Jump to content
Compatible Support Forums
Sign in to follow this  
madsheep

Windows Server 2003 AD Problems :-(

Recommended Posts

Hi,

 

I am running Windows Server 2003 Enterprise Edition and I just added Active Directory services and made my computers the DNS server. I plan to just run a small network of computers in my apartment (3-4). I get my internet connection from my LinkSys router (if that makes any difference).

 

The upgraded to DNS server went find, AD installed fine, but now the computer takes a while to load up. Well, we all know this is normal. However, when mine boots up there is nothing in the Log on to: box, so I click it and I get "Please wait while the domain list is populated." This takes an extraordinary long time, and if I click on this drop down box again, it says the same message again and makes me wait even longer. It's absurdly long and my computer is the only one.

 

Also, once I finally log in, everything is dirt slow, and LSASS.EXE takes up about 51 in CPU Usage. It never did this before in the last year, nor did it do it earlier today. I don't know why my memory usage has jumped to 100% for the entire duration of my session. I am not sure why installing AD would do this. I am open to hear any suggestions. Also... logging off goes pretty quick despite how long booting up takes.

 

thanks...

 

Steven

 

Edit:

 

Oh yea, after a few minutes of waiting for the Domain List to be created, I finally selected my Domain, upon which I just got the message "Please wait while the domain list is created." ... again. :-( This is really annoying.

 

 

Edit (again! SORRY):

 

It appears vsmon.exe (zone alarm) was using ~50 in cpu usage too. After killing it, it seems my mem usage is back to 1-3% even and it also caused LSASS.EXE to stop using so much cpu time. odd.. any ideas here too? Thanks

[Edited by madsheep on 2004-05-25 18:32:59]

 

Share this post


Link to post

Do you have DHCP set up on the WS2003 machine? Also on the Linksys router?

 

DHCP scope(s) properly defined?

 

DNS forward zone(s) properly defined?

 

Sounds like you're having DNS lookup problems, check your event log(s). The reason I ask about DHCP is because if the router is supplying DHCP leases, there's no (easy) way to have those address leases added dynamiclly to Active Directory.

 

Let me know if that helps, or if you need some more info.

Share this post


Link to post

Oh, and with so few clients, you may want to consider Small Business Server 2003, as it includes Exchange and some other bells and whistles for smaller networks, like Sharepoint, IIS/default website, etc.

Share this post


Link to post

i have the same problem with one batch of PCs. they have an onboard intel pro/100 ve. i have disabled that card and inserted a d-link nic. the PC joined the domain in second, as it should. still trying to fix the problem with the onboard nic, as i have 80 PCs in this batch and don't fancy buying 80 new nics.

 

if you have discovered a solution to this problem, i would be very interested in the findings.

 

cheers.

 

 

Share this post


Link to post

Duplicate MAC addresses on the Intel (onboard) chips? Joining the domain with Domain Admin rights, correct? Have you tried adding an entry in Active Directory Users and Computers for the new PCs manually, then joining the domain?

 

Have you verified the latest (and correct) drivers are installed?

 

How are you installing Windows? RIS? Ghost images? OEM images? Have you verified that the correct driver(s) are in the install images?

Share this post


Link to post

The Domain Controller should reference itself in its primary DNS entry for its NIC. After doing this, the DC will take a while to boot because it times out on starting the NETLOGON service because DNS hasn't started yet, and it can't register its SRV records. This is normal, and not an issue as it will attempt to start NETLOGON again after DNS is started and will be fine.

 

All of your clients should have their primary DNS IPs set to that of the DC. At no point on the clients or DC should *ANY* other DNS server IP be listed. You should only have the IPs of AD DNS servers listed to keep resolution working properly. To get outside resolution, add your ISP's DNS server IP to the forwarders tab on the DC for "All Other DNS Domains". This will permit the server to submit recursive queries on behalf of the client to find the addresses of hosts outsided of the hosted DNS zone.

Share this post


Link to post

Clutch's post before me was spot on... We had the same trouble in our small 15 computer network as the original plaintiff of this thread - slow XP logins to the Windows 2003 Server, computer resource usage spikes, etc. The only exception was on our Win2K machine - no login delay for some reason. However, after implementing the DNS changes on each client computer, including the Win2K, everything improved on the XPs.

 

I would add that you can Google search on "All Other DNS Domains" and get a step by step for altering the info on the forwarders tab, or try:

 

http://techrepublic.com.com/5100-6268_11-5112303.html

 

Cudos to Clutch - smile

 

Originally posted by clutch:

Quote:
The Domain Controller should reference itself in its primary DNS entry for its NIC. After doing this, the DC will take a while to boot because it times out on starting the NETLOGON service because DNS hasn't started yet, and it can't register its SRV records. This is normal, and not an issue as it will attempt to start NETLOGON again after DNS is started and will be fine.

 

All of your clients should have their primary DNS IPs set to that of the DC. At no point on the clients or DC should *ANY* other DNS server IP be listed. You should only have the IPs of AD DNS servers listed to keep resolution working properly. To get outside resolution, add your ISP's DNS server IP to the forwarders tab on the DC for "All Other DNS Domains". This will permit the server to submit recursive queries on behalf of the client to find the addresses of hosts outsided of the hosted DNS zone.

 

Share this post


Link to post

Also, by default, all non-cached lookups will be forwarded to any of the root DNS servers, so you may wish to change this to your ISP/BSP provider's DNS servers for improved performance,

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

×