Re: SIDs in Security Tab slow to resolve

From: Mike (switzer12_at_hotmail.com)
Date: 10/30/03

• Next message: Roger Abell: "Re: Forcing Windows XP date and time"
• Previous message: anonymous_at_discussions.microsoft.com: "Re: SIDs in Security Tab slow to resolve"
• In reply to: Roger Abell: "Re: SIDs in Security Tab slow to resolve"
• Next in thread: Roger Abell: "Re: SIDs in Security Tab slow to resolve"
• Reply: Roger Abell: "Re: SIDs in Security Tab slow to resolve"
• Reply: Roger Abell: "Re: SIDs in Security Tab slow to resolve"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 29 Oct 2003 17:03:35 -0800

Roger,

Thanks for the great message.

I just tried this, and it didn't seem to help at all. It
may be my imagination, or just a coincidence, but it
almost seemed worse. I think you're onto something
thought, I just don't know what goes on in XP's head.
2000 - across the board - is snappier and runs much
faster, including our host of apps here. Strange delays,
sluggish performance - I've been developing XP standard
desktop images here for the past 12+ months, and it's like
I've had to fight tooth and nail for each little (minor)
perforance victory.

The name resolution thing, how NetBIOS names resolve vs.
DNS, etc. - I think you could be onto something. Our
DNS/WINS servers are new too though, and run on 2000.
Wierd stuff.

Thanks for your help!

Mike

>-----Original Message-----
>One most often sees that type of behavior when the
>groups used in the grants (in the Security dialog) are
>domain groups, and the client has a misconfigured
>networking interface. When this is so, the client first
>tries DNS to locate the domain in order to resolve
>what it knows (the SIDs) to user friendly strings (the
>account/group names). When the AD supporting DNS
>is not used the client first tries and then finally fails
>over to other NetBT based means.
>
>Now, this is not exactly your circumstance, as you do
>not have an Active Directory environment. However
>if the client is following the same course of action this
>would explain what you experience.
>
>One thing that you could try is shutting off the DNS
>caching resolver on the client. When this is done, the
>client will fall back on the older DNS resolver.
>So as a test, try setting the DNS client that shows in
>the services mgmt interface to stopped, or at a cmd use
>net stop dnscache
>Then, try things out. To be fair perhaps set the DNS
>client service to manual, and reboot, and see if there
>is a significant difference. If so, this hypothesis has
>some value, else it is something else. If this is the
issue
>and you decide to not use the caching resolver, then by
>all means remember to reenable it if/when you move
>to an Active Directory environment.
>--
>Roger Abell
>Microsoft MVP (Windows Server System: Security)
>MCSE (W2k3,W2k,Nt4) MCDBA
>"Mike" <switzer12@hotmail.com> wrote in message
>news:02c501c39e64$71908240$a501280a@phx.gbl...
>> NT 4.0 PDC and two BDCs running on new, fast hardware.
>>
>> Mix of 9x and XP desktops.
>>
>> XP performs fairly well, but I have noticed when doing a
>> Properties on resources/folders on network shared drives
>> when I click on the Security tab, I usually see
>> (immediately) SYSTEM and then a bunch of SIDs, which
>> (slowly) resolve to names.
>>
>> What could cause these delays? Shouldn't this stuff
come
>> up immediately? We Two of our DCs (in this 4.0 case,
one
>> PDC and one BDC) are Gb attached to heavy duty backbone
>> switches, all duplex settings are kosher, the network is
>> fast, as is the main PDC and BDC hardware (new Compaq
>> DL360 servers).
>>
>> Any recommendations would be MUCH appreciated.
>>
>> Thanks.
>>
>> Mike
>>
>
>
>.
>

---

• Next message: Roger Abell: "Re: Forcing Windows XP date and time"
• Previous message: anonymous_at_discussions.microsoft.com: "Re: SIDs in Security Tab slow to resolve"
• In reply to: Roger Abell: "Re: SIDs in Security Tab slow to resolve"
• Next in thread: Roger Abell: "Re: SIDs in Security Tab slow to resolve"
• Reply: Roger Abell: "Re: SIDs in Security Tab slow to resolve"
• Reply: Roger Abell: "Re: SIDs in Security Tab slow to resolve"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: DNS-AD integration ... On the client open a command prompt and type "set". ... I have also set up AD-integrated DNS in both of these servers. ... use the first domain controller ip address. ... It will use DNS Round Robin to resolve it. ... (microsoft.public.windows.server.dns) Re: SIDs in Security Tab slow to resolve ... Security) ... how NetBIOS names resolve vs. ... > DNS, etc. - I think you could be onto something. ... When this is so, the client first ... (microsoft.public.windowsxp.security_admin) Re: Advice Needed - AD integrated DNS Zone ... >> Trying to trouble shoot a client DNS issue. ... >> but resolve correctly when DNS is set the third server. ... I don't want the DNS that is correctly resolving ... (microsoft.public.windows.server.dns) Re: SIDs in Security Tab slow to resolve ... how NetBIOS names resolve vs. ... DNS, etc. - I think you could be onto something. ... When this is so, the client first ... as is the main PDC and BDC hardware (new Compaq ... (microsoft.public.windowsxp.security_admin) Re: Windows 2000 server File server cannot work fine on DNS ... reinstall the BDC which is a file server & BDC for my domain. ... All the configuration of the DNS server in PDC have been ... But on the client PC I try to map to the file server drive which I ... (microsoft.public.win2000.dns)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)