locked
Slow logons when people roam from one office to another office that contain a RODC. RRS feed

  • Question

  • Hi all,

    We have a Hub and Spoke network setup.
    For our branch offices we use local RODCs that contain the passwords for the roaming users that visit multiple offices.
    Now, whenever someone visits a different office the logon process can literally take up to 40 - 45 minutes. The solution is to disconnect the network cable and wait for the desktop to appear. When these users logon for a second time everything works as expected.

    My gut feeling is that it's a name resolution issue. The other office will still have the old DNS entry for the laptop while it boots in another DC's network.

    Now how do i troubleshoot this?

    Our DHCP servers should update the DNS record on our writable 2008 DC and replicate it down in 30 seconds. Do the replication settings hinder this? Or does this work like a password reset? ( ie fast replication )

    Using userenv debug logging i can see that it waits for something like 20 minutes on some things.

    Info:

    Hub network:

    Mixture of 2003 and 2008 DC's.
    Non DC site coverage has been turned off on the 2003 DC's so that they won't interfere with the 2008 RODCs.
    2 Writable DCs, both GCs.

    Spoke:

    2008 RODC.
    DHCP server
    DNS
    GC.

    Clients:
    XP SP3 with GPO extensions.

    Any help is appreciated.

    Kind regards,

    Kor
    Sunday, September 13, 2009 12:56 PM

All replies