XP and Active Directory

G

Guest

I have 50 xp and 10 win98 workstations. The win98 logon to the server 2000 in
15 secs, the Xp w/s take 2.5 minutes.No roaming profiles setup, just basic
logon. Is it anything in gpedit, a user profile or computer config setting??
I appears to be a profile or user settings issue.
Thanks for your help
Des.
 
O

Oli Restorick [MVP]

How is your DNS set up? If possible, provide "ipconfig /all" reports from
an XP box and all DCs.

Is there anything showing up in the event logs of the XP machines?

Oli
 
G

Guest

I'm having the same problem. seeminly came up after the consultant installed
a sonicwall firewall - configed the sonicwall as the DHCP, also turned off
the DNS service on the server. DNS is pointing to an outside DNS. Evenlog
shows Userenv and Autoenrollment errors. have done the ipconfig and xp shows
the correct DNS address. what else could it be??
D
 
G

Guest

I am having the same problem. seemingly started happening after the
consultant installed a Sonicwall Firewall. He made the sonicwall the DHCP
server and turned off the DNS service on the Win2K server. have done the
ipconfig and it shows the correct DNS server - pointing to the outside.
errors in the eventlog are Userenv and autoenrollment errors. what else
could it be?
 
G

Guest

I am having the same problem. seemingly came up after the consultant
installed a sonicwall firewall. he made the sonicwall the DHCP server and
turned off the DNS service - pointing to an outside DNS server. did ipconfig
 
D

Danny Sanders

turned off the DNS service - pointing to an outside DNS server.


AD MUST have a DNS server set up for AD. *Usually* it is on a Win 2k server.
The DNS server MUST support SRV records.

I would suggest using Win 2k's DNS server and forwarding to the "outside DNS
server".

See:
Setting Up the Domain Name System for Active Directory

http://support.microsoft.com/default.aspx?scid=kb;en-us;237675



and

How to: Configure DNS for Internet Access In Windows 2000

http://support.microsoft.com/default.aspx?scid=kb;en-us;300202





hth

DDS W 2k MVP MCSE
 
G

Guest

thank you. and sorry about all the same posting. I kept getting an error
message saying it didn't go. I'll read the
article you have suggested and get back to you if I have any questions.
thanks again!
 
G

Guest

ok, did that and it doesn't seem to making any difference. still slow, still
getting the userenv error #1054, userenv error #1053, and the autoenrollment
error #15. I've also got some XP's that seem to "lose" connectivity, if they
have been typing for a while and go to look for something on their network
drive, it ain't there - the network drive that is - and they have to reboot.
It seems so odd that these problems "seemed" to start up when the SonicWall
was installed but the "consultant" says it doesn't have anything to do with
it. I'm up for more suggestions, please.

thanks,
D
 
D

Danny Sanders

In the properties of TCP/IP, what do these computers point to for DNS? Is
there a second entry?

DDS
 
G

Guest

Yes, it has a second entry. it's pointing to our T1 provider - a 216.127.X.X
number. if I do a ipconfig on the xp's it also shows these addresses for the
DNS.
 
D

Danny Sanders

Yes, it has a second entry. it's pointing to our T1 provider - a
216.127.X.X


AD clients MUST point to the AD DNS server ONLY.


Point ALL AD clients to the DNS server set up for your AD domain ONLY.
Point your AD DNS server to itself in the properties of TCP/IP. During logon
the proper SRV records from the DCs will get registered on the DNS server.
You may have to relog in or re start your server so the SRV records get
registered when the netlogon service runs.

Check to see if they are listed:
How to Verify the Creation of SRV Records for a Domain Controller

http://support.microsoft.com/default.aspx?scid=kb;en-us;241515


These SRV records MUST be found by AD clients. Pointing AD clients to *any*
*other* DNS server (even as a second entry) WILL cause problems. The reason
being, your ISP is not going to allow your AD servers to register themselves
on their DNS server, nor do you want your private internal DNS records
exposed to the world by registering them on a public DNS server.

For Internet access, either set up your AD DNS server to forward requests
and list your ISP's DNS server(s) as the forwarders (This is the ONLY place
on your AD domain your ISP's DNS servers should be listed) or you can use
root hints.


Those 2 links I originally sent explain how to set up DNS to work properly
within your AD domain and how to get Internet access. Follow them closely,
it is not stated *anywhere* in those articles that you add your ISP's DNS
server as the second DNS server on AD clients.

Once you fix DNS you may have to run ipconfig /flushdns followed by ipconfig
/registerdns.


hth
DDS W 2k MVP MCSE
 
G

Guest

Thank you Danny. You're right on. sorry in so long it getting back to you
but I'm not allowed to make the changes, have to let the consultant do that.
everything is running great now!!

Many thanks again!
D
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Xp Pro and Active Directory 2
XP pro and Server 2000 AD 1
Profile problems.Domain name appended to profile and settings are 3
User Profiles Not Being Created 3
Sharing trouble with 2k server and XP 3
"Your user profile was not loaded correctly" with roaming profile in AD domain 1
Windows XP Windows XP SP3 clients hang at wallpaper after logon to Windows 2000 domain 2
Group Policy Problems on new xp pro machine w/ SP3 1

Top