Network and Storage Protocols

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Network and Storage Protocols

Ask a Question

slow ad lookup

seacliff1
‎2011-08-16 11:54 AM
5,310 Views

Hello,

I actually have 2 domain controller acting as a primary and secondary DC/DNS. I would like to be able to turn off the primary domain controller without affecting the network. Since my netapp is the host for all my home directory, I would like it to be able to switch back and forth without major downtime.

I have tested it, and with my current configuration, it takes about 5 min to lookup 1 username.

Network configuration :

2 windows 2003 R2 DC/DNS with unix compatibility acting as PDC/secondary

Windows Home directory/profile :

cifs share on netapp

unix home directory:

nfs share on netapp

Netapp sees my windows domain as a windows 2000 domain and sees both DC. I have both setup as favorite dc

This is the trace I get when I shutdown the PDC and I try to access a share on netapp: 

AUTH: slow rsp - Get password by UID (xxxx) took 115032 msecs to complete
AUTH: LSA lookup: located account "domain\user" in domain "domain"
AUTH: TraceLDAPServer- Attempting to improve AD DLAP connection for FQDN
CIFS: Error on named pipe with PDC: Error connection to server, open pipe failed
CIFS: Warning for server \\pdc: connection terminated. 
CIFSRPC: Attempt to create pipe SAMR for GetDomainGroupsForSID failed with error 0xc000005e
AUTH: Error looking up domain Groups during login from x.x.x.x: No Trusted Logon Servers Available - Status_no_Logon_ser
NFS response to client x.x.x.x for volume 0x3d63151 was slow, op was v3 access, 185 > 60 (in seconds)
AUTH: TraceLDAPServer- Attempting to improve AD DLAP connection for FQDN
AUTH Login attempt by user usr$ of domain domain from client machine x.x.x.x
AUTH: slow rsp - Get password by name (user) took 80000 msecs to complete
NBT: Cannot connect to server x.x.x.x over NBSS socket for port 139. Error 0x23 Resource temporarily unavailable. 
AUTH: slow rsp - Get group list by name (user) took 200001 msecs to complete

most of the trace repeate themself from that point.

Login time for a windows account : 14:38:13 to 14:50 until windows timeout and fail to find my profile.

I can ssh to a solaris box and access my nfs home directory, as well as cifs shares from that box. It is slow though.

I understand that this will rarely happen but I would had hoped for something a bit faster then that. Is there something to do about it?

0 Kudos
View By:
2 REPLIES 2

ajeffrey
NetApp Alumni
‎2011-08-16 12:24 PM
5,197 Views

Is there a firewall (Windows or otherwise) in the mix here?  It looks like the connection to port 139 was unsuccessful.

0 Kudos

seacliff1
‎2011-08-17 03:42 AM
In response to ajeffrey
5,197 Views

Thanks for the response.

It is trying to connect to my pdc on port 139, and since I am simulating the pdc down, it can't connect. This is a perfectly fine error, in those condition. The issue here is it is REAL slow to access any shared data.

There is no firewall in the mix.

0 Kudos
Announcements
All Community Forums
Public