This might take you 2 minutes to read.

Have found som strange stuff with LDAP search and logon. It seems that queries against hostname is slow and is quick when using fqdn. I created a small script to do a query to test it.

If someone has any idea what it could be I’ll be very happy. 

The servers are multi homed. Although i have checked that DNS is only holding the production nic:s and the Network order on each machine is Prod Nic first.

the Script

First import active directory module, then get a list of all DC:s and do an array with both hostname and fqdn to them.
then i do a get-aduser for the username specified in the script. and measure the time it takes.

import-module act* 
$username = "admin" 
$buildDomainList = Get-ADDomainController -Filter * $servers = @() 
foreach ($dc in $buildDomainList) { 
$servers += ($dc.name).tolower() 
$servers += ($dc.name + "." + $dc.domain).tolower() 
} 

for ($i=1; $i -le 3; $i++) { 
foreach ($server in $servers) { 
write-host ("::: $server") 
write-host ("$i " + (measure-command {$b = test-connection $server -count 1}).totalseconds +"s test connection") 
write-host ("$i " + (Measure-Command {$a = get-aduser $username -Server $server}).totalseconds + "s for username: " + $username) 
}
}

the Result

 ad01, clear dns cache
1 0.2011441s test connection
1 11.6300325s for username: administrator
 ad01.ad.contoso.com, clear dns cache
1 0.0231901s test connection
1 0.052939s for username: administrator
 ad02, clear dns cache
1 0.014543s test connection
1 3.0049927s for username: administrator
 ad02.ad.contoso.com, clear dns cache
1 0.0239837s test connection
1 0.1036316s for username: administrator
 ad01, clear dns cache
2 2.2643151s test connection
2 0.0425007s for username: administrator
 ad01.ad.contoso.com, clear dns cache
2 0.029823s test connection
2 0.0477499s for username: administrator
 ad02, clear dns cache
2 0.0607017s test connection
2 0.0481209s for username: administrator
 ad02.ad.contoso.com, clear dns cache
2 0.0140885s test connection
2 0.0438979s for username: administrator
 ad01, clear dns cache
3 0.0157202s test connection
3 0.0423575s for username: administrator
 ad01.ad.contoso.com, clear dns cache
3 0.0199668s test connection
3 0.043009s for username: administrator
 ad02, clear dns cache
3 0.0152965s test connection
3 0.0471543s for username: administrator
 ad02.ad.contoso.com, clear dns cache
3 0.0142357s test connection
3 0.0519455s for username: administrator

It seems to be some kind of cache , and my instinct says something about netbios. I have not found anything that upports my theory.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.