Re: Win2k3 and Slow Logons

From: Herb Martin (news_at_LearnQuick.com)
Date: 12/06/04 

Date: Mon, 6 Dec 2004 06:28:29 -0600

<anonymous@discussions.microsoft.com> wrote in message
news:15a101c4db72$3616b8f0$a301280a@phx.gbl...
> Well I am going to need some help again, because the
> problem is back. It was only good for a few logins on my
> main workstation and not on the others which have the same
> settings.
>
> You guys are using some big terms which I am not quite
> understanding.

Then pull out each term and ask for a definition (or Google it
if you are in a hurry.)

Chances are it is not because they are "big" but rather they
are being used for their technical accuracy.

DNS isn't really very hard, at least not the basics, but the
using the terminology correct can make it much easier to
understand and to follow directions for design and repair
when it doesn't work.

> I get what you mean by using the router as a
> backup

That's mostly optional but you cannot do this if
you don't put a copy of the zone on the router.

All DNS servers used by the clients directly must
be able to return the same answers -- clients assume
that all DNS servers will return the same, correct
answers.

(Clients don't try a different DNS server if they get
a wrong, or even a negative answer.)

> and setting it up so the DC never really touches the
> net.

That's mostly for security (of the DC) and also for
efficiency in some case.

> I do not know how to go about setting this up though.

On each DNS server in Windows, right click for the Property
*** and pick Forwarding: set the exteran (or router)
DNS as the forwarder for your internal machine.

For non-Windows there is something similar in the config.

> It is the problem every time, I am not as savy in a server
> enviornment as I am in a workstation enviornment. This is
> the first server I have maintained.

My guess is that your router is not holding a copy of the
zone -- this will mean that when clients switch over to
using the router-DNS they will be unable to resolve
internal names.

This is incorrect -- either setup the forwarding on the
main server OR take the router out of the listings.

You are likely going to need the Forwarding setup. 

-- 
Herb Martin
> >-----Original Message-----
> >"Daniel" <anonymous@discussions.microsoft.com> wrote in
> message
> >news:156801c4dabc$c9949040$a401280a@phx.gbl...
> >> I set things up the way you said to and it works. Putting
> >> the router as a secondary DNS server and putting it into
> >> the forward zone made things much faster. Thank you very
> >> much for your suggestions.
> >>
> >
> >Do you mean you have the router holding a copy of the
> >forward zone for you internal network, e.g., as a Secondary
> >for that zone?
> >
> >If so, that is fine and a good method (as Ulf said) for when
> >your DC or other main DNS is down (even being rebooted).
> >
> >It is NOT a good method if it doesn't hold that zone.  While
> >it is true that with the (sole) DC down there is not
> authentication
> >anyway but you cannot absolutely depend on the "Primary"
> >DNS server (on the client settings) to used in favor of the
> >"Alternate".
> >
> >Make sure you client machines, including the DCs and DNS
> >servers themselves as DNS clients, ALL use ONLY the
> >DNS servers which can resolve the full internal domain or
> >set of domains.
> >
> >In most cases you should:
> >Forward the DNS-DC to the router DNS, and have it do
> >the public resolution through physical recursion or in
> >most cases have it also forward to the ISP.
> >
> >This way you internal, sensitive DC never visits the big,
> >bad world of the Internet.
> >
> >-- 
> >Herb Martin
> >
> >
> >> >-----Original Message-----
> >> >"Daniel" <daniel1213@msn.com> wrote in message
> >> news:daniel1213@msn.com:
> >> >> I am trying to set up a domain on a Win2k3 box at home to
> >> >> automate the tasks of the 8 computers in my house. I can
> >> >> get all the computers added to the domain without a
> >> >> problem. My problem is, they all log in VERY slowly. It
> >> >> will sit on 'Loading personal settings' for a few
> minutes.
> >> >> I know this is a DNS issue and I have read alot on this,
> >> >> but I still can not get it to work, so I am here.
> >> >>
> >> >> The set up goes like this: The cable modem connects
> to the
> >> >> linksys router, which connects to my switch and then all
> >> >> computers are connected to the switch. I let the router
> >> >> handle DHCP (all computers have a static IP though). The
> >> >> DNS settings on the client machines are all set to the DC
> >> >> IP as well. Do I need to setup DNS info in the router
> since
> >> >> it is acting as the DHCP server?
> >> >>
> >> >> I am willing to try some more walk throughs, but would
> >> >> really like some remote connection help. I am hitting my
> >> >> head on the desk here, it is annoying.
> >> >>
> >> >>
> >> >> PS: Sometimes, I can not log into the domain on my main
> >> >> workstation, it says my u/p is not correct. Then I
> try the
> >> >> same u/p on my laptop and it works fine. It is
> bothering me
> >> >> much, just another issue.
> >> >
> >> >Hello Daniel,
> >> >
> >> >DNS should be configured that your clients and your DC is
> >> using the DC
> >> >as DNS-Server, the DNS-Server on the DC should be
> >> configured to forward
> >> >to the linksys-router (to enable all computers resolving
> >> external
> >> >computers). You configure that in the DNS Management
> >> console on the
> >> >properties of the computer (Forwarders-Tab).
> >> >
> >> >If you sometimes don't run your DC you could also put
> in the
> >> >linksys-router as secondary DNS-Server on all machines.
> >> >
> >> >And make sure that the DC is working correctly, there
> >> might be issues
> >> >in DNS there. Just run dcpromo /v out of the support tools
> >> and parse
> >> >the output for failed stuff.
> >> >
> >> >-- 
> >> >Gruesse - Sincerely,
> >> >
> >> >Ulf B. Simon-Weidner
> >> >
> >> >  MVP-Book "Windows XP - Die Expertentipps":
> >> http://tinyurl.com/44zcz
> >> >  Weblog: http://msmvps.org/UlfBSimonWeidner
> >> >  WebSite: http://www.windowsserverfaq.org
> >> >.
> >> >
> >
> >
> >.
> >
Quantcast