MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.
COURSE of the MONTH
12 days, 5 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
need help to solve slow logon issue
Posted on 2011-09-29
hi all,
the situation is that winxp machines in a domain environment are all experiencing slow logon issue.
after enter user name and pwd then hit enter, applying computer setting and personal settings are taking some time( still reasonable ) but after that, no icon no window is appearing on screen (only wallpaper is shown). in task manager, i can see userinit.exe is running. this will take some time untill explorer.exe loads.
i suspect that winxp is trying to access some network shares during userinit.exe
is there anyway to find out what network shares winxp is trying to access during userinit process? and along with time spent ?
is there any tools??
note: i want to know what network shares not what processes that are running during userinit.exe
the situation is that winxp machines in a domain environment are all experiencing slow logon issue.
after enter user name and pwd then hit enter, applying computer setting and personal settings are taking some time( still reasonable ) but after that, no icon no window is appearing on screen (only wallpaper is shown). in task manager, i can see userinit.exe is running. this will take some time untill explorer.exe loads.
i suspect that winxp is trying to access some network shares during userinit.exe
is there anyway to find out what network shares winxp is trying to access during userinit process? and along with time spent ?
is there any tools??
note: i want to know what network shares not what processes that are running during userinit.exe
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
2
- +1
5 Comments
It seems that some GPO is causing the issue.On the windows XP cleint PC check the event logs I am sure that you will get interesting logs.
Also make sure that the health of the DC is ok.Ran dcdiag /q and repadmin /replsum on the DC to check the same.
On one of the client PC try this method.
Type Regedit on the run task, then located this path HKEY_LOCAL_MACHINE\SOFTWAR
2. HKEY_LOCAL_MACHINE\SOFTWAR
3. Restart your PC and check.
Also make sure that the health of the DC is ok.Ran dcdiag /q and repadmin /replsum on the DC to check the same.
On one of the client PC try this method.
Type Regedit on the run task, then located this path HKEY_LOCAL_MACHINE\SOFTWAR
2. HKEY_LOCAL_MACHINE\SOFTWAR
3. Restart your PC and check.
Active 5 days ago
Open regedit
Navigate to HKEY_LOCAL_MACHINE\Softwar
Fi the reg key below does not exist already then create it
Entry: UserEnvDebugLevel
Type: REG_DWORD
Set the value to UserEnvDebugLevel to 0x00030002
Now reboot and log in. Once login process has finished examine the log file.
%Systemroot%\Debug\UserMod
If you cant make any sense of it, paste the section of it from the time you start to login to the end on hear.
Navigate to HKEY_LOCAL_MACHINE\Softwar
Fi the reg key below does not exist already then create it
Entry: UserEnvDebugLevel
Type: REG_DWORD
Set the value to UserEnvDebugLevel to 0x00030002
Now reboot and log in. Once login process has finished examine the log file.
%Systemroot%\Debug\UserMod
If you cant make any sense of it, paste the section of it from the time you start to login to the end on hear.
Thanks for the input guys I will try
And these don't show me which network shares machine try to access
And these don't show me which network shares machine try to access
This one should show you network access....
Process Monitor can enable boot logging, so you can see whats happening in EXTREME DETAIL............
Troubleshooting with Process Monitor
http://blogs.technet.com/b/askperf/archive/2007/06/01/troubleshooting-with-process-monitor.aspx
Options>Select Enable Boot Logging, and reboot.... After reboot, launch Procmon to compile the logs.....
Then you can look at the times to see where your delays are......
This one is not nearly as complex...
Boot Log XP
http://www.greatis.com/utilities/bootlogxp/
Process Monitor can enable boot logging, so you can see whats happening in EXTREME DETAIL............
Troubleshooting with Process Monitor
http://blogs.technet.com/b/askperf/archive/2007/06/01/troubleshooting-with-process-monitor.aspx
Options>Select Enable Boot Logging, and reboot.... After reboot, launch Procmon to compile the logs.....
Then you can look at the times to see where your delays are......
This one is not nearly as complex...
Boot Log XP
http://www.greatis.com/utilities/bootlogxp/
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses
Course of the Month12 days, 5 hours left to enroll
752 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.