+ Post New Thread
Results 1 to 8 of 8
Windows Server 2000/2003 Thread, Domain Logon's slow only if Internet is disconnected in Technical; So here is the situation: I run a smallish school network (~75 computers, ~150 users) and I have come across ...
  1. #1
    BaronVonSchtuk's Avatar
    Join Date
    Feb 2010
    Location
    Yerevan
    Posts
    8
    Thank Post
    3
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Domain Logon's slow only if Internet is disconnected

    So here is the situation:

    I run a smallish school network (~75 computers, ~150 users) and I have come across a very strange problem. When the internet connection is lost (due to any number of reasons from crappy service from the ISP to cleaning ladies knocking a cord loose) my domain logons take an extraordinary amount of time (5-10min) to complete. This *only* happens when the internet is off. As long as the internet connection is good, logons are processed in a matter of seconds.

    The setup:
    2 x Windows 2003 R2 x64 Domain Controllers both running DNS
    1 x Windows ISA 2006 running DHCP
    Clients all run Windows XP SP3 Pro. About half the users have mandatory profiles with redirection and half use regular roaming profiles. Both types are affected by this problem.

    Until recently I was using only one DC that provided both DNS and DHCP services and a firewall (PfSense) out front. Same problems then.

    My DNS servers are set to forward to the google DNS servers (8.8.8.8, 8.8.4.4) because after much testing, I get much snappier results then by going with my ISP's DNS servers. That being said, I have the same problem when using my ISP's DNS servers.

    Ok, I am sure I left out some important details that some nice chap will point out for me, but I am hoping someone with a big brain will be able to tell me what stupid mistake I have made here cause this has been bugging me for almost a year now!

    Cheers!

  2. #2

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,938
    Thank Post
    886
    Thanked 1,693 Times in 1,472 Posts
    Blog Entries
    12
    Rep Power
    447
    In your client DHCP settings does the DNS point to your server?

    On the Nic on the server where do the DNS settings point?

  3. #3
    BaronVonSchtuk's Avatar
    Join Date
    Feb 2010
    Location
    Yerevan
    Posts
    8
    Thank Post
    3
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Client DHCP settings point to the two DC's (both static addresses, 10.0.0.3 and 10.0.0.4)
    The NIC's on the servers DNS are each set to loopback (127.0.0.1)

  4. #4

    RabbieBurns's Avatar
    Join Date
    Apr 2008
    Location
    Sydney
    Posts
    5,521
    Thank Post
    1,333
    Thanked 469 Times in 306 Posts
    Blog Entries
    6
    Rep Power
    199
    we used to have this problem. We traced it to a bit of 3rd party software we were using for intenet monotoriing NetIntelligence. If that couldnt talk to the internet, it would stuff up the machines..

    Never come accross such bad software in my life before..

  5. #5

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,458
    Thank Post
    646
    Thanked 1,614 Times in 1,444 Posts
    Rep Power
    419
    Have you tried with each dc pointing to the other for its primary dns?

    Ben

  6. #6
    BaronVonSchtuk's Avatar
    Join Date
    Feb 2010
    Location
    Yerevan
    Posts
    8
    Thank Post
    3
    Thanked 1 Time in 1 Post
    Rep Power
    0
    > we used to have this problem. We traced it to a bit of 3rd party software we were using for intenet monotoriing NetIntelligence. If that couldnt talk to the internet, it would stuff up the machines.

    I suppose that could also be our problem, but this problem has been going on for more than a year and just recently (a month ago) we moved to a new facility. During the move, I rebuilt the entire system from scratch and changed most of our software and it is still happening. I am more ready to blame myself for a misconfiguration somewhere than on a 3rd party piece of software, but you never know.

    > Have you tried with each dc pointing to the other for its primary dns?

    I have not tried, but this was also happening when I had only one DC. I will try and see what happens.
    Last edited by BaronVonSchtuk; 25th February 2011 at 09:04 AM.

  7. #7

    Join Date
    Jul 2006
    Location
    London
    Posts
    1,259
    Thank Post
    111
    Thanked 242 Times in 193 Posts
    Blog Entries
    1
    Rep Power
    74
    Some potential ways of digging deeper into this one:

    Much of the advice for debugging GPO issues involved increased telemetry from the startup/logon processes, so that seems like a good place to start:
    http://support.microsoft.com/kb/250842
    http://support.microsoft.com/kb/221833

    Use Procmon to look to see what the machines are doing during the delay. Trace with the internet up and without it.
    How To Enable System Boot Time Logging using Process Monitor Tool

    If that doesn't show anything conclusive try watching the traffic between a restarting machine and the internet.

    You could use
    Wireshark Go deep.
    or
    Download details: Microsoft Network Monitor 3.4

    Look to see what happens just before or during the pause. Cross reference with the trace from procmon, and perhaps DNS debug logs from your DCs.

    Some guesses to the cause:
    Webdav on the clients using a proxy the far side of your wan?
    An app phoning out, perhaps launching from a startup script that is set to run synchronously?


    Good luck.
    P.
    Last edited by psydii; 27th February 2011 at 11:16 PM.

  8. Thanks to psydii from:

    BaronVonSchtuk (28th February 2011)

  9. #8
    BaronVonSchtuk's Avatar
    Join Date
    Feb 2010
    Location
    Yerevan
    Posts
    8
    Thank Post
    3
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Thanks for the suggestions, I will dig a bit deeper and see what I can see. It would be nice to finally figure out this rather annoying issue!

    Cheers!

SHARE:
+ Post New Thread

Similar Threads

  1. Slow Windows XP Logon
    By FN-GM in forum Windows
    Replies: 2
    Last Post: 4th January 2011, 11:59 AM
  2. Slow initial logon
    By sdc in forum Windows 7
    Replies: 13
    Last Post: 27th May 2010, 12:15 PM
  3. Slow logon with TS clients
    By jcollings in forum Thin Client and Virtual Machines
    Replies: 7
    Last Post: 30th December 2008, 09:44 PM
  4. Help with slow wireless logon :(:(
    By jamin100 in forum Wireless Networks
    Replies: 14
    Last Post: 1st October 2008, 09:59 AM
  5. Slow logon for two profiles?
    By TechSupp in forum Network and Classroom Management
    Replies: 23
    Last Post: 14th October 2007, 09:29 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •