?
Solved

need help to solve slow logon issue

Posted on 2011-09-29
5
Medium Priority
?
460 Views
Last Modified: 2012-05-12
hi all,

the situation is that winxp machines in a domain environment are all experiencing slow logon issue.
after enter user name and pwd then hit enter, applying computer setting and personal settings are taking some time( still reasonable ) but after that, no icon no window is appearing on screen (only wallpaper is shown). in task manager, i can see userinit.exe is running. this will take some time untill explorer.exe loads.

i suspect that winxp is trying to access some network shares during userinit.exe
is there anyway to find out what network shares winxp is trying to access during userinit process? and along with time spent ?
is there any tools??

note: i want to know what network shares not what processes that are running during userinit.exe
0
Comment
Question by:Ikelca
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 668 total points
ID: 36890037
It seems that some GPO is causing the issue.On the windows XP cleint PC check the event logs I am sure that you will get interesting logs.

Also make sure that the health of the DC is ok.Ran dcdiag /q and repadmin /replsum on the DC to check the same.

On one of the client PC try this method.
Type Regedit on the run task, then located this path HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Image File Execution Option\Explorer.exe <<<--- Delete this folder if you can see this one or
2. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Image File Execution Option\Your Image File Name Here without a path <<<<--- Delete this one if you cannot find the Explorer.exe
3. Restart your PC and check.
0
 
LVL 37

Assisted Solution

by:Neil Russell
Neil Russell earned 668 total points
ID: 36890078
Open regedit

Navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon

Fi the reg key below does not exist already then create it

Entry: UserEnvDebugLevel
Type: REG_DWORD

Set the value to UserEnvDebugLevel to 0x00030002


Now reboot and log in. Once login process has finished examine the log file.  
%Systemroot%\Debug\UserMode\Userenv.log

If you cant make any sense of it, paste the section of it from the time you start to login to the end on hear.
0
 

Author Comment

by:Ikelca
ID: 36891386
Thanks for the input guys I will try
And these don't show me which network shares machine try to access
0
 
LVL 66

Assisted Solution

by:johnb6767
johnb6767 earned 664 total points
ID: 36892025
This one should show you network access....

Process Monitor can enable boot logging, so you can see whats happening in EXTREME DETAIL............

Troubleshooting with Process Monitor
http://blogs.technet.com/b/askperf/archive/2007/06/01/troubleshooting-with-process-monitor.aspx

Options>Select Enable Boot Logging, and reboot.... After reboot, launch Procmon to compile the logs.....

Then you can look at the times to see where your delays are......

This one is not nearly as complex...

Boot Log XP
http://www.greatis.com/utilities/bootlogxp/
0
 

Author Comment

by:Ikelca
ID: 36934720
thank you guys, all helped
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question