Active Directory experts attention! Help needed

primesuspect

I have a client who has a fairly simple AD domain. ~25+ users on ~50 computers. The ghetto-style map is attached. I left some parts out, but you get the basic idea.

The duplicator group is on its own small gigabit network, uplinked to the domain controller by a single 100mb connection. Here's the problem:

When the duplicators are logged into the domain, with a normal domain user account, the machines run slow as hell. Sluggish, clunky mouse, everything takes minutes, etc. Very bad performance. When you log off, and log in locally to the machine (not logged into the domain) - everything's fine. I know it's not a hardware problem. It only occurs when the machine is logged into the domain.

Any clues?

Geeky1

Not a networking expert by any means, but I'll give it a shot...

how is the DVD farm set up? Network boot or what? Is the NAS for the data they're copying, backups, or what?

What are the specs on the DVD duplication computers?

primesuspect

no, they are not network boot. They are just plain ol computers with a bunch of SCSI 4x DVD burners hung off of them. The run perfectly well when they are not logged in to the domain. NAS is for disk images that are copied to each duplicator. The NAS doesn't have anything to do with this particular problem.

Each machine is ~amd xp 1800+ or a p4 1.8 w 512mb ram, pure scsi (1 scsi hd for OS, 1 scsi hd for duplication playground, and 4-12 burners per box). I am about 99% sure this is not a hardware problem.

Geeky1

Hrmm... Any way of seeing what the computers are doing when they're logged on to the domain? Tried doing a CTRL+ALT+DEL, going to the task manager's performance and networking tabs, and seeing what's going on? (I'm assuming XP, or 2k)

Shorty

Have you pinged from a duplicator to the DC and marked the results?

Just one DC.. running ADS, DHCP, DNS? Exchange present?

Is the NAS an open share (as it's an image bank, Im assuming not).

That would be my first thoughts mate

primesuspect

NAS is an open share, yes.

domain is set up thusly:

1 domain controller running AD, DHCP and DNS, as well as central symantec AV. However, the duplicators do NOT have the AV client installed.

1 database server running exchange and their ERP software on a progress database

1 print server which doubles as 2nd DNS

1 ftp server

primesuspect

Also I should mention that the NAS is NOT joined to the domain, as it is a Linksys NAS and is fairly basic. I don't think there is a way to join it to the domain.

Geeky1

The AV set up to search the other computers on the network, too? I'm pretty sure that's an option in the server install of Symantec AV Corp. I have on Habitat for Humanity's server...

primesuspect

The AV server hands out virus defs, program updates, and schedules to the clients, that's all. The clients do the virus scanning, and send results back to server for logging. the duplicators are not a part of this scheme.

Geeky1

Hrmm... it sounds to me like something is using a good portion of your network bandwidth, and that's what's causing the slowdown. I just can't figure out what it is.

If you've got DHCP enabled, you might try disabling it and manually assigning the clients IPs, and see if that works...

Shorty

But even if they were, there is no reason for sluggish performance (eg.. mouse).

Have you tried unjoining one machine from the domain and re-adding it??

Bud

whats the speed on the computers for network cards, and what your domain controllers hardware?

primesuspect

gigabit to the switch, and 1 100mb pipe to domain controller.

DC is a p3/tualatin 1000 with 512mb ram.

Bud

dc might not be fast enough and that 100mb pipe could be the lag.

primesuspect

but that would imply constant communication between client and server, and they're only logging in to the domain and then doing their thing. There's no network traffic between DC and client during normal operation, only during login. Logins go perfectly fast and normal. Type in password, enter, boom, logged in.

Bud

thats the only thing i could guess, sounds like you got a bad lag

Gobbles

Network performance can have a direct effect on your system speed, especially when application communicating over a network are invovled. ( I know thats obvious )

HP procurve managed switchs, 4*** series, if not configured properly, can have some super issues on a windows network.

Now.. for possible solutions...

1. Disable system restore on all drives on the sluggish machine.

2. disable QoS

3. Windows domains running in mixed mode can cause sluggish performance on some machines.

Ill see if my mind can think of anything else..

Gobbles

Geeky1

Shorty, you're probably right. HOWEVER, I've had windows do some STRANGE things before, so I wouldn't rule it out...

primesuspect

Well, gobbles, one thing I can tell you is that the domain is running in native mode, so we can eliminate that.

The HP Procurve info intrigues me. Can you elaborate or point me in the right direction?

citrixmeta

hows your DNS, can you resolve your internal PC/servers?

NSLookup on one of your clients and verify if it comes back clean with no errors.

how are your profiles configured? roaming?

any events on the DC?

Templar

I'm no expert, but I have worked with smaller scale AD's before (Did one in Netacad, did one at home for LAN parties). What OS does the AD server run (I'm guessing Win2K Adv. Server?), and what OS do the clients run? You may have a setting being applied that may cause those machines to slow down (My first guess would be anything involved the SCSI devices). It may deserve at least a quick skim of the policies to make sure nothing is abnormal.

And, Have you used any network monitoring software perhaps to see if there IS traffic causing it?

topherice

Do these machines have static addresses?Are they DHCP assigned when logged onto the domain, do they have DHCP reservations? If so, are they using the same DNS when logged onto the domain vs. when logged in locally?

primesuspect

They use the same DNS servers regardless of domain login status. They are DHCP assigned.

Templar: The domain controller runs very well, with low loads. The other 30-40 computers on the domain are running just fine. It's just these particular machines, so I'm beginning to think that it's the single 100mb pipe between all these machines and the DC.

Shorty

But it shouldn't have that much effect unless there is a constant stream of network traffic to and frowing to the DC.

Have you tried removing and re-adding it to the domain? What's the amount of network activity and CPU usage once it's logged on??

t1rhino

Can you try putting some of the duplicators on 100mb to see if it makes any difference?

Bud

i agree with you prime i think that 100mb line is the lag

Gobbles

primesuspect had this to say
Well, gobbles, one thing I can tell you is that the domain is running in native mode, so we can eliminate that.

The HP Procurve info intrigues me. Can you elaborate or point me in the right direction?

That there is a known issue with windows OS's disconnecting from windows servers, and the procurve managed switchs if not configured right make the problem worse. Now this is not your issue but it does point to the fact the switchs when not configured properly have direct effects on windows networks...

Ill try and dig up something from HP as its been over a year or so.

Gobbles

primesuspect

Well, I've narrowed it down to this:

It only happens on Windows 2000 SP4, and only if logged into an account that does NOT have domain admin rights.

So this rules out hardware, bandwidth, cabling, and any other infrastructure problems, in my opinion.

It does NOT happen on the XP SP1 boxes, using the same exact account, and it does NOT happen on the Win2K SP4 boxes if I log in with an account that has Domain Admin privledges.

Curiouser and curiouser..... .

Geeky1

Ok, this is a long shot, I know, but...

Is Format C:\ (return) a viable option in this case?

primesuspect

No.