Client authentication problems in AD.

  • Thread starter Thread starter WS
  • Start date Start date
W

WS

Hi Everyone,

We have two DC's (W2K3) and a F&P member-server in our domain. Client
machines (XP SP1) can log on successfully to the domain, but when they
attempt to access a file share on the F&P box, they experience very long
delays. If they attemp to access as file share I created on the DC's, access
is immediate.

If I create a local account on the client box, and give it rights to the
share on the F&P server, then access is also immediate.

Do any of you have an idea why this may be happening? DNS is working
properly on the client boxes, and they appear to access the DC's - it just
takes a while for the shares to open.

Thanks for your help!
 
Since access is immediate when they use credentials for a local account on
the box, my first thought is that the server a taking a long time to
validate credentials against the domain controller. One thing that might
cause this is the server not pointing to the correct place for DNS. I
assume that your DC is a DNS server and has a zone for the domain, so you
might check to make sure that the F&P server is pointing to the DC for DNS.

If this does not help, you might want to install Network Monitor on the F&P
server and take a network trace of this activity.
 
Hi,

Thanks heaps for your response.

It turns out that if I disable the Windows XP client service called
"Webclient", things run soothly. On our Win2K domain, which has Win XP
clients, things run smoothly even when this service is enabled.

Is something on W2K3 trying to utilise the Webclient service?

Jimmy Harper said:
Since access is immediate when they use credentials for a local account on
the box, my first thought is that the server a taking a long time to
validate credentials against the domain controller. One thing that might
cause this is the server not pointing to the correct place for DNS. I
assume that your DC is a DNS server and has a zone for the domain, so you
might check to make sure that the F&P server is pointing to the DC for DNS.

If this does not help, you might want to install Network Monitor on the F&P
server and take a network trace of this activity.

--
Jimmy Harper [MSFT]
Directory Services
This posting is provided "AS IS" with no warranties, and confers no rights


WS said:
Hi Everyone,

We have two DC's (W2K3) and a F&P member-server in our domain. Client
machines (XP SP1) can log on successfully to the domain, but when they
attempt to access a file share on the F&P box, they experience very long
delays. If they attemp to access as file share I created on the DC's, access
is immediate.

If I create a local account on the client box, and give it rights to the
share on the F&P server, then access is also immediate.

Do any of you have an idea why this may be happening? DNS is working
properly on the client boxes, and they appear to access the DC's - it just
takes a while for the shares to open.

Thanks for your help!
Click to expand...
Click to expand...
 
Back
Top