Re: Win2k3 and Slow Logons

anonymous_at_discussions.microsoft.com
Date: 12/06/04 

Date: Mon, 6 Dec 2004 11:36:56 -0800

Ok, I have taken some screenshots of various things
concerning my issue. Hopefully you guys can figure out my
problem with these. I have shots of the TCP/IP properties,
various DNS settings from the server and my router set up.
If you guys feel you need anymore, please let me know.

You can browse the index of pics here:

http://www.thevoiceless.net/dns/

>-----Original Message-----
><anonymous@discussions.microsoft.com> wrote in message
>news:15a101c4db72$3616b8f0$a301280a@phx.gbl...
>> Well I am going to need some help again, because the
>> problem is back. It was only good for a few logins on my
>> main workstation and not on the others which have the same
>> settings.
>>
>> You guys are using some big terms which I am not quite
>> understanding.
>
>Then pull out each term and ask for a definition (or Google it
>if you are in a hurry.)
>
>Chances are it is not because they are "big" but rather they
>are being used for their technical accuracy.
>
>DNS isn't really very hard, at least not the basics, but the
>using the terminology correct can make it much easier to
>understand and to follow directions for design and repair
>when it doesn't work.
>
>> I get what you mean by using the router as a
>> backup
>
>That's mostly optional but you cannot do this if
>you don't put a copy of the zone on the router.
>
>All DNS servers used by the clients directly must
>be able to return the same answers -- clients assume
>that all DNS servers will return the same, correct
>answers.
>
>(Clients don't try a different DNS server if they get
>a wrong, or even a negative answer.)
>
>> and setting it up so the DC never really touches the
>> net.
>
>That's mostly for security (of the DC) and also for
>efficiency in some case.
>
>> I do not know how to go about setting this up though.
>
>On each DNS server in Windows, right click for the Property
>*** and pick Forwarding: set the exteran (or router)
>DNS as the forwarder for your internal machine.
>
>For non-Windows there is something similar in the config.
>
>> It is the problem every time, I am not as savy in a server
>> enviornment as I am in a workstation enviornment. This is
>> the first server I have maintained.
>
>My guess is that your router is not holding a copy of the
>zone -- this will mean that when clients switch over to
>using the router-DNS they will be unable to resolve
>internal names.
>
>This is incorrect -- either setup the forwarding on the
>main server OR take the router out of the listings.
>
>You are likely going to need the Forwarding setup.
>
>
>--
>Herb Martin
>
>
>> >-----Original Message-----
>> >"Daniel" <anonymous@discussions.microsoft.com> wrote in
>> message
>> >news:156801c4dabc$c9949040$a401280a@phx.gbl...
>> >> I set things up the way you said to and it works. Putting
>> >> the router as a secondary DNS server and putting it into
>> >> the forward zone made things much faster. Thank you very
>> >> much for your suggestions.
>> >>
>> >
>> >Do you mean you have the router holding a copy of the
>> >forward zone for you internal network, e.g., as a Secondary
>> >for that zone?
>> >
>> >If so, that is fine and a good method (as Ulf said) for
when
>> >your DC or other main DNS is down (even being rebooted).
>> >
>> >It is NOT a good method if it doesn't hold that zone.
While
>> >it is true that with the (sole) DC down there is not
>> authentication
>> >anyway but you cannot absolutely depend on the "Primary"
>> >DNS server (on the client settings) to used in favor of the
>> >"Alternate".
>> >
>> >Make sure you client machines, including the DCs and DNS
>> >servers themselves as DNS clients, ALL use ONLY the
>> >DNS servers which can resolve the full internal domain or
>> >set of domains.
>> >
>> >In most cases you should:
>> >Forward the DNS-DC to the router DNS, and have it do
>> >the public resolution through physical recursion or in
>> >most cases have it also forward to the ISP.
>> >
>> >This way you internal, sensitive DC never visits the big,
>> >bad world of the Internet.
>> >
>> >--
>> >Herb Martin
>> >
>> >
>> >> >-----Original Message-----
>> >> >"Daniel" <daniel1213@msn.com> wrote in message
>> >> news:daniel1213@msn.com:
>> >> >> I am trying to set up a domain on a Win2k3 box at
home to
>> >> >> automate the tasks of the 8 computers in my house.
I can
>> >> >> get all the computers added to the domain without a
>> >> >> problem. My problem is, they all log in VERY
slowly. It
>> >> >> will sit on 'Loading personal settings' for a few
>> minutes.
>> >> >> I know this is a DNS issue and I have read alot on
this,
>> >> >> but I still can not get it to work, so I am here.
>> >> >>
>> >> >> The set up goes like this: The cable modem connects
>> to the
>> >> >> linksys router, which connects to my switch and
then all
>> >> >> computers are connected to the switch. I let the
router
>> >> >> handle DHCP (all computers have a static IP
though). The
>> >> >> DNS settings on the client machines are all set to
the DC
>> >> >> IP as well. Do I need to setup DNS info in the router
>> since
>> >> >> it is acting as the DHCP server?
>> >> >>
>> >> >> I am willing to try some more walk throughs, but would
>> >> >> really like some remote connection help. I am
hitting my
>> >> >> head on the desk here, it is annoying.
>> >> >>
>> >> >>
>> >> >> PS: Sometimes, I can not log into the domain on my
main
>> >> >> workstation, it says my u/p is not correct. Then I
>> try the
>> >> >> same u/p on my laptop and it works fine. It is
>> bothering me
>> >> >> much, just another issue.
>> >> >
>> >> >Hello Daniel,
>> >> >
>> >> >DNS should be configured that your clients and your
DC is
>> >> using the DC
>> >> >as DNS-Server, the DNS-Server on the DC should be
>> >> configured to forward
>> >> >to the linksys-router (to enable all computers resolving
>> >> external
>> >> >computers). You configure that in the DNS Management
>> >> console on the
>> >> >properties of the computer (Forwarders-Tab).
>> >> >
>> >> >If you sometimes don't run your DC you could also put
>> in the
>> >> >linksys-router as secondary DNS-Server on all machines.
>> >> >
>> >> >And make sure that the DC is working correctly, there
>> >> might be issues
>> >> >in DNS there. Just run dcpromo /v out of the support
tools
>> >> and parse
>> >> >the output for failed stuff.
>> >> >
>> >> >--
>> >> >Gruesse - Sincerely,
>> >> >
>> >> >Ulf B. Simon-Weidner
>> >> >
>> >> > MVP-Book "Windows XP - Die Expertentipps":
>> >> http://tinyurl.com/44zcz
>> >> > Weblog: http://msmvps.org/UlfBSimonWeidner
>> >> > WebSite: http://www.windowsserverfaq.org
>> >> >.
>> >> >
>> >
>> >
>> >.
>> >
>
>
>.
>