• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3676
  • Last Modified:

slow login "applying personal settings", can't find domain controller?

We have one computer on the network (windows xp pro) which is logging users on very slowly.

The computer hangs at the "Applying Personal Settings" stage. After about two minutes it goes through.

I think there's some problem in talkign with the domain controller, and it is timing out. Event log has sone interesting items in it.

What can I do to fix this?



Event log below:


Userenv:
   Windows cannot determine the user or computer name. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.  For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Userenv:
Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Autoenrollment:
Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b).  The specified domain either does not exist or could not be contacted.
  Enrollment will not be performed.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
Frosty555
Asked:
Frosty555
3 Solutions
 
overcld9Commented:
Normally, this is a simple DNS issue, Check TCP/IP settings and make sure that the only DNS server is a DNS server in the domain, or the DC itself. ISP DNS should only be entered as your DNS servers forwarder.
0
 
rjdennisCommented:
Question: Does this machine have APC PowerChute software on it?  I very recently had this issue and it was related to APC PowerChute.  I had to install an update to PowerChute to resolve it.  
0
 
Tsun4mi7Commented:
Try removing the computer from the domain and rejoining the domain (essentially re-registering the computer account's credentials on the network).

Also, check your network seurity settings (i.e. are you using IPSEC for all network traffic, hence the certificate autoenrolment for the computer account)?

Try / check the above and post your findings
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
Frosty555Author Commented:
The only strange software on this machine is Symantec Endpoint, pcAnywhere, and Microsoft Dynamics. The rest is the usual stuff - office, msn, etc.

overcld9 - the dns server is set the same as the gateway, which is 192.168.2.1. However, I suspect this might actually be the router, not the domain controller. I suspect the router is also our dhcp server. Should the DC also be a dns server which forwards to 192.168.2.1?

rjdennis - we do actually have an APC UPS. The powerchute software is not on this client, but it might be on the domain controller or fileserver, I would need to check.

tsun4mi7 - I'll try that. One question though, once I leave the domain, can I just join back to it or is there something special I'll have to do on the DC first to "allow" the computer to join? Or would it work if I just specified the admin password for the DC?
0
 
overcld9Commented:
Frosty,
            You should change the DNS to be a local DNS sever, does not have to be a DC just a member of the domain with a copy of the zone. I would not forward DNS to my router to then be forwarded again to your isps DNS settings. Just make sure that the forwarder in DNS is setup with your ISPs DNS settings. If your router is doing DHCP then change the published DNS address in your router to be a local DNS server that is authorized on the domain.
0
 
Ryan_RIT Systems AdministratorCommented:
I had this issue with a few PCs today. It appeared that a large amount of data was being copied to the computer via the network.

What I did was type in the login credentials, then unplug the network cable, so that the PC would login straight away.

Just before the user went home, I asked them to log off, and then log on again, so that the computer would have all night to do whatever it's trying to do.
0
 
MrMintanetCommented:
I wonder if it was also slow when you opened programs such as ADUC and/or any other domain specific MMCs that may cause a bit of lag whilst propogating...  
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now