[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 282
  • Last Modified:

Computers Take long at log on

I have a few computers on my network, about 60 out of 1000 desktops. These computers have started randomly taking about 40 minutes to present the user with the "press ctrl +alt + delete" section. PCs display a message about applying a GPO that does not exist. The GPO refers to applying disk quotas, after troubleshooting i can confirm that there is no GPO applying that or GPO by the name that is being displayed.

If i remove this PC from the network, (Unplug Network Cable) the same issues persists.

Any Pointers are welcome.
0
Helao Mwapangasha
Asked:
Helao Mwapangasha
4 Solutions
 
Miguel Angel Perez MuñozCommented:
How do you determine GPO is causes of slow logon? If you disconnect your ethernet cable from affected computer, logon not process any GPO, may the problem are other.
Have you tried installing XPERF and do some investigation?: http://social.technet.microsoft.com/wiki/contents/articles/10128.tools-for-troubleshooting-slow-boots-and-slow-logons-sbsl.aspx
0
 
TunerMLCommented:
May not make a difference but first thing I would do is gpupdate /force from the command line, in the case (which I suspect) that doesn't work, if you have the ability you can try removing and rejoining domain.
0
 
Gabriel CliftonCommented:
You can also remove any old group policy history by deleting all contents of C:\ProgramData\Application Data\microsoft\Group Policy\History\, perform gpupdate and reboot. It could also be that these computers did not get a group policy reversal, reversing the disk quota instead of just deleting the policy.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Joseph NyaemaIT ConsultantCommented:
In my experience, the issue is caused by the user adding the ISP's DNS or some incorrect DNS.
The TCP settings should only use the internal DNS servers.  Removing the extra DNS servers sorts out the issue most if not all the time.
0
 
WORKS2011Austin Tech CompanyCommented:
What happens when you log on as a local user?

I would remove the computers from the domain, delete the accounts from Active Directory, host A records in DNS, and info in DHCP. To be safe rename them something different before adding back to the domain.

The above will isolate profiles being corrupt and computer names in Active Directory.
0
 
Joseph NyaemaIT ConsultantCommented:
@Works2011 You remove computers from the domain, would automatically remove the computer accounts from AD database.  Also really don't follow how removing accounts from AD, DNS, DHCP affect user profiles that are stored on local profiles.  When computers are rejoined even with different names, or IPs, users still use existing profiles if any. He has got 60 PCs to do this on.

Please try-out my earlier suggetion.  Member Computers should only use internal active directory dns servers for all name resolution both internal and external.  Adding external DNS servers only confuses things even if the external server is the last.  Please test and revert.
0
 
WORKS2011Austin Tech CompanyCommented:
@Nyaema
Also really don't follow how removing accounts from AD, DNS, DHCP affect user profiles that are stored on local profiles.  When computers are rejoined even with different names, or IPs, users still use existing profiles if any. He has got 60 PCs to do this on.
Couple things, one you're flat out wrong domain profiles create .000, .001, etc all the time and especially when added back to a new domain. Often the new profile is not copied and data is manually moved over. However I'm not worried about data so much at this point it can be copied over later, then to resolve log on issues. Removing accounts from AD, I've seen SIDS cause issue, if you need me to explain what a SID is feel free to ask. Regarding local profile I just asked him to log in locally and nothing else, again troubleshooting profiles. Lastly, I would never recommend trying all troubleshooting techniques on all 60 computers, this is insane and interesting you even have this thought. Try troubleshooting on one if the problem is found repeat on the other 59.
0
 
WORKS2011Austin Tech CompanyCommented:
run dcdiag /Test:DNS on the server and post the results.
0
 
Joseph NyaemaIT ConsultantCommented:
Sorry Works2011, don't understand... please explain  what a SID is... and what are those numbers .000, .001.
Why would you want to run DCDiag on 59 machines?
0
 
WORKS2011Austin Tech CompanyCommented:
SID is a security identifier which communicates kerbos and other information in sysvol between the workstation and server, if it becomes corrupt or the server is not communicating with the workstation correctly, for example via GP's there can be issues.

Numbers .000 and .0001 come after a profile when the workstation finds a reason to recreate, this can be done for numerous reasons.

run dcdiag /Test:DNS on the server and post the results.
0
 
Joseph NyaemaIT ConsultantCommented:
Replacement profiles are created when one becomes corrupt or inaccessible... not because you removed disjoined and rejoined a machine to the domain. User SID remains unchanged, so need to create new profile if User SID matches Profile SID.  Don't take my word for it, try it.... disjoin from domain... join domain.

I believe we owe to the community to question expert contributions that don't make sense and save an asker the run around otherwise we would be doing everyone a disservice including ourselves.  Nothing personal, lest wait for the author's response.
0
 
hecgomrecCommented:
When a Computer attached to a domain takes long to show the log in screen is usually because the machine is not able to find any Domain Controller and/or DNS server using current settings.

Make sure the IP settings for the NIC are correct based in your current LAN.  Also, make sure they are looking for the right server in your organization, if you have move DNS server or DHCP servers or if there is any conflict from removing or updating any of these within the organization then this is why your computers are randomly having issues to find those servers.
0
 
Helao MwapangashaAuthor Commented:
Tech Folks,

After long nights and all kinds troubleshooting i found the issue. I ran DCDiag /test:DNS on the DC and discovered a rouge name server entry. I deleted the _mcds entry of the serverx and this resolved the issue once the PC restarted.

All the DNS entries and communication pointers Helped.

You guys are awesome.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now