slow login "applying personal settings", can't find domain controller?

Posted on 2008-11-06
Last Modified: 2009-10-14
We have one computer on the network (windows xp pro) which is logging users on very slowly.

The computer hangs at the "Applying Personal Settings" stage. After about two minutes it goes through.

I think there's some problem in talkign with the domain controller, and it is timing out. Event log has sone interesting items in it.

What can I do to fix this?

Event log below:

   Windows cannot determine the user or computer name. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.  For more information, see Help and Support Center at

Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.

For more information, see Help and Support Center at

Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b).  The specified domain either does not exist or could not be contacted.
  Enrollment will not be performed.

For more information, see Help and Support Center at
Question by:Frosty555
    LVL 3

    Accepted Solution

    Normally, this is a simple DNS issue, Check TCP/IP settings and make sure that the only DNS server is a DNS server in the domain, or the DC itself. ISP DNS should only be entered as your DNS servers forwarder.
    LVL 4

    Expert Comment

    Question: Does this machine have APC PowerChute software on it?  I very recently had this issue and it was related to APC PowerChute.  I had to install an update to PowerChute to resolve it.  
    LVL 1

    Assisted Solution

    Try removing the computer from the domain and rejoining the domain (essentially re-registering the computer account's credentials on the network).

    Also, check your network seurity settings (i.e. are you using IPSEC for all network traffic, hence the certificate autoenrolment for the computer account)?

    Try / check the above and post your findings
    LVL 31

    Author Comment

    The only strange software on this machine is Symantec Endpoint, pcAnywhere, and Microsoft Dynamics. The rest is the usual stuff - office, msn, etc.

    overcld9 - the dns server is set the same as the gateway, which is However, I suspect this might actually be the router, not the domain controller. I suspect the router is also our dhcp server. Should the DC also be a dns server which forwards to

    rjdennis - we do actually have an APC UPS. The powerchute software is not on this client, but it might be on the domain controller or fileserver, I would need to check.

    tsun4mi7 - I'll try that. One question though, once I leave the domain, can I just join back to it or is there something special I'll have to do on the DC first to "allow" the computer to join? Or would it work if I just specified the admin password for the DC?
    LVL 3

    Assisted Solution

                You should change the DNS to be a local DNS sever, does not have to be a DC just a member of the domain with a copy of the zone. I would not forward DNS to my router to then be forwarded again to your isps DNS settings. Just make sure that the forwarder in DNS is setup with your ISPs DNS settings. If your router is doing DHCP then change the published DNS address in your router to be a local DNS server that is authorized on the domain.
    LVL 15

    Expert Comment

    I had this issue with a few PCs today. It appeared that a large amount of data was being copied to the computer via the network.

    What I did was type in the login credentials, then unplug the network cable, so that the PC would login straight away.

    Just before the user went home, I asked them to log off, and then log on again, so that the computer would have all night to do whatever it's trying to do.
    LVL 8

    Expert Comment

    I wonder if it was also slow when you opened programs such as ADUC and/or any other domain specific MMCs that may cause a bit of lag whilst propogating...  

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Can I legally transfer my OEM version of Windows to another PC?  (AKA - Can I put a new systemboard in my OEM PC?) Few of us are both IT and legal experts but we all have our own views of Microsoft's licensing rules and how they apply.  There are…
    It is only natural that we all want our PCs to be in good working order, improved system performance, so that is exactly how programs are advertised to entice. They say things like:            •      PC crashes? Get registry cleaner to repair it!    …
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    8 Experts available now in Live!

    Get 1:1 Help Now