SBS Slow user logons problem
- From: BrainStomp <BrainStomp@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 29 Jun 2007 07:56:02 -0700
I need some help – this is driving me nuts.
I have two specific users on an SBS server that are having insane lag in
authenticating to the network (5+ minutes) and even after that, they get
limited connectivity at best.
This started a couple of months ago and I can’t seem to find the root of
this problem. Essentially, when the user logs in it takes 5+ minutes to log
in if the workstation they are loging into is connected to the network. If we
disconnect the workstation that they are loging into from the network prior
to their logon attempt then the process takes less than 40 seconds. However,
they have essentially no access to any of the network resources. This is tied
to the users as any user other than the two in question can log into the
workstations and have no problem at all. The users that are having the
problem can go to any workstation and duplicate the problem.
So far I have created new user accounts for them and re-associated their
original exchange mailbox to their new accounts and duplicated all the
account settings. But the problem seems to follow them even under the new
user accounts. The accounts have very little in common (three group
memberships) but there are other users with identical setups and have no
issues.
I have also disjoined their workstations from the domain and re-joined them
using new computer names and accounts created using the SBS new computer
wizard and the process of joining to the network was taken care of by using
the http://servername/ConnectComputer wizard.
I have deleted the Reverse DNS zone on the SBS server and recreated it.
I have re-run the “Connect to the Internet” wizard on the SBS server.
I have created static HOSTS and LMHOSTS files for the workstations that have
the information for the server.
The NIC drivers have been updated on all systems.
The workstations are getting errors in the event log that are:
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1053
Date: 6/28/2007
Time: 3:45:08 PM
User: NT AUTHORITY\SYSTEM
Computer: PSPWS002
Description:
Windows cannot determine the user or computer name. (An internal error
occurred. ). Group Policy processing aborted.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
And
Event Type: Error
Event Source: UserInit
Event Category: None
Event ID: 1000
Date: 6/28/2007
Time: 12:06:25 PM
User: N/A
Computer: PSPWS002
Description:
Could not execute the following script \\PSP.Local\SysVol\PSP.Local
\scripts\office03sp2.bat. The system detected a possible attempt to
compromise security. Please ensure that you can contact the server that
authenticated you.
..
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
And
Event Type: Information
Event Source: UPHClean
Event Category: None
Event ID: 1401
Date: 6/28/2007
Time: 11:44:06 AM
User: PSP\Administrator
Computer: PSPWS002
Description:
The following handles in user profile hive PSP\Administrator
(S-1-5-21-3312747669-4269627933-202494585-2074) have been remapped because
they were preventing the profile from unloading successfully:
svchost.exe (704)
HKCU (0x388)
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
And
Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40961
Date: 6/29/2007
Time: 10:44:18 AM
User: N/A
Computer: PSPWS002
Description:
The Security System could not establish a secured connection with the server
cifs/gslsql01.PSP.Local. No authentication protocol was available.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
And
Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40960
Date: 6/29/2007
Time: 10:44:18 AM
User: N/A
Computer: PSPWS002
Description:
The Security System detected an attempted downgrade attack for server
cifs/gslsql01.PSP.Local. The failure code from authentication protocol
Kerberos was "There are currently no logon servers available to service the
logon request.
(0xc000005e)".
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
All of the things above have created a perceived fix that lasts about 24
hours before it goes back to its old tricks. So just when I think that the
problem is fixed, it shows up again.
The server is SBS 2003 SP1 and the ipconfig/all of the server looks like this:
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : pspsrv01
Primary Dns Suffix . . . . . . . : PSP.Local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : PSP.Local
PPP adapter RAS Server (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.16.108
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Ethernet adapter LAN2:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-C0-9F-20-2E-83
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.16.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.16.1
DNS Servers . . . . . . . . . . . : 192.168.16.2
Primary WINS Server . . . . . . . : 192.168.16.2
The system used to have two LAN adapters but the one that was not in use has
been removed (one of the solutions mentioned on here or somewhere else dealt
with double homed SBS servers so I got rid of the extra card).
The workstations are all WinXP SP2 and the workstation ipconfig /all looks
like this:
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : PSPWS002
Primary Dns Suffix . . . . . . . : PSP.Local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : PSP.Local
PSP.Local
Ethernet adapter LAN:
Connection-specific DNS Suffix . : PSP.Local
Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated
Controller
Physical Address. . . . . . . . . : 00-0B-DB-0F-77-69
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.16.112
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.16.1
DHCP Server . . . . . . . . . . . : 192.168.16.2
DNS Servers . . . . . . . . . . . : 192.168.16.2
Primary WINS Server . . . . . . . : 192.168.16.2
Lease Obtained. . . . . . . . . . : Friday, June 29, 2007 10:27:17 AM
Lease Expires . . . . . . . . . . : Saturday, July 07, 2007 10:27:17
AM
Some of the things tried have been from looking in these forums or in
ExpertsExchange or in EventID.net - this is driving me insane, please help.
Thanks,
Carlos
.
- Follow-Ups:
- RE: SBS Slow user logons problem
- From: Newbie Tech
- Re: SBS Slow user logons problem
- From: Claus
- Re: SBS Slow user logons problem
- From: J. M. De Moor
- Re: SBS Slow user logons problem
- From: Cris Hanna [SBS-MVP]
- RE: SBS Slow user logons problem
- Prev by Date: Re: SPS with SP2 vs. WPA2
- Next by Date: Re: E-mail not reaching certain intended recipients
- Previous by thread: Re: Client Installation Files Missing after Install
- Next by thread: Re: SBS Slow user logons problem
- Index(es):
Relevant Pages
|
Loading
