Solved

need help to solve slow logon issue

Posted on 2011-09-29
5
456 Views
Last Modified: 2012-05-12
hi all,

the situation is that winxp machines in a domain environment are all experiencing slow logon issue.
after enter user name and pwd then hit enter, applying computer setting and personal settings are taking some time( still reasonable ) but after that, no icon no window is appearing on screen (only wallpaper is shown). in task manager, i can see userinit.exe is running. this will take some time untill explorer.exe loads.

i suspect that winxp is trying to access some network shares during userinit.exe
is there anyway to find out what network shares winxp is trying to access during userinit process? and along with time spent ?
is there any tools??

note: i want to know what network shares not what processes that are running during userinit.exe
0
Comment
Question by:Ikelca
5 Comments
 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 167 total points
ID: 36890037
It seems that some GPO is causing the issue.On the windows XP cleint PC check the event logs I am sure that you will get interesting logs.

Also make sure that the health of the DC is ok.Ran dcdiag /q and repadmin /replsum on the DC to check the same.

On one of the client PC try this method.
Type Regedit on the run task, then located this path HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Image File Execution Option\Explorer.exe <<<--- Delete this folder if you can see this one or
2. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Image File Execution Option\Your Image File Name Here without a path <<<<--- Delete this one if you cannot find the Explorer.exe
3. Restart your PC and check.
0
 
LVL 37

Assisted Solution

by:Neil Russell
Neil Russell earned 167 total points
ID: 36890078
Open regedit

Navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon

Fi the reg key below does not exist already then create it

Entry: UserEnvDebugLevel
Type: REG_DWORD

Set the value to UserEnvDebugLevel to 0x00030002


Now reboot and log in. Once login process has finished examine the log file.  
%Systemroot%\Debug\UserMode\Userenv.log

If you cant make any sense of it, paste the section of it from the time you start to login to the end on hear.
0
 

Author Comment

by:Ikelca
ID: 36891386
Thanks for the input guys I will try
And these don't show me which network shares machine try to access
0
 
LVL 66

Assisted Solution

by:johnb6767
johnb6767 earned 166 total points
ID: 36892025
This one should show you network access....

Process Monitor can enable boot logging, so you can see whats happening in EXTREME DETAIL............

Troubleshooting with Process Monitor
http://blogs.technet.com/b/askperf/archive/2007/06/01/troubleshooting-with-process-monitor.aspx

Options>Select Enable Boot Logging, and reboot.... After reboot, launch Procmon to compile the logs.....

Then you can look at the times to see where your delays are......

This one is not nearly as complex...

Boot Log XP
http://www.greatis.com/utilities/bootlogxp/
0
 

Author Comment

by:Ikelca
ID: 36934720
thank you guys, all helped
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This article runs through the process of deploying a single EXE application selectively to a group of user.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question