Computers take a long time to login to the domain
Posted on 2011-05-11
So for a while we have had the issue where the computers that are connected to the domain are taking an unusually long time to login to the domain (around 2-3 minutes). We have checked the DNS Settings on the workstations and they are correct.
Given that everyone has been saying that slow logins are always either DNS or Group Policy, and I had already checked the DNS Settings on the workstations, I was delving into Group Policy. We found an issue with our policies where the User Configuration portion (which was the bulk of our settings) was being applied twice. So we split our policy into two policies, one which contained the User Config Items, and one that contained the Computer Config Items. We linked them so that the User Policy was linked to the Users OU and the Workstation Policy was linked to the Workstations OU. But the logins are still slow (it only runs about 10 seconds faster if that). So, on a hunch, I unlinked the Default Domain Policy from the OU I am testing with, and it did not run any faster. So I Blocked Inheritance on the Test OU so that NO policies are being run on this computer, and it still takes around 2 minutes to login. I verified using rsop.msc that no policies are being run on that computer or user.
So, any ideas on what could be causing these slow logins? The bulk of the login time is spent at the "Applying Computer Settings" portion and the workstations are Windows XP SP3 and the domain controllers are Windows Server 2008 R2