Solved

W2K Pro login to W2K Domain degrades to 30+minutes after a few days

Posted on 2004-04-27
4
162 Views
Last Modified: 2010-04-13
Users complain of very long login times on one laptop.  It often exceeds 30+minutes to bring up the desktop.  Login "hangs" at either "Applying Security Settings" or "Applying Personal Settings" Second laptop and nearby desktop do not experience this delay.  All users log onto all the machines over the course of several days, so not user related.  Logging into local machine is instant.

This problem has been going on intermittently for several months.  I support a separate LAN but recently got admin access to the problematic machine, so I am looking into this for my customer since I am on-site.  I do not have direct access to the domain controller or the DNS server (running on the DC) although I can usually get changes made within a few days if they aren't too broad.  The domain controller is on the other side of a T1 link.  There are two other domain controllers (maybe more) in other locations as well.  This is a large state department network.

Client Info: W2K Pro SP3; static IP, verified client IP config (DNS, gateway, etc . . .)--all match working machines; no roaming profiles configured for the network.  All nslookups, pings, etc . . . work fine.  Once login complete all network access is normal.

Rebooting the laptop corrects the problem for a couple of days.
This is the third laptop used in this location.  Each laptop had been reimaged multiple times, but the symptoms remain.
Network cabling from the switch to the client desktop was changed to eliminate it as the issue.  

Laptop was previosuly a DHCP client, but I switched it to static IP to correct the problem.  Logins were fine for the last 3 days.  Today it again started taking 30+ minutes.  I power cycled the laptop and logins are back to a normal time frame.  I also enabled the userenv debug log today, but I will have to wait a few days for the problem to reappear.  Maybe that will illuminate the problem.

I had first thought a typical DNS problem, but I can't think of a DNS problem that would intermittently affect one machine out of literally 10,000+.  Considering the size of the network and that only one laptop is affected, I do not think it is a DNS problem.

I am now thinking that the machine account on the DC might be corrupt or the Global Catalog is misfiring.  The duration of time that everything works following a reboot might be associated with some sort of AD or Global Catalog replication process going on across the network.  When the machine had been reimaged, the original machine account was reused . . . after typing the previous line, I am thinking about a potential SID problem.  I don't know if they use Ghost walker (or similar product) to change the SID after an image, but I think they do.

Any thoughts?

I appreciate your time.
Brent

0
Comment
Question by:averyb
  • 2
4 Comments
 
LVL 31

Accepted Solution

by:
Gareth Gudger earned 500 total points
ID: 10931651
You could try joining the laptop to the workgroup and then rejoin it to the domain as it is clear from others users experiencing no problem that you DNS/DC 'should' be ok.
0
 
LVL 8

Expert Comment

by:chookisa
ID: 10933374
did you sysprep the image before casting? removes all SIDs just to be sure, if its already registered on teh server manager then theres trouble ahead....
0
 
LVL 4

Author Comment

by:averyb
ID: 10934731
I didn't do the image, but the same process was used for several thousand other machines over several months.

0
 
LVL 4

Author Comment

by:averyb
ID: 11320449
Turns out the machine account was the problem.  Thanks for the suggestions.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Azure Functions is a solution for easily running small pieces of code, or "functions," in the cloud. This article shows how to create one of these functions to write directly to Azure Table Storage.
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question