D13C-4A6A-92FF-AF6ADA2EB233@xxxxxxxxxxxxxxxx
ok,

DHCP provided by linux box and clients get ip addresses from the
following
range

10. 30. 5.x
10. 30. 9.x
10. 30. 6.x
10. 30. 4.x
10. 30. 7. x

The ip address range for the server is 10.30.254.x
Just to let you know as well as I was reading your website, this server
sits
on a vmware esx.
I am wondering wether this has anything to do with it? I am also
thinking
that it may be a half duplex/full duplex, portfast issue you know
switch
related issue??
as the problem is intermittent and not solely tied to one computer??

any ideas?


"Jorge de Almeida Pinto [MVP]" wrote:

ok... nothing strange...


what is an example IP and subnetmask for clients AND servers?
what is the layout of the DHCP scope?

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Windows Server - Directory Services

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no
rights!
* Always test before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
"exchange_confused" <exchangeconfused@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote
in
message news:7343ED76-0C18-4327-9677-53EA6F20DE9B@xxxxxxxxxxxxxxxx
Hi Jorge,

Thanks for answering so quickly,

I have setup the sites and services as follows

Created a new site called Location B
moved DC into site name location B
created a subnet range = 10.30.x.x/26 which is matched up to site
name
B
site link is from location A - Location B based on IP hub and spoke
type
scenario all our other sites are configured this way.
The server in Location B is also a GC

does this help I am online currently as well so ask away if you are
still
online


"Jorge de Almeida Pinto [MVP]" wrote:

how about the answer for the sites and subnets I asked?

how is that setup? the sites and subnets setup determine to which
DCs
a
user/computer is authenticated

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Windows Server - Directory Services

BLOG (WEB-BASED)-->
http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers
no
rights!
* Always test before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
"exchange_confused" <exchangeconfused@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote
in
message news:38686A26-BB48-4AD4-9A13-80A5E8B1AAE2@xxxxxxxxxxxxxxxx
Hi guys,

thank you all for your answers. I will draw out the scenario for
you.

We have two structures DNS AD and BIND for the clients.

We delegate the AD zone to the BIND servers so the clients know
how
to
reach
the DC's.

The remote site has a local DC that is also a DNS for the AD DNS
integrated
domain. The DC DNS configuration is as follows

Primary DNS points to itself
Secondary DNS points to the linux BIND DNS

This is our configuration for all the other sites as well.

The sites and subnets is defined with the ip address of 10.30.x.x
which
covers the local site.

The clients all point to a linux server for DNS as this server is
used
for
all the clients.

The issue is intermittent, so sometimes the clients will
authenticate
to
the
local server...

Day 1 - client A authenticates against local DC
Day 2 - client A (same client as above) authenticates to remote
DC



"Jorge de Almeida Pinto [MVP]" wrote:

is the DC also a DNS server?
are clients/servers pointing to that DNS server?
do you have a site for the location the DC and the clients are
in?
are subnets within that location linked to that site?

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Windows Server - Directory
Services

BLOG (WEB-BASED)-->
http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)-->
http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and
confers
no
rights!
* Always test before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
"exchange_confused" <exchangeconfused@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote
in
message
news:C5426483-90F4-43E2-B8DB-596CF0F3DB66@xxxxxxxxxxxxxxxx
We recently brought in a new site into our windows 2003 active
directory
domain.
The site has a local domain controller and the subnet range
was
setup
in
sites and services.

When users login they are authenticated by other domain
controllers
within
our AD domain and not by the local DC. However this is random.

When the user is authenticated by other DC's in the AD domain
the
user
login
takes up to 30 minutes.

The users O/S is based on Windows XP

The question is why isnt the local DC authenticating all the
local
machines?

The DC is installed with Windows 2003 STD server.

Thanks















.

Relevant Pages

  • RE: VPN Clients Not Registering in AD DNS
    ... via VPN, the DNS records of the VPN clients are unable to be registered. ... Windows 2003 server? ... please let me know whether the clients get the IP ...
    (microsoft.public.windows.server.sbs)
  • Re: Permissions across 2 Forrest
    ... Primary DNS server on 1.x and the 18.x network along with DHCP and WINS. ... For instance ForrestA DNS is now a secondary for Forrest B and vise versa. ... WINS clients must use the same "WINS Database"* ...
    (microsoft.public.windows.server.active_directory)
  • Re: Still strange not fully working DNS server
    ... On none of the computers (both DC and clients) no firewall software is ... For the rest nothing happens in the DNS forward lookup zone. ... Is the new server Global catalog? ... The config you mentioned was not configured so I have configured ...
    (microsoft.public.windows.server.dns)
  • Re: Client installation frustration.
    ... not, apparently, any DNS lookup issues on my network. ... connection's addresses in DNS" and "Use this connection's DNS suffix in DNS ... is a file and print server that we have at one of our secondary sites. ... Is there any way to cancel all current requests to install clients? ...
    (microsoft.public.sms.admin)
  • Re: windows 2003 active directory and slow logons
    ... not everyone who is on the 10.30.x.x range is authenticating to this server ... Maybe i need a network sniffer on the whole subnet? ... DHCP provided by linux box and clients get ip addresses from the ... The remote site has a local DC that is also a DNS for the AD ...
    (microsoft.public.windows.server.active_directory)