Logging onto domain takes 10 minutes

  • Thread starter Thread starter margie
  • Start date Start date
M

margie

I have a new setup with 1 domain controller, it seems to
run fine sometimes, but sometimes it seems to bog down
and it takes users too long to log into the domain.
Sometimes all users' computers freeze for a few minutes
as well. What do I have set up wrong?
 
In
margie said:
I have a new setup with 1 domain controller, it seems to
run fine sometimes, but sometimes it seems to bog down
and it takes users too long to log into the domain.
Sometimes all users' computers freeze for a few minutes
as well. What do I have set up wrong?
Click to expand...

The usual culprit is the use of your ISP's DNS in TCP/IP Properties. You
should use only your local AD DNS address in all machines TCP/IP properties.

For internet access follow Step 3 closely in this KB: 300202 - HOW TO
Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/default.aspx?scid=kb;en-us;300202&FR=1
 
Make sure your DC is running dns and only points to itself for DNS in the TCP/IP properties. All you clients should also point at only the DC for DNS.
Configured your DNS server with a forwarder to the ISP. Enabled dynamic updates on your AD zone on the DNS server and that should cover it.

Thank you,
Mike Johnston
Microsoft Network Support

--

This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated.
 
Thank you, It is set up in the DNS section of the proxy
server, I thought I had to put that there for the ISP to
be seen by all. I will take it out.

Thanks for your help!
 
I did what you suggested, however, when I took the ISP's
addresses from the DNS setup on TCP/IP settings, the
internet did not work properly. Was I supposed to change
the setting for the ISP/ext nic as well as the internal
nic settings?

I did make all the other changes and so far so good
today...
 
In
margie said:
I did what you suggested, however, when I took the ISP's
addresses from the DNS setup on TCP/IP settings, the
internet did not work properly. Was I supposed to change
the setting for the ISP/ext nic as well as the internal
nic settings?

I did make all the other changes and so far so good
today...
Click to expand...
All NICs on all machines should point to the internal DNS server.
Did you configure your DNS server as per the KB article I referred to?
This is usually caused by the existence of a "." Forward Lookup Zone but
there can be other causes such as "Disable recursion" checked on the
Advanced tab, DNS being unable to find the gateway or external DNS servers.
 
In
margie said:
I did what you suggested, however, when I took the ISP's
addresses from the DNS setup on TCP/IP settings, the
internet did not work properly. Was I supposed to change
the setting for the ISP/ext nic as well as the internal
nic settings?

I did make all the other changes and so far so good
today...
Click to expand...

For the Proxy server, since you are using Proxy, assuming Proxy is NOT part
of the AD domain, you can use your ISP's in that machine ONLY. What everyone
is saying is to make sure ALL internal machines (DCs and clients) *only* use
the internal DNS. That is what 99% of the time causes long logon times.

*Assuming* you're using Proxy's web caching service, you would configure
your web browsers with it's address under Internet Options. That would
continue to work.


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
Back
Top