Re: Why login takes too long?

Report.

DCDIAG /V /C /D /E /s:yourdcname > c:\dcdiag.log

System event error ocures with this error:
Source:DCOM
EventID: 10009

DCOM was unable to communicate with the computer
ip_address_of_my_dns_forwarder using any of the configured protocols.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.


Everything else is fine

Auth Basc Forw Del Dyn RReg
Ext

________________________________________________________________
Domain: mydomain.com
1stDC PASS PASS PASS PASS PASS PASS
n/a
2ndDC PASS PASS PASS PASS PASS PASS
n/a


netdiag.exe /v > c:\netdiag.log

system info is wrong:

1stDC: System info : Windows 2000 Server (Build 3790) #this is windows 2003
server sp2
2ndDC: System info : Microsoft Windows Server 2003 (Build 3790) #this is
windows 2003 server R2 sp2


Also i found a bunch of these messages:

Check the DNS registration for DCs entries on DNS server 'some_ip_address'
The Record is different on DNS server 'some_ip_address'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server 'some_ip_address', no need to
re-register.

Everything else is sims ok.


I'll try your script now. THanks
"Paul Bergson [MVP-DS]" wrote:

Run diagnostics against your Active Directory domain.

If you don't have the support tools installed, install them from your server
install disk.
d:\support\tools\setup.exe

Run dcdiag, netdiag and repadmin in verbose mode.
-> DCDIAG /V /C /D /E /s:yourdcname > c:\dcdiag.log
-> netdiag.exe /v > c:\netdiag.log (On each dc)
-> repadmin.exe /showrepl dc* /verbose /all /intersite > c:\repl.txt

**Note: Using the /E switch in dcdiag will run diagnostics against ALL dc's
in the forest. If you have significant numbers of DC's this test could
generate significant detail and take a long time. You also want to take
into account slow links to dc's will also add to the testing time.

If you download a gui script I wrote it should be simple to set and run
(DCDiag and NetDiag). It also has the option to run individual tests
without having to learn all the switch options. The details will be output
in notepad text files that pop up automagically.

The script is located in the download section on my website at
http://www.pbbergs.com

Just select both dcdiag and netdiag make sure verbose is set. (Leave the
default settings for dcdiag as set when selected)

When complete search for fail, error and warning messages.


--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.

"Shedoks" <Shedoks@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:E4CF6352-013C-4087-B3B2-3A8F0515E543@xxxxxxxxxxxxxxxx
Thx for your support.

My configuration is as you described.
My clients are configured to send dns requests to my AD.
My AD on nic is configuret to send dns req. to himself (domain controler)
and to my 2nd dns server who is responsible for my zone.

on my ad client gets outside addresses via forwarders.

"Paul Bergson [MVP-DS]" wrote:

Most long login issues are related to dns. Make sure the clients point
to
an AD dns server and there is no reference to an external isp dns. On
your
dns server make sure that the nic points to an AD dns server (Preferably
a
second AD dns server) and all external lookups are handled via forwards
from
your dns server.

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.

"Shedoks" <Shedoks@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:FED19667-C03D-4B91-89AB-1A7DBE0DEAB3@xxxxxxxxxxxxxxxx
I have my domain controler on:
2003 server sp2

and 2nd DC (replica of 1st) on:
2003 server R2 sp2

I posses canon iR2570Ci and it's joined into my AD.
It's works very fine until i've installed sp2 on my DC's.
After that logon takase too much time. Aprox. 3 minutes from my printer
device.

Does anyone have an idea how to troubleshoot why this is happening?






.

Relevant Pages

  • Re: Cannot logon to the Domain
    ... If you don't have the tools installed, install them from your server install ... Just select both dcdiag and netdiag make sure verbose is set. ... client has been provided a DNS server it requests services for a Global ...
    (microsoft.public.windows.server.active_directory)
  • Re: Why login takes too long?
    ... windows 2003 server R2 sp2 ... The Record is different on DNS server 'some_ip_address'. ... If you don't have the support tools installed, ... Run dcdiag, netdiag and repadmin in verbose mode. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Epmap Connectionn Problem
    ... The problem is still here after I change the machine's DNS server; ... The machine is with SP2 and fire wall is on; ... The port number connect to server's epmap port is protean. ... > windows firewall to log successful connections and dropped packets. ...
    (microsoft.public.windowsxp.general)
  • Re: SP2 for SBS 2003
    ... I did not see ISA blocking DHCP traffic, but I reinstalled SP2 and the ... clients are getting their IP address again. ... zone GTNConsulting.local. ... This DNS server is configured to use ...
    (microsoft.public.windows.server.sbs)
  • Re: DNS server issue
    ... I'm running it on 2003 sp2, ... any questions should be posted in the NewsGroup ... But i got repeated error in DNS server eventvwr as: ... "The DNS server was unable to open zone _msdcs.SKB.COM in the Active ...
    (microsoft.public.windows.server.active_directory)