logon process takes too long

[Guest]

Archived from groups: microsoft.public.win2000.active_directory,microsoft.public.win2000.dns,microsoft.public.win2000.general (More info?)

I've just set up a Win2003 test enviroment with 1 DC/DNS server and 1 member
server.

Logging on to the domain from the test server is taking more than 10 minutes
until it finally completes. I have a feeling something may not be configured
correctly on the DC, but I'm not sure what.

Any helpful ideas would be welcome.

Thanks in advance.

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory,microsoft.public.win2000.dns,microsoft.public.win2000.general (More info?)

Many of the slow logon issues I've seen like this are caused by using an
Internet domain name as your internal domain and not having the right DNS
server specified on the client trying to authenticate in the domain.

Ray at work

"johndoe" <jdoe@ram.org> wrote in message
news:QNU8e.26732$1p4.21934@trndny06...
> I've just set up a Win2003 test enviroment with 1 DC/DNS server and 1
member
> server.
>
> Logging on to the domain from the test server is taking more than 10
minutes
> until it finally completes. I have a feeling something may not be
configured
> correctly on the DC, but I'm not sure what.
>
> Any helpful ideas would be welcome.
>
> Thanks in advance.
>
>

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory,microsoft.public.win2000.dns,microsoft.public.win2000.general (More info?)

"Ray Costanzo [MVP]" <my first name at lane 34 dot commercial> wrote in
message news:Ow3oWeFRFHA.2788@TK2MSFTNGP09.phx.gbl...
> Many of the slow logon issues I've seen like this are caused by using an
> Internet domain name as your internal domain and not having the right DNS
> server specified on the client trying to authenticate in the domain.

Ray is correct.

Many of these are caused by DNS problems that eventually
fail over to some additional, or even tertiary name resolution
method and then succeed but VERY SLOWLY.

So check your DNS:

DNS for AD
1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
4) If you have more than one Domain, every DNS server must
be able to resolve ALL domains (either directly or indirectly)

netdiag /fix

....or maybe:

dcdiag /fix

(Win2003 can do this from Support tools):
nltest /dsregdns /serverC-ServerNameGoesHere
http://support.microsoft.com/kb/q260371/

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.

Single Label domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]