System: Server 2k3 Ent. Ed. - Roles: AD, DNS, DHCP,File Server, MS SQL Server - 20 XP Pro Stations (not in domain). For the first 10 days after setup everything was fine. Then stations started to hang while accessing files on server or while browsing shared folders. No errors in Events. Problem was solved by closing user sessions on server. But after couple of days that method didn't help much. All station were connected to domain - same again. I runned - netstat and discovered that about all ports were taken by local LDAP connections in TIME_WAIT state (from stations to server, from server to server). The only way I found is to configure TCP/IP - "TcpTimedWait" set to 1 sec. Is anybody knows how to solve these numerous "TIME_WAIT" LDAP connections or what the root this problem has?

sounds like a DNS issue. try this on a few workstations as an experiment. find your hosts file. it will be in here: C:\WINNT\system32\drivers\etc add your server name <TAB> IP address. I've had this problem before, and I added static entries to my host file and all worked well. Let me know. Joeteck Joeteck CompTIA A+ Certification

Is the server a Global Catalog? If so, how many other GC's do you have, and how many users are there? You may also want to monitor disk performance if this is one of the few DC's in the domain because ldap queries could not be resolved in a timely manner because the disk subsystem is overwhelmed. When all the land is in ruin, and burnination has forsaken the countryside, only one guy will remain. My money is on.... TROOOOOOGDOOOOOOOOOOOOOOOOR!

To heropsycho: Server is the only GC and DC - 25 users. Disk performance fine (RAID1 SATA). I descovrered - while opening AD Domains and Users Administrative Tool or other AD tools on server - server opens 30 to 50 LDAP connections and sets them into TIME_WAIT, so it happens every time when programm trying to query AD. But server does not hangs, stations do.

to joeteck: I tried your way, still no effect.

Run dcdiag and email me your results. amargeson@hotmail.com MCSE, MCSA Messaging, baby!

In case you don't know how... Install the support tools. Log in with domain admin account. Then run the following... dcdiag /s:domaincontrollername /v /f:dcdiag.log MCSE, MCSA Messaging, baby!