|
|
Hi,
We have Windows 2003 server domain controller available locally (i.e.
in LAN) to our computers. When there is a WAN link outage and users
try to login to their (domain) computers, login process takes about
2-3 hours to complete. If I disconnect the network (LAN) cable from
the computer and then ask the user to login, login works fine.
Is there any other solution to avoid such a long login process in case
of WAN outage, other than disconnecting the network cable? I mean via
some settings in AD or group policy?
Thanks in Advance.
HRP
|
|
Hello hrparikh,
Is the DC in the LAN or in another location over WAN connected? You are not
clear in this.
If it is in the LAN, make sure the DC, i assume it is also DNS server, is
up and running correct and that the clients use only the domain DNS server,
no other DNS ip's on the NIC.
If the DC/DNS is only reachable over WAN, the clients try to reach it before
using the cached credentials. Cached credentials are also used if the network
cable is unplugged, but without network it is faster.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
[Quoted Text] > Hi,
>
> We have Windows 2003 server domain controller available locally (i.e.
> in LAN) to our computers. When there is a WAN link outage and users
> try to login to their (domain) computers, login process takes about
> 2-3 hours to complete. If I disconnect the network (LAN) cable from
> the computer and then ask the user to login, login works fine.
> Is there any other solution to avoid such a long login process in case
> of WAN outage, other than disconnecting the network cable? I mean via
> some settings in AD or group policy?
> Thanks in Advance.
> HRP
|
|
Howdie!
hrparikh wrote:
[Quoted Text] > We have Windows 2003 server domain controller available locally (i.e.
> in LAN) to our computers. When there is a WAN link outage and users
> try to login to their (domain) computers, login process takes about
> 2-3 hours to complete. If I disconnect the network (LAN) cable from
> the computer and then ask the user to login, login works fine.
> Is there any other solution to avoid such a long login process in case
> of WAN outage, other than disconnecting the network cable? I mean via
> some settings in AD or group policy?
Check DNS. An unplugged cable during logon that makes logon faster is a
sign for DNS issues. Check whether the DC is available to the clients
and whether they can contact it. Is there only one DC in the domain?
What DC are they authenticating to?
cheers,
Florian
--
Microsoft MVP - Group Policy
eMail: prename [at] frickelsoft [dot] net.
blog: http://www.frickelsoft.net/blog.
Maillist (german): http://frickelsoft.net/cms/index.php?page=mailingliste
|
|
Hello Meinolf,
Our DC is in the LAN to our computers. It is also a GC and also a DNS
server. NIC setting on computers is set to refer this server as first
DNS server. Here my question is, we have added secondary DNS server's
IP too in the NIC settings of computers in the LAN. Will it make any
difference? If we do not provide secondary DNS ip, computers will not
get IP if primary DNS server is not reachable. DC/DNS is in the same
LAN in which all other computers are. We do have multiple sites in our
network and these sites are connected via WAN.
HRP
|
|
Hi
Sounds DNS issues, make sure that the internal clients only use their
internal DNS in their NIC configuration, otherwise they'll try to get AD
info at some DNS server that doesn't know anything about your environment,
and that is not good nor a good way to set things up.
--
I hope that the information above helps you.
Have a Nice day.
Jorge Silva
MCSE, MVP Directory Services
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.
"hrparikh" <parikhhiral[ at ]gmail.com> wrote in message
news:489918b0-ab01-440c-b08d-cb48f0170898[ at ]u18g2000pro.googlegroups.com...
[Quoted Text] > Hi,
>
> We have Windows 2003 server domain controller available locally (i.e.
> in LAN) to our computers. When there is a WAN link outage and users
> try to login to their (domain) computers, login process takes about
> 2-3 hours to complete. If I disconnect the network (LAN) cable from
> the computer and then ask the user to login, login works fine.
> Is there any other solution to avoid such a long login process in case
> of WAN outage, other than disconnecting the network cable? I mean via
> some settings in AD or group policy?
>
> Thanks in Advance.
> HRP
|
|
|