HPE Community
Windows Server 2003
1837007 Members
1971 Online
110111 Solutions
New Discussion

Re: Logon delay in Windows 2003

 
SAKET_5
Honored Contributor

‎01-18-2005 01:29 AM

‎01-18-2005 01:29 AM

Logon delay in Windows 2003

Hi All,

Proliant DL380 G4 running Windows 2003 Enterprise Server.Behing a Cisco PIX firewall.

Majority of users can log on to this host fine using Remote Desktop from their XP clients. A few user accounts though coming from various different subnets - when they try to log on, the logon process takes more than 45 minutes to complete.

Firewall ports possibility is ruled out as other people from same subnets can log on. It just with a few accounts. The accounts affected have been granted access to the host.

I find it strange that it only happens with a few accounts, accounts have been checked for any weird settings or group policies - nothing unusual found.

We have experienced on a few other Windows 2003 servers as well.

Anyone, any clue?

Thanks

0 Kudos
6 REPLIES 6
Gary Cooper_1
Esteemed Contributor

‎01-18-2005 02:33 AM

‎01-18-2005 02:33 AM

Re: Logon delay in Windows 2003

Hi Saket,

Sorry to be a "Me too", but I'm also seeing a similar problem.

I'm in the process of setting up a SBS 2003 machine and currently I'm connecting to it using two clients. One is an XP client connected to the SBS domain - I don't seem to have any performance issues here (touch wood).

My other client is a Win2K machine connected to a different domain. I have an account with the same username and password on both domains. I can connect to the server using RD on both clients but on the Win2K machine it is noticibly slower. Similary when I browse the server using my Win2K client, that is significantly slower.

I haven't had time to dig into it yet, but my suspicion is that it's the differnce in domains that's a factor. BTW, they are both on the same subnet.

Please keep us informed if you get to the bottom of this - and I'll post when I get time to look into it.

Good luck.

Gary
0 Kudos
Norman_21
Honored Contributor

‎01-18-2005 09:17 PM

‎01-18-2005 09:17 PM

Re: Logon delay in Windows 2003

Saket,

Is the Win2K3 Enterprise a Terminal Server?

Usually the logon delay due to WINS/DNS settings. Please double chech WINS/DNS and the RDP settings too.
Considering that you already checked the Firewall settings as well as the GPO settings, I would uninstall and re-install TCP/IP and try to login again.

"Attitudes are contagious, is yours worth catching"/ My first point was given by SEP on January 31, 2003
0 Kudos
SAKET_5
Honored Contributor

‎01-19-2005 02:20 AM

‎01-19-2005 02:20 AM

Re: Logon delay in Windows 2003

No different domains issue, no DNS/WINS networking issue...

Guys, take this...the same host can be accessed fine from the same subnet by some accounts but not by a few others. My initial thought was firewall is out as it would affect everyone outside the firewall but this is not the case.

But this morning, the affected server was put outside the firewall and problem went away for those people who had probs before. It was identified that for those people having problems, traffic on port 445 & 135 was denied.
Again this is wierd as why is that not the case for everyone else? Anyway, so we allow these ports - the problem occurs again even with these ports open...go figure!

thought i should share this with you...

ciao!
0 Kudos
Jon Finley
Honored Contributor

‎01-19-2005 06:14 AM

‎01-19-2005 06:14 AM

Re: Logon delay in Windows 2003

Sounds like the SP2 firewall is acting up.

Make sure that File and Print sharing is in the firewall exclusions list.

The File and Print sharing scope defaults to the local subnet. If you need to expand this setting, you can enter a custom range to allow through. i.e. 129.219.0.0/255.255.0.0,192.168.10.0/255.255.255.0 etc.

Jon
"Do or do not. There is no try!" - Yoda
0 Kudos
SAKET_5
Honored Contributor

‎01-19-2005 12:26 PM

‎01-19-2005 12:26 PM

Re: Logon delay in Windows 2003

SP2 Firewall?? My understanding is this only applies to XP, correct?????

The server runs Windows 2003 Enterprise Edition.

0 Kudos
Norman_21
Honored Contributor

‎01-19-2005 02:07 PM

‎01-19-2005 02:07 PM

Re: Logon delay in Windows 2003

Saket,

If you put the Server outside the Firewall will the problem go away again?

Use this free tool from Microsoft to determine which ports are blocked for those clients having issues. Run the same tool in the computers that do not have this problems in the same subnet just to find out what ports are opened for them and what ports are blocked.

portqry -n

Or
portqry -n -p tcp -e 135

or

portqry -n -p tcp -e 445

you may replace tcp with udp protocol

Donwload it from here:
http://www.microsoft.com/downloads/details.aspx?FamilyID=89811747-c74b-4638-a2d5-ac828bdc6983&DisplayLang=en

If those client computers are joined to the domain, then disable the firewall setting in the GPO, just incase...

Hope this help
"Attitudes are contagious, is yours worth catching"/ My first point was given by SEP on January 31, 2003
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.