I am experiencing intermittent slow logons in my environment. It is user and computer irrelevant. The only common variable is the logon server.
I am in a mixed environment domain that consists of the following production DCs:
2003 R2 32bit SP2 (2)
2003 R2 64bit SP2 (1)
2008 R2 Std (Virtual) (2)
The workstation OSs are Windows 7 Ent and XP Pro. It does not seem to matter what the Client OS is to replicate the issue.
I have enabled verbose logging on various workstations, however, no errors show in the log. Only when watching the log tailing, that I noticed very long delays in processing GP Path rules. It would take over one second for each rule to process. Meanwhile, the user sees “Applying setting” on the screen. The logon server is one of the 2008 Virtual machines and the processor is pegged at 100%. (this only occurs on the 2008 R2 VMs) Once the policies are applied to the user session, the CPU is freed. (this sometimes takes up to 20 minutes)
I have expanded the hardware config of the DC to 2 processors and 4GB of memory. I seems to help a little, but these symptoms will halt my upgrade to a 2008 domain.
I am looking to find out what may be happening to cause the spike in CPU on the 2008 servers during the application of user based GPOs. I do not think that throwing more hardware at it is the solution.