Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

What happens when a user logs on to a domain?

Posted on 2006-10-24
19
Medium Priority
?
1,070 Views
Last Modified: 2008-02-01
Morning

We're trying to troubleshoot a problem which involves slow logon times for a number of users when logging on to our domain. I have a rough idea of what happens when a user attempts a logon but I am trying to find some sort of Step-by-Step process guide as to what goes on during the log on process so that I can work through this problem logically.

All our clients are XP SP2 and our DCs are 2003. If someone could point me in the right direction of finding such a step by step guide, it would be much appreciated.

Cheers
CreamyG
0
Comment
Question by:CreamyG
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +5
19 Comments
 
LVL 70

Expert Comment

by:Merete
ID: 17794245
Have a look in control panel administrative tools event viewer applications>errors.
You may see one or more but one in particular that points to this>>
SYMPTOMS
When you log off a computer that is running Microsoft Windows Server 2003, Windows XP, Windows 2000, or Windows NT 4.0, you may experience one or more of the following symptoms: • A user profile does not unload.
• A roaming profile does not reconcile.
• You reach the registry size limit (RSL).
• You take a long time to log off, and you receive the following message:
Saving settings….
• Backups may not start. There are no errors in the Application log from the Backup program. However, if you see event ID 1524, the Backup has not run.
Additionally, you may receive one or more of the following event messages in the application event log, depending on your operating system.

Windows Xp
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1517
Description:
Windows saved user ComputerName\UserName registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1524 Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.

To resolve this issue, use the Microsoft User Profile Hive Cleanup Service (UPHClean). UPHClean monitors the computer while Windows is unloading user profiles and forces resources that are open to close. Therefore, the computer can unload and reconcile user profiles.

To download and install UPHClean, visit the following Microsoft Web site:
http://www.microsoft.com/downloads/details.aspx?FamilyId=1B286E6D-8912-4E18-B570-42470E2F3582 (http://www.microsoft.com/downloads/details.aspx?FamilyId=1B286E6D-8912-4E18-B570-42470E2F3582)
0
 
LVL 38

Accepted Solution

by:
younghv earned 1000 total points
ID: 17794767
Hi CreamyG,
Are you running any 'batch' commands when your users logon/logoff?
Our network is set up so that any logon causes certain 'checks' to be run (AV, Windows Update, etc) and the logon and logoff times have dramatically increased since we started doing this.
It actually only takes about 15-30 seconds, but that seems like a lot to most users.

Part of our situation is that we're a huge geographic WAN with over 2,000 hosts and 150 remote WAN sites.

If you can post more specifics (nothing identifiable) about your network, I'll try to give you more info than a 'Google Cut & Paste'.

Post back when you can.


Vic
0
 
LVL 1

Author Comment

by:CreamyG
ID: 17795939
Hiya Vic

Yup, we are running batch jobs, or to be more specific, each user is assigned a kix script to run depending on their department. The kix script maps network drives, and printers. On top of this, we have quite a number of policies assigned to user OUs which restrict wallpaper, set network shares etc, etc. Some users seem to be ok, some user's logons have been timed at up to 4 minutes (!!!) These are wired connections, our wireless certificate encrypted network can take up to 6 minutes to logon sometimes.

Now, we have 4 domain controllers in the UK, and 2 in the US. They have been defined in Sites and services. What often happens, a local UK user will be authenticated by a DC in the states which is when the slow logon is most noticeable. We have about 600 users in the UK and 100 in the US, but I find it strange that 4 local domain controllers can be too busy so as to force the user to be logged on by a US DC.

This is why I've been looking for some form of a step by step guide, so I can determine what order things are processed after Kerberos has done its job, eg; does it run policies first, then scripts...etc etc.

Cheers
G
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 6

Assisted Solution

by:trippleO7
trippleO7 earned 1000 total points
ID: 17795951
0
 
LVL 38

Expert Comment

by:younghv
ID: 17796166
tripple07 - nice link.
Good info.
0
 
LVL 4

Expert Comment

by:expexchuser
ID: 17797824
I just glanced over this and right away think of bootvis.  Glancing has been getting me in trouble lately, though.  So don't get mad if I missed something.  I just have other things to do too!

http://msdn.microsoft.com/library/en-us/dnxpesp1/html/xpe3rdparty.asp?frame=true#xpe3rdparty_topic6

http://vbnet.mvps.org/files/tools/bootvis.msi
0
 

Expert Comment

by:PFPCDUBIT
ID: 17799595
I would check the policies to see if there is any causing issues, to do this run the resulant set of policies, it will highlight any issues with the policy section of the login.


http://www.microsoft.com/windowsxp/using/setup/expert/rsop.mspx

0
 
LVL 1

Author Comment

by:CreamyG
ID: 17801916
Thanks for the input so far guys, I am currently rushing around like a madman at work so I will read your posts as soon as hell breaks for tea.

G
0
 
LVL 4

Expert Comment

by:expexchuser
ID: 17804854
I had an issue like this with group policy at one point.  For me it was slow the first time the computer came up, but if I restarted the computer and login it would be quite a bit faster.  Also, if I turned the power on and let it sit there for a few minutes before logging in, it would come up quickly.

If it's a group policy issue, bootvis may not help you.  Otherwise, it's a great tool for troubleshooting slow computer startups.

Can you create a test user/computer with no group policies / scripts and see if it has the delay?  Then apply policies/scripts one at a time and see if a particular one causes substantially longer login time?  VirtualPC is a free download from microsoft and a great way to test on a simulated clean computer (and allows you to quickly revert back from any changes).
0
 
LVL 4

Expert Comment

by:expexchuser
ID: 17804873
PS - I wouldn't wait for tea time.  The devil's a busy man.
0
 
LVL 5

Expert Comment

by:darrenakin
ID: 17815954
There is a good change that the cached credentials have become corrupt, the best way that I have found to take care of this problem is to remove the computer from the Domain, (MAKE SURE THAT YOU HAVE A LOCAL LOGIN FOR THE SYSTEM). Remove the computer, (NOT USER) from AD. Rejoin the computer to the Domain.
0
 
LVL 4

Expert Comment

by:expexchuser
ID: 17816013
darrenakin, I have experienced corrupt cached credentials.  I was getting EventID 14 with a description being "there were password errors using the credential manager.  To remedy, launch the Stored User Names and Passwords control panel applet, and reenter the password for the credential DOMAIN\User.

I found this blog with instructions and a link to resolve it:
http://weblogs.asp.net/taganov/archive/2005/09/14/425193.aspx
0
 
LVL 38

Expert Comment

by:younghv
ID: 17982736
Still interested - and I want to know if 'Hell broke for tea'.
0
 
LVL 6

Expert Comment

by:trippleO7
ID: 17982800
Also interested.  Would like to see if the problem was resolved, or at least narrowed down.
0
 
LVL 9

Expert Comment

by:gopal_krishna
ID: 17984758
Let me know the solution which has solved the problem.


0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Occasionally Windows/Microsoft Updates will fail to update. We have found a code that will delete all temporary files and re-register all dll's related to Windows/Microsoft Updates! This works 99% of the time to get the updates working again! The…
I use more than 1 computer in my office for various reasons. Multiple keyboards and mice take up more than just extra space, they make working a little more complicated. Using one mouse and keyboard for all of my computers makes life easier. This co…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question