Networking

Farewell to long domain logon times in Windows 2000 Server

After installing the Active Directory in Windows 2000 Server, setting up all the computers in a domain, and creating users, are end users grumbling about long logon times? This common complaint is easily solvable. Read this article and bid farewell to long domain logon times.

Did you know that most problems with Active Directory in Windows 2000 Server stem from an incorrect Domain Name System (DNS) setup? Long logon times specifically are good indicators that DNS isn't set up properly. When client computers try to log on, they query the DNS server for any domain controllers (DCs) that can authenticate the user. The component that tries to locate a DC is the Domain Controller Locator, which runs in the context of the NetLogon service. The Domain Controller Locator queries the DNS server for Service Resource (SRV) records in this form:

_ldap._tcp.DnsDomainName

If the DNS resolution isn't working correctly or if the registration is incorrect for the DCs, the clients will not find the DC.

If you experience such problems, run the Netdiag utility on the clients and DCs. This utility will perform a series of tests and display any problems it finds. Netdiag can also resolve simple DNS problems with the /fix switch, netdiag /fix.

Miss a column?

Check out the Windows 2000 Server archive, and catch up on the most recent editions of Jim Boyce's column.

Want more Win2K tips and tricks? Automatically sign up for our free Windows 2000 Server newsletter, delivered each Tuesday!

Editor's Picks

Free Newsletters, In your Inbox