Did you know that most problems with Active Directory in Windows 2000 Server stem from an incorrect Domain Name System (DNS) setup? Long logon times specifically are good indicators that DNS isn't set up properly. When client computers try to log on, they query the DNS server for any domain controllers (DCs) that can authenticate the user. The component that tries to locate a DC is the Domain Controller Locator, which runs in the context of the NetLogon service. The Domain Controller Locator queries the DNS server for Service Resource (SRV) records in this form:
If the DNS resolution isn't working correctly or if the registration is incorrect for the DCs, the clients will not find the DC.
If you experience such problems, run the Netdiag utility on the clients and DCs. This utility will perform a series of tests and display any problems it finds. Netdiag can also resolve simple DNS problems with the /fix switch, netdiag /fix.
Miss a column?
Check out the Windows 2000 Server archive, and catch up on the most recent editions of Jim Boyce's column.
Want more Win2K tips and tricks? Automatically sign up for our free Windows 2000 Server newsletter, delivered each Tuesday!