Very Slow resolution

[Robert]

I have 2k domain that was running fine until the DSL
company discontinued service (Getting new service soon)

However, When the DSL went out it now takes a very long
time to for the workstations to log in. When logging
into the domain the workstations take upwards of 5 full
minutes to load personel settings. If off the domain
they load normal.

I removed the routes for the DSL and their DNS IPs.
Still no luck. I removed the forward and reverse look
ups, and again still no luck.

Would appreciate any help
Thanks
Robert

 

[Ace Fekay [MVP]]

In

I have 2k domain that was running fine until the DSL
company discontinued service (Getting new service soon)

However, When the DSL went out it now takes a very long
time to for the workstations to log in. When logging
into the domain the workstations take upwards of 5 full
minutes to load personel settings. If off the domain
they load normal.

I removed the routes for the DSL and their DNS IPs.
Still no luck. I removed the forward and reverse look
ups, and again still no luck.

Would appreciate any help
Thanks
Robert

Well, the usual cause of long logon times can be:

1. Using your ISP's DNS addresses on your internal machines (DCs and
clients). They need to be all removed and ONLY use your internal DNS,
whether using ISP services or not since AD is reliant on the internal DNS.
Long logon times in this case maybe caused by the client machine asking some
other DNS server that has no idea where the domain controllers are.

2. SRV records are missing. Usual cause is either #1 above or single lable
name, Dynamic Updates not set to at least Yes, or the Primary DNS Sufffix
does not match the DNS zone name and the AD DNS domain name.

If you canpost an unedited ipconfig /all from a DC and a client, and your AD
DNS domain name as it shows up in your ADUC, that will greatly help us
diagnose this.


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Robert]

I don't have a copy of the IP config /all with me,
however I did check it and it did look like it should.
It did not show any other DNS IP's other than the ones
required for the lan. It was a simple network
192.168.10.10 ISP was routed to 192.168.10.50
When the ISP when down, I removed the route to 10.50.

All the workstations are running DHCP complete. All info
came from the DHCP server. The only place the PCs would
have been look at the IP for the ISP was in the browser.
So it would have to be settings comming from the server
itself.

So the IP config looked something like
192.168.10.20
255.255.255.0
192.168.10.10
DNS 192.168.10.10

When the ISP was there the secondary DNS was
192.168.10.50 which was routed out to the internet to
translate to the ISP's DNS.

I even tried cheating by trying to use WINs, but that had
no effect.

Funny thing is that when I try to UNC I have no issues.
But log on, Loading personel settings, and browsing have
become slow.

Thanks
Robert

 

[Ace Fekay [MVP]]

In

I don't have a copy of the IP config /all with me,
however I did check it and it did look like it should.
It did not show any other DNS IP's other than the ones
required for the lan. It was a simple network
192.168.10.10 ISP was routed to 192.168.10.50
When the ISP when down, I removed the route to 10.50.

All the workstations are running DHCP complete. All info
came from the DHCP server. The only place the PCs would
have been look at the IP for the ISP was in the browser.
So it would have to be settings comming from the server
itself.

So the IP config looked something like
192.168.10.20
255.255.255.0
192.168.10.10
DNS 192.168.10.10

When the ISP was there the secondary DNS was
192.168.10.50 which was routed out to the internet to
translate to the ISP's DNS.

I even tried cheating by trying to use WINs, but that had
no effect.

Funny thing is that when I try to UNC I have no issues.
But log on, Loading personel settings, and browsing have
become slow.

Thanks
Robert

Not sure what you mean by "route" in this scenario. "Routing" to me is a
router setting, not DNS.

Do the SRV records exist in DNS under the zone? I was also looking for the
Primary DNS Suffix setting on your machines thru the ipconfig /all and also
needed your AD DNS domain name as it shows up in ADUC just to confirm they
are all spelled properly and not a single label name. Single label names
with SP4 installed is a KNOWN issue.

Let me know when you get the ipconfigs.
Thanks

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Robert]

Okay not sure where we left off.
Tried all of the tricks that everyone has given me.

Name resolution to the server is fast again.
Slow to the Clients now.
and I lost the default gateway to the clients.
Gee I think I'm gonna need that.

Okay what did I do wrong. I have no default gateway
being given out by the DHCP server.

Oh and I do not have a virus on the system, I checked for
that before I screwed things up.

Thanks for all the brain power.

 

[Ace Fekay [MVP]]

In

Okay not sure where we left off.
Tried all of the tricks that everyone has given me.

Name resolution to the server is fast again.
Slow to the Clients now.
and I lost the default gateway to the clients.
Gee I think I'm gonna need that.

Okay what did I do wrong. I have no default gateway
being given out by the DHCP server.

Oh and I do not have a virus on the system, I checked for
that before I screwed things up.

Thanks for all the brain power.

We left off last month awaiting an ipconfig /all from you.

Default gateway? Check your DHCP server option 003. That is the gateway
address you are giving your DHCP clients.

Did you configure a forwarder?
Did you ONLY use your internal DNS server (not your ISP's)?






--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory