W2K Pro login to W2K Domain degrades to 30+minutes after a few days
Users complain of very long login times on one laptop. It often exceeds 30+minutes to bring up the desktop. Login "hangs" at either "Applying Security Settings" or "Applying Personal Settings" Second laptop and nearby desktop do not experience this delay. All users log onto all the machines over the course of several days, so not user related. Logging into local machine is instant.
This problem has been going on intermittently for several months. I support a separate LAN but recently got admin access to the problematic machine, so I am looking into this for my customer since I am on-site. I do not have direct access to the domain controller or the DNS server (running on the DC) although I can usually get changes made within a few days if they aren't too broad. The domain controller is on the other side of a T1 link. There are two other domain controllers (maybe more) in other locations as well. This is a large state department network.
Client Info: W2K Pro SP3; static IP, verified client IP config (DNS, gateway, etc . . .)--all match working machines; no roaming profiles configured for the network. All nslookups, pings, etc . . . work fine. Once login complete all network access is normal.
Rebooting the laptop corrects the problem for a couple of days.
This is the third laptop used in this location. Each laptop had been reimaged multiple times, but the symptoms remain.
Network cabling from the switch to the client desktop was changed to eliminate it as the issue.
Laptop was previosuly a DHCP client, but I switched it to static IP to correct the problem. Logins were fine for the last 3 days. Today it again started taking 30+ minutes. I power cycled the laptop and logins are back to a normal time frame. I also enabled the userenv debug log today, but I will have to wait a few days for the problem to reappear. Maybe that will illuminate the problem.
I had first thought a typical DNS problem, but I can't think of a DNS problem that would intermittently affect one machine out of literally 10,000+. Considering the size of the network and that only one laptop is affected, I do not think it is a DNS problem.
I am now thinking that the machine account on the DC might be corrupt or the Global Catalog is misfiring. The duration of time that everything works following a reboot might be associated with some sort of AD or Global Catalog replication process going on across the network. When the machine had been reimaged, the original machine account was reused . . . after typing the previous line, I am thinking about a potential SID problem. I don't know if they use Ghost walker (or similar product) to change the SID after an image, but I think they do.
Any thoughts?
I appreciate your time.
Brent
This problem has been going on intermittently for several months. I support a separate LAN but recently got admin access to the problematic machine, so I am looking into this for my customer since I am on-site. I do not have direct access to the domain controller or the DNS server (running on the DC) although I can usually get changes made within a few days if they aren't too broad. The domain controller is on the other side of a T1 link. There are two other domain controllers (maybe more) in other locations as well. This is a large state department network.
Client Info: W2K Pro SP3; static IP, verified client IP config (DNS, gateway, etc . . .)--all match working machines; no roaming profiles configured for the network. All nslookups, pings, etc . . . work fine. Once login complete all network access is normal.
Rebooting the laptop corrects the problem for a couple of days.
This is the third laptop used in this location. Each laptop had been reimaged multiple times, but the symptoms remain.
Network cabling from the switch to the client desktop was changed to eliminate it as the issue.
Laptop was previosuly a DHCP client, but I switched it to static IP to correct the problem. Logins were fine for the last 3 days. Today it again started taking 30+ minutes. I power cycled the laptop and logins are back to a normal time frame. I also enabled the userenv debug log today, but I will have to wait a few days for the problem to reappear. Maybe that will illuminate the problem.
I had first thought a typical DNS problem, but I can't think of a DNS problem that would intermittently affect one machine out of literally 10,000+. Considering the size of the network and that only one laptop is affected, I do not think it is a DNS problem.
I am now thinking that the machine account on the DC might be corrupt or the Global Catalog is misfiring. The duration of time that everything works following a reboot might be associated with some sort of AD or Global Catalog replication process going on across the network. When the machine had been reimaged, the original machine account was reused . . . after typing the previous line, I am thinking about a potential SID problem. I don't know if they use Ghost walker (or similar product) to change the SID after an image, but I think they do.
Any thoughts?
I appreciate your time.
Brent
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
did you sysprep the image before casting? removes all SIDs just to be sure, if its already registered on teh server manager then theres trouble ahead....
ASKER
I didn't do the image, but the same process was used for several thousand other machines over several months.
ASKER
Turns out the machine account was the problem. Thanks for the suggestions.