W2K Pro login to W2K Domain degrades to 30+minutes after a few days

Posted on 2004-04-27
Medium Priority
Last Modified: 2010-04-13
Users complain of very long login times on one laptop.  It often exceeds 30+minutes to bring up the desktop.  Login "hangs" at either "Applying Security Settings" or "Applying Personal Settings" Second laptop and nearby desktop do not experience this delay.  All users log onto all the machines over the course of several days, so not user related.  Logging into local machine is instant.

This problem has been going on intermittently for several months.  I support a separate LAN but recently got admin access to the problematic machine, so I am looking into this for my customer since I am on-site.  I do not have direct access to the domain controller or the DNS server (running on the DC) although I can usually get changes made within a few days if they aren't too broad.  The domain controller is on the other side of a T1 link.  There are two other domain controllers (maybe more) in other locations as well.  This is a large state department network.

Client Info: W2K Pro SP3; static IP, verified client IP config (DNS, gateway, etc . . .)--all match working machines; no roaming profiles configured for the network.  All nslookups, pings, etc . . . work fine.  Once login complete all network access is normal.

Rebooting the laptop corrects the problem for a couple of days.
This is the third laptop used in this location.  Each laptop had been reimaged multiple times, but the symptoms remain.
Network cabling from the switch to the client desktop was changed to eliminate it as the issue.  

Laptop was previosuly a DHCP client, but I switched it to static IP to correct the problem.  Logins were fine for the last 3 days.  Today it again started taking 30+ minutes.  I power cycled the laptop and logins are back to a normal time frame.  I also enabled the userenv debug log today, but I will have to wait a few days for the problem to reappear.  Maybe that will illuminate the problem.

I had first thought a typical DNS problem, but I can't think of a DNS problem that would intermittently affect one machine out of literally 10,000+.  Considering the size of the network and that only one laptop is affected, I do not think it is a DNS problem.

I am now thinking that the machine account on the DC might be corrupt or the Global Catalog is misfiring.  The duration of time that everything works following a reboot might be associated with some sort of AD or Global Catalog replication process going on across the network.  When the machine had been reimaged, the original machine account was reused . . . after typing the previous line, I am thinking about a potential SID problem.  I don't know if they use Ghost walker (or similar product) to change the SID after an image, but I think they do.

Any thoughts?

I appreciate your time.

Question by:averyb
  • 2
LVL 31

Accepted Solution

Gareth Gudger earned 2000 total points
ID: 10931651
You could try joining the laptop to the workgroup and then rejoin it to the domain as it is clear from others users experiencing no problem that you DNS/DC 'should' be ok.

Expert Comment

ID: 10933374
did you sysprep the image before casting? removes all SIDs just to be sure, if its already registered on teh server manager then theres trouble ahead....

Author Comment

ID: 10934731
I didn't do the image, but the same process was used for several thousand other machines over several months.


Author Comment

ID: 11320449
Turns out the machine account was the problem.  Thanks for the suggestions.

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
A Case Study of using the Windows API to provide RS232 communications capability in Access without the use of Active-X controls.
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
Suggested Courses

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question