What happens when a user logs on to a domain?

Have a look in control panel administrative tools event viewer applications>errors.
You may see one or more but one in particular that points to this>>
SYMPTOMS
When you log off a computer that is running Microsoft Windows Server 2003, Windows XP, Windows 2000, or Windows NT 4.0, you may experience one or more of the following symptoms: • A user profile does not unload.
• A roaming profile does not reconcile.
• You reach the registry size limit (RSL).
• You take a long time to log off, and you receive the following message:
Saving settings….
• Backups may not start. There are no errors in the Application log from the Backup program. However, if you see event ID 1524, the Backup has not run.
Additionally, you may receive one or more of the following event messages in the application event log, depending on your operating system.

Windows Xp
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1517
Description:
Windows saved user ComputerName\UserName registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1524 Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.

To resolve this issue, use the Microsoft User Profile Hive Cleanup Service (UPHClean). UPHClean monitors the computer while Windows is unloading user profiles and forces resources that are open to close. Therefore, the computer can unload and reconcile user profiles.

To download and install UPHClean, visit the following Microsoft Web site:
http://www.microsoft.com/downloads/details.aspx?FamilyId=1B286E6D-8912-4E18-B570-42470E2F3582 (http://www.microsoft.com/downloads/details.aspx?FamilyId=1B286E6D-8912-4E18-B570-42470E2F3582)

Hiya Vic

Yup, we are running batch jobs, or to be more specific, each user is assigned a kix script to run depending on their department. The kix script maps network drives, and printers. On top of this, we have quite a number of policies assigned to user OUs which restrict wallpaper, set network shares etc, etc. Some users seem to be ok, some user's logons have been timed at up to 4 minutes (!!!) These are wired connections, our wireless certificate encrypted network can take up to 6 minutes to logon sometimes.

Now, we have 4 domain controllers in the UK, and 2 in the US. They have been defined in Sites and services. What often happens, a local UK user will be authenticated by a DC in the states which is when the slow logon is most noticeable. We have about 600 users in the UK and 100 in the US, but I find it strange that 4 local domain controllers can be too busy so as to force the user to be logged on by a US DC.

This is why I've been looking for some form of a step by step guide, so I can determine what order things are processed after Kerberos has done its job, eg; does it run policies first, then scripts...etc etc.

Cheers
G

tripple07 - nice link.
Good info.

I just glanced over this and right away think of bootvis.  Glancing has been getting me in trouble lately, though.  So don't get mad if I missed something.  I just have other things to do too!

http://msdn.microsoft.com/library/en-us/dnxpesp1/html/xpe3rdparty.asp?frame=true#xpe3rdparty_topic6

http://vbnet.mvps.org/files/tools/bootvis.msi

Event ID 1517

http://eventid.net/display.asp?eventid=1517&eventno=1206&source=Userenv&phase=1

Event ID 1524

http://eventid.net/display.asp?eventid=1524&eventno=1782&source=Userenv&phase=1

Regards
Gopal Krishna K

I would check the policies to see if there is any causing issues, to do this run the resulant set of policies, it will highlight any issues with the policy section of the login.


http://www.microsoft.com/windowsxp/using/setup/expert/rsop.mspx

Thanks for the input so far guys, I am currently rushing around like a madman at work so I will read your posts as soon as hell breaks for tea.

G

I had an issue like this with group policy at one point.  For me it was slow the first time the computer came up, but if I restarted the computer and login it would be quite a bit faster.  Also, if I turned the power on and let it sit there for a few minutes before logging in, it would come up quickly.

If it's a group policy issue, bootvis may not help you.  Otherwise, it's a great tool for troubleshooting slow computer startups.

Can you create a test user/computer with no group policies / scripts and see if it has the delay?  Then apply policies/scripts one at a time and see if a particular one causes substantially longer login time?  VirtualPC is a free download from microsoft and a great way to test on a simulated clean computer (and allows you to quickly revert back from any changes).

PS - I wouldn't wait for tea time.  The devil's a busy man.

There is a good change that the cached credentials have become corrupt, the best way that I have found to take care of this problem is to remove the computer from the Domain, (MAKE SURE THAT YOU HAVE A LOCAL LOGIN FOR THE SYSTEM). Remove the computer, (NOT USER) from AD. Rejoin the computer to the Domain.

darrenakin, I have experienced corrupt cached credentials.  I was getting EventID 14 with a description being "there were password errors using the credential manager.  To remedy, launch the Stored User Names and Passwords control panel applet, and reenter the password for the credential DOMAIN\User.

I found this blog with instructions and a link to resolve it:
http://weblogs.asp.net/taganov/archive/2005/09/14/425193.aspx

Still interested - and I want to know if 'Hell broke for tea'.

Also interested.  Would like to see if the problem was resolved, or at least narrowed down.

Let me know the solution which has solved the problem.