Troubleshooting slow logon issues on domain-joined workstation/server

Sometimes you may face an issue when logging on to the workstation/server which is joined to the domain, logon process at step “Applying user settings” takes a lot of time. The procedures defined below might help you to locate the cause of this problem.Клещ

By default logging of domain user actions (apply of group policies, profile loading etc.) are not being logged anywhere in retail builds of “Windows” operating system. Despite that, that log information is essential when troubleshooting slow logons problems, so you can enable the logging doing those steps:

After doing modifications above, NO computer reboot is required. Just navigate to %Systemroot%\DebugUserMode and look for a file Userenv.log.

There are two important things to notice about USERENV logging:

When you have the logging enabled, try logoff and logon to the computer again to generate some entries in the log. After successfully logging on, open Userenv.log log file. It should contain all the actions related to your domain (accessing domain controller, getting group policies, applying them, searching for your local user profile, creating it if it’s first time you logged on and so on). I won’t go deep into explanation of everything that is being reported in that log. Just try for some return codes, errors and keyword “failed” in that log. If you find any error codes in the log, you can check them with Microsoft’s ERR.EXE utility (ignore the title saying it’s for Exchange). Of course, you can search the error text, code or some other lines from the log in search engines. The results should be more useful than just searching for “windows slow logon”.

Also, be aware that there’s a timestamp in the log before each event. Using it you can find the exact steps where logging on takes too much time.

If the USERENV log doesn’t help finding exact problem (for example, bad group policy or permissions problem), you suspect there might be connectivity problems (firewall blocking connections) or you see errors such as “There are no more endpoints available from the endpoint mapper” in the Event Log, you could try using PORTQRY.EXE tool from Microsoft.

Try running the following command:
PORTQRY -n %LOGONSERVER:~2% -e 135
After running this command, you should see a list of all available mappers. If you any other message (for example that the port is filtered), that means that a firewall (on the computer, domain controller or between them) is blocking this port. This port (both UDP and TCP) should be opened.

When you have a list of those mappers, you should find some ports on the DC that are being used. Those ports are provided between brackets after DC names in the mappings list. Try to check those ports using the same tool:
PORTQRY -n %LOGONSERVER:~2% -o PORT1,PORT2
You should see status “LISTENING” for all of them. If you get any other status, there’s probably the problem with a firewall. According to Microsoft, TCP ports 1024-65535 should be available for those RPC connections and firewalls shouldn’t block them.

The problem of slow logon might be cause by many different things. Steps provided above are not definitive solution to fix any slow logon issue. Anyhow, those steps should be the first ones you should try when dealing with that sort of problem. Good luck!

Social

12 comments on the post

  1. I have problem with slow logging on client pc with the domain controller. Please give me the proper & easy solution for the same

    • There’s no “proper & easy solution” for this. There are hundreds of reasons why this could be happening as well as hundreds of possible solutions. Please try troubleshooting the issue yourself reading the tips above.

    • I have problem with slow logging on client pc with the domain controller. Please give me the proper & easy solution for the same, when power off and again power on the client, it will login normally and also unplugged the lan will login normally.

  2. i have also slowness while im trying to log in into the domail controller, but when im try to open my windows locallym it is working well.

    i had this problem before, then ine of my friend told me to change the dns from ( 192.168.1.1) to ( 127.0.0.1 ) i already changed it and it becomes faster than it is .

    after 1 month, i got back the same slowness, and i, sure that nobody change anything in the server.

    Any solution ???
    Mohanad

    • Hi check typing ‘nslookup server name ” to check if your client is talking to server or not if not then check dns setttings
      and if yes kindly network settings auto negotiation mode or it is in full duplex as per your network switch

  3. Thanks for the quick tuturial. I’ve used this a few time to troubleshoot issues. The trick it to take some time and go through the log file it generates. To the gentlemen above, he is correct, there are numerous reasons that a slow login can occur. Large roaming profiles, poor group policy processing, impatient users. But the log knows all!

  4. Hmm it looks like your site ate my first comment (it was
    super long) so I guess I’ll just sum it up what I submitted
    and say, I’m thoroughly enjoying your blog. I as well am an aspiring blog blogger but I’m still new
    to everything. Do you have any points for newbie blog writers?
    I’d genuinely appreciate it.

  5. Hi

    Why not recorded logs on DebugUserMode ?
    Do you created DebugUserMode Folder manually ?
    I’ve done the above settings, and Verbose vs normal state message enabled.
    but it still doesn’t work !!!!

    Help me please

  6. hellow guies
    i have the same problem of user login it’s take long time to open profile please i need some help

  7. hellow guies
    i have the same problem of user login it’s take long time to open profile please i need some help
    this my mail if their any idea about trik please contact my
    hamad.sd96@hotmail.com

Leave a Reply

Your email address will not be published. Required fields are marked *