Solved

Windows domain logoff takes 20 minutes on Windows Vista

Posted on 2008-06-21
17
997 Views
Last Modified: 2008-07-26
Hi,

I've got a DC setup at this location and Windows Vista Ultimate x86 (SP1) takes appx. 20 minutes to logoff. Once the logoff process completes, the machine shuts down quickly as normal.

I have no logoff scripts. Folder redirection and roaming profiles are enabled.

Any idea what's going on?
0
Comment
Question by:Pugglewuggle
  • 9
  • 6
17 Comments
 
LVL 54

Expert Comment

by:McKnife
ID: 21840625
Did you make sure it's not the case when logged on locally? Do so. If it ain't, unjoin from the domain, retry and rejoin. You can also try logging with MS procmon, quote:
--
Boot Logging
Process Monitor can log activity from a point very early in the boot process during the initialization of boot-start device drivers. Configure Process Monitor to log the next boot by selecting Enable Boot Logging from the Options menu. Process Monitor's driver will log activity at the next boot into a file in the %Windir% directory and will continue logging through the shutdown or until you run Process Monitor again.
--
You see, it can also log the shutdown process.
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 21880861
Hi,

Sorry about the slow response - I've been busy.

I took the computer off the domain and then rejoined it. No difference.

With the computer off the network, however, the shutdown was normal, taking about 1 minute total to logoff and shutdown.

Any ideas?
0
 
LVL 13

Expert Comment

by:eatmeimadanish
ID: 21902288
A couple of things could cause this issue.  One is improper setup of DNS records.  Does the computer take a long time logging in? In any case make sure that on the workstation it does not have any internet DNS records and is only pointing to the Domain Controller.  Does the event log show any error messages or warnings?
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 12

Author Comment

by:Pugglewuggle
ID: 21905145
Hi, thanks for responding. Login time is normal. No issue there. The only DNS record on the PC is the one for the DC - I actually checked that already.

There are no errors for the DNS service, but the Application log shows a lot of the following, but I don't know if this is related or not...

I appreciate any help!
Event Type:	Error
Event Source:	Userenv
Event Category:	None
Event ID:	1054
Date:		6/30/2008
Time:		11:44:45 PM
User:		NT AUTHORITY\SYSTEM
Computer:	SERVER_NAME
Description:
Windows cannot obtain the domain controller name for your computer network. (An unexpected network error occurred. ). Group Policy processing aborted. 
 
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Open in new window

0
 
LVL 13

Expert Comment

by:eatmeimadanish
ID: 21908695
http://www.eventid.net/display.asp?eventid=1054&eventno=1393&source=Userenv&phase=1

There is some good content in that thread.  It looks like the client is not actually talking to the DC properly.  Can you nslookup the DC and ping its FQDN?
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 21936041
That's interesting... here is the nslookup and ping from the client machine... it looks like it's showing two NS records for the same IP, but one is unknown... I wonder what that means. The ping works fine.

That is a lot on info on that error, but I couldn't really gather anything useful from it... sounds like a lot of people are getting it though.
Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.
 
C:\Users\xxx.xxx>ping dc.xxx.com
 
Pinging dc.xxx.com [10.10.10.254] with 32 bytes of data:
Reply from 10.10.10.254: bytes=32 time<1ms TTL=128
Reply from 10.10.10.254: bytes=32 time<1ms TTL=128
Reply from 10.10.10.254: bytes=32 time<1ms TTL=128
Reply from 10.10.10.254: bytes=32 time<1ms TTL=128
 
Ping statistics for 10.10.10.254:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
C:\Users\xxx.xxx>nslookup dc.xxx.com
Server:  UnKnown
Address:  10.10.10.254
 
Name:    dc.xxx.com
Address:  10.10.10.254
 
 
C:\Users\xxx.xxx>

Open in new window

0
 
LVL 13

Accepted Solution

by:
eatmeimadanish earned 500 total points
ID: 21945873
When you use NSLOOKUP the first entry is the domain server it is communicating with, the second entry is the machine name IP that the DNS record contains.  What I see here is that you are not talking to the DC properly, which means your reverse lookup is not setup properly.  Add a PTR record for your Domain Server in DNS.  
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 21961194
Okay, I added the PTR record and a reverse lookup zone and NSLOOKUP now displays both IP addresses with the correct lookup.

I restarted the server and then restarted the computer a few times. Same issue. Takes forever to logoff... any ideas as to what's going on?
0
 
LVL 13

Expert Comment

by:eatmeimadanish
ID: 21964752
Have you tried rejoining the machine to the domain?
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 21965134
Yes I have. In fact, I'm currently installing a new DC with Server 2008 on it, so I'll try that and see if that solves this crazy problem.
0
 
LVL 13

Expert Comment

by:eatmeimadanish
ID: 21966971
I was also going to suggest you check your DHCP settings to make sure it is pushing the right network setup.
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 21968895
The client has a static address with correctly defined WINS, DNS, and all other values.
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 21986879
Anybody have any ideas?
0
 
LVL 13

Expert Comment

by:eatmeimadanish
ID: 21998466
Are you still getting the DNS event log warnings?
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 22000482
Let me check when I get back. I have the WS 2008 server in place but haven't transferred the domain stuff yet.
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 22095337
Okay, now that I have WS 2003 running as a VM on Windows Server 2008, the logoff/shutdown process takes no longer than 45 seconds. I don't really understand why as nothing was changed except virtual hardware. Oh well... It works! I appreciate the input and thanks for the help!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now