none
Slow logon caused by Drive Mapping Group Policy

    Question

  • We're experiencing slow logon times on certain clients (up to 20 minutes). The problem only occurs at the first (re)boot of that day. I've enabled "Display highly detailed status messages" and see it hangs at "Processing Drive Mappings" so I enabled "Configure Drive Maps preference logging and tracing". The only thing I see in this log is the following:

    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] Entering ProcessGroupPolicyExDrives()
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] SOFTWARE\Policies\Microsoft\Windows\Group Policy\{5794DAFD-BE60-433f-88A2-1A31939AC01F}
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] BackgroundPriorityLevel ( 0 )
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] DisableRSoP ( 0 )
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] LogLevel ( 3 )
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] Command subsystem initialized. [SUCCEEDED(S_FALSE)]
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] Set user security context.
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] Set system security context.
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] User impersonation initialized.
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] Client context subsystem initialized.
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] Configuration subsystem initialized.
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] Licensing subsystem initialized.
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] Set user security context.
    2016-11-29 06:46:56.072 [pid=0x4fc,tid=0x15f0] User information initialized.
    2016-11-29 06:46:58.958 [pid=0x4fc,tid=0x15f0] Variable %ComSpec% = "C:\Windows\system32\cmd.exe"
    2016-11-29 06:46:58.958 [pid=0x4fc,tid=0x15f0] Variable %FP_NO_HOST_CHECK% = "NO"
    2016-11-29 06:46:58.958 [pid=0x4fc,tid=0x15f0] Variable %OS% = "Windows_NT"

    As you can see, it's initializing it's user information from 06:34:06.046 until 06:46:56.072 if I'm not mistaken. Why does this take so long? When I disable the policy (see bellow) the problem doesn't occur.

    <?xml version="1.0" encoding="utf-16"?>
    <GPO xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.microsoft.com/GroupPolicy/Settings"><Identifier><Identifier xmlns="http://www.microsoft.com/GroupPolicy/Types">{201AEDBB-6E09-4767-98DD-00F9E33BD701}</Identifier><Domain xmlns="http://www.microsoft.com/GroupPolicy/Types">domain.local</Domain></Identifier><Name>domain:Users_All:DriveMaps:UP</Name><IncludeComments>true</IncludeComments><CreatedTime>2016-08-30T09:02:19</CreatedTime><ModifiedTime>2016-11-23T12:30:32</ModifiedTime><ReadTime>2016-11-29T10:05:46.132037Z</ReadTime><SecurityDescriptor><SDDL xmlns="http://www.microsoft.com/GroupPolicy/Types/Security">O:DAG:DAD:PAI(OA;CI;CR;edacfd8f-ffb3-11d1-b41d-00a0c968f939;;AU)(A;;CCDCLCSWRPWPDTLOSDRCWDWO;;;DA)(A;CI;CCDCLCSWRPWPDTLOSDRCWDWO;;;DA)(A;CI;CCDCLCSWRPWPDTLOSDRCWDWO;;;S-1-5-21-1410742142-344776957-3069341034-519)(A;CI;LCRPLORC;;;ED)(A;CI;LCRPLORC;;;AU)(A;CI;CCDCLCSWRPWPDTLOSDRCWDWO;;;SY)(A;CIIO;CCDCLCSWRPWPDTLOSDRCWDWO;;;CO)S:AI(OU;CIIDSA;WPWD;;f30e3bc2-9ff0-11d1-b603-0000f80367c1;WD)(OU;CIIOIDSA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CIIOIDSA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)</SDDL><Owner xmlns="http://www.microsoft.com/GroupPolicy/Types/Security"><SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-21-1410742142-344776957-3069341034-512</SID><Name xmlns="http://www.microsoft.com/GroupPolicy/Types">domain\Domain Admins</Name></Owner><Group xmlns="http://www.microsoft.com/GroupPolicy/Types/Security"><SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-21-1410742142-344776957-3069341034-512</SID><Name xmlns="http://www.microsoft.com/GroupPolicy/Types">domain\Domain Admins</Name></Group><PermissionsPresent xmlns="http://www.microsoft.com/GroupPolicy/Types/Security">true</PermissionsPresent><Permissions xmlns="http://www.microsoft.com/GroupPolicy/Types/Security"><InheritsFromParent>false</InheritsFromParent><TrusteePermissions><Trustee><SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-21-1410742142-344776957-3069341034-512</SID><Name xmlns="http://www.microsoft.com/GroupPolicy/Types">domain\Domain Admins</Name></Trustee><Type xsi:type="PermissionType"><PermissionType>Allow</PermissionType></Type><Inherited>false</Inherited><Applicability><ToSelf>true</ToSelf><ToDescendantObjects>false</ToDescendantObjects><ToDescendantContainers>true</ToDescendantContainers><ToDirectDescendantsOnly>false</ToDirectDescendantsOnly></Applicability><Standard><GPOGroupedAccessEnum>Edit, delete, modify security</GPOGroupedAccessEnum></Standard><AccessMask>0</AccessMask></TrusteePermissions><TrusteePermissions><Trustee><SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-9</SID><Name xmlns="http://www.microsoft.com/GroupPolicy/Types">NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS</Name></Trustee><Type xsi:type="PermissionType"><PermissionType>Allow</PermissionType></Type><Inherited>false</Inherited><Applicability><ToSelf>true</ToSelf><ToDescendantObjects>false</ToDescendantObjects><ToDescendantContainers>true</ToDescendantContainers><ToDirectDescendantsOnly>false</ToDirectDescendantsOnly></Applicability><Standard><GPOGroupedAccessEnum>Read</GPOGroupedAccessEnum></Standard><AccessMask>0</AccessMask></TrusteePermissions><TrusteePermissions><Trustee><SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-18</SID><Name xmlns="http://www.microsoft.com/GroupPolicy/Types">NT AUTHORITY\SYSTEM</Name></Trustee><Type xsi:type="PermissionType"><PermissionType>Allow</PermissionType></Type><Inherited>false</Inherited><Applicability><ToSelf>true</ToSelf><ToDescendantObjects>false</ToDescendantObjects><ToDescendantContainers>true</ToDescendantContainers><ToDirectDescendantsOnly>false</ToDirectDescendantsOnly></Applicability><Standard><GPOGroupedAccessEnum>Edit, delete, modify security</GPOGroupedAccessEnum></Standard><AccessMask>0</AccessMask></TrusteePermissions><TrusteePermissions><Trustee><SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-11</SID><Name xmlns="http://www.microsoft.com/GroupPolicy/Types">NT AUTHORITY\Authenticated Users</Name></Trustee><Type xsi:type="PermissionType"><PermissionType>Allow</PermissionType></Type><Inherited>false</Inherited><Applicability><ToSelf>true</ToSelf><ToDescendantObjects>false</ToDescendantObjects><ToDescendantContainers>true</ToDescendantContainers><ToDirectDescendantsOnly>false</ToDirectDescendantsOnly></Applicability><Standard><GPOGroupedAccessEnum>Apply Group Policy</GPOGroupedAccessEnum></Standard><AccessMask>0</AccessMask></TrusteePermissions><TrusteePermissions><Trustee><SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-21-1410742142-344776957-3069341034-519</SID><Name xmlns="http://www.microsoft.com/GroupPolicy/Types">domain\Enterprise Admins</Name></Trustee><Type xsi:type="PermissionType"><PermissionType>Allow</PermissionType></Type><Inherited>false</Inherited><Applicability><ToSelf>true</ToSelf><ToDescendantObjects>false</ToDescendantObjects><ToDescendantContainers>true</ToDescendantContainers><ToDirectDescendantsOnly>false</ToDirectDescendantsOnly></Applicability><Standard><GPOGroupedAccessEnum>Edit, delete, modify security</GPOGroupedAccessEnum></Standard><AccessMask>0</AccessMask></TrusteePermissions></Permissions><AuditingPresent xmlns="http://www.microsoft.com/GroupPolicy/Types/Security">false</AuditingPresent></SecurityDescriptor><FilterDataAvailable>true</FilterDataAvailable><Computer><VersionDirectory>0</VersionDirectory><VersionSysvol>0</VersionSysvol><Enabled>false</Enabled></Computer><User><VersionDirectory>344</VersionDirectory><VersionSysvol>344</VersionSysvol><Enabled>true</Enabled><ExtensionData><Extension xsi:type="q1:DriveMapSettings" xmlns:q1="http://www.microsoft.com/GroupPolicy/Settings/DriveMaps"><q1:DriveMapSettings clsid="{8FDDCC1A-0C3C-43cd-A6B4-71A6DF20DA8C}"><q1:Drive clsid="{935D1B74-9CB8-4e3c-9914-7DD559B7A417}" name="A:" status="A:" image="3" changed="2016-09-07 09:56:23" uid="{7D73B874-DDFD-4696-A8BE-5019E87F0C32}" bypassErrors="1" disabled="0"><q1:GPOSettingOrder>1</q1:GPOSettingOrder><q1:Properties action="D" thisDrive="NOCHANGE" allDrives="NOCHANGE" userName="" path="" label="" persistent="0" useLetter="0" letter="A"></q1:Properties><q1:Filters><q1:FilterGroup bool="AND" not="1" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterGroup bool="AND" not="1" name="domain\domain-users-LocalComputer" sid="S-1-5-21-1410742142-344776957-3069341034-1232" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterGroup bool="AND" not="1" name="domain\domain-users-Holding" sid="S-1-5-21-1410742142-344776957-3069341034-1249" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup></q1:Filters></q1:Drive><q1:Drive clsid="{935D1B74-9CB8-4e3c-9914-7DD559B7A417}" name="A:" status="A:" image="3" changed="2016-09-07 09:56:38" uid="{8CF3A1DD-D928-4775-8C89-F16421F1DA1F}" disabled="0" bypassErrors="1"><q1:GPOSettingOrder>2</q1:GPOSettingOrder><q1:Properties action="D" thisDrive="NOCHANGE" allDrives="NOCHANGE" userName="" path="" label="" persistent="0" useLetter="0" letter="A"></q1:Properties><q1:Filters><q1:FilterRunOnce hidden="1" not="0" bool="AND" id="{7738C1FB-9988-4308-B303-66540B515CBA}"></q1:FilterRunOnce><q1:FilterGroup bool="AND" not="1" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterGroup bool="AND" not="1" name="domain\domain-users-ComfortEnergy" sid="S-1-5-21-1410742142-344776957-3069341034-1249" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup></q1:Filters></q1:Drive><q1:Drive clsid="{935D1B74-9CB8-4e3c-9914-7DD559B7A417}" name="N:" status="N:" image="1" changed="2016-11-23 11:26:41" uid="{D5C903AE-6267-4B43-9E08-1B6E93FB5022}" removePolicy="1" bypassErrors="1"><q1:GPOSettingOrder>3</q1:GPOSettingOrder><q1:Properties action="R" thisDrive="NOCHANGE" allDrives="NOCHANGE" userName="" path="\\domain.local\olddata\data1" label="DATA" persistent="0" useLetter="1" letter="N"></q1:Properties><q1:Filters><q1:FilterCollection bool="AND" not="0"><q1:FilterGroup bool="AND" not="0" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterCollection bool="OR" not="0"><q1:FilterGroup bool="AND" not="0" name="domain\domain-users-LocalComputer" sid="S-1-5-21-1410742142-344776957-3069341034-1232" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterGroup bool="AND" not="1" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup></q1:FilterCollection></q1:FilterCollection><q1:FilterGroup bool="AND" not="1" name="domain\domain-role-dne-technieker" sid="S-1-5-21-1410742142-344776957-3069341034-1268" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterGroup bool="AND" not="1" name="domain\domain-role-domain-techniekers" sid="S-1-5-21-1410742142-344776957-3069341034-1277" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterUser bool="AND" not="1" name="domain\tania.b" sid="S-1-5-21-1410742142-344776957-3069341034-1299"></q1:FilterUser><q1:FilterGroup bool="AND" not="1" name="domain\domain-users-Subdepartment1" sid="S-1-5-21-1410742142-344776957-3069341034-1325" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup></q1:Filters></q1:Drive><q1:Drive clsid="{935D1B74-9CB8-4e3c-9914-7DD559B7A417}" name="O:" status="O:" image="1" changed="2016-11-23 11:26:47" uid="{D71CFD3D-4B84-4BB2-AE71-CD21FF93C2A9}" removePolicy="1" bypassErrors="1"><q1:GPOSettingOrder>4</q1:GPOSettingOrder><q1:Properties action="R" thisDrive="NOCHANGE" allDrives="NOCHANGE" userName="" path="\\domain.local\olddata\data2" label="DATA2" persistent="0" useLetter="1" letter="O"></q1:Properties><q1:Filters><q1:FilterCollection bool="AND" not="0"><q1:FilterGroup bool="AND" not="0" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterCollection bool="OR" not="0"><q1:FilterGroup bool="AND" not="0" name="domain\domain-users-LocalComputer" sid="S-1-5-21-1410742142-344776957-3069341034-1232" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterGroup bool="AND" not="1" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup></q1:FilterCollection></q1:FilterCollection><q1:FilterGroup bool="AND" not="1" name="domain\domain-role-dne-technieker" sid="S-1-5-21-1410742142-344776957-3069341034-1268" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterGroup bool="AND" not="1" name="domain\domain-role-domain-techniekers" sid="S-1-5-21-1410742142-344776957-3069341034-1277" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterUser bool="AND" not="1" name="domain\tania.b" sid="S-1-5-21-1410742142-344776957-3069341034-1299"></q1:FilterUser><q1:FilterGroup bool="AND" not="1" name="domain\domain-users-Subdepartment1" sid="S-1-5-21-1410742142-344776957-3069341034-1325" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup></q1:Filters></q1:Drive><q1:Drive clsid="{935D1B74-9CB8-4e3c-9914-7DD559B7A417}" name="P:" status="P:" image="1" changed="2016-11-23 11:27:05" uid="{D0099B48-6861-4897-AEC8-6694B634F4FD}" disabled="0" removePolicy="1" bypassErrors="1"><q1:GPOSettingOrder>5</q1:GPOSettingOrder><q1:Properties action="R" thisDrive="NOCHANGE" allDrives="NOCHANGE" userName="" path="\\domain.local\olddata\data1\projecten" label="Projecten" persistent="0" useLetter="1" letter="P"></q1:Properties><q1:Filters><q1:FilterCollection bool="AND" not="0"><q1:FilterGroup bool="AND" not="0" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterCollection bool="OR" not="0"><q1:FilterGroup bool="AND" not="1" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterGroup bool="AND" not="0" name="domain\domain-users-LocalComputer" sid="S-1-5-21-1410742142-344776957-3069341034-1232" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup></q1:FilterCollection></q1:FilterCollection><q1:FilterGroup bool="AND" not="1" name="domain\domain-role-dne-technieker" sid="S-1-5-21-1410742142-344776957-3069341034-1268" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterGroup bool="AND" not="1" name="domain\domain-role-domain-techniekers" sid="S-1-5-21-1410742142-344776957-3069341034-1277" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterUser bool="AND" not="1" name="domain\tania.b" sid="S-1-5-21-1410742142-344776957-3069341034-1299"></q1:FilterUser><q1:FilterGroup bool="AND" not="1" name="domain\domain-users-Subdepartment1" sid="S-1-5-21-1410742142-344776957-3069341034-1325" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup></q1:Filters></q1:Drive><q1:Drive clsid="{935D1B74-9CB8-4e3c-9914-7DD559B7A417}" name="Q:" status="Q:" image="1" changed="2016-11-23 11:27:10" uid="{FE675A8A-9444-4663-9746-0E674569B75E}" disabled="0" removePolicy="1" bypassErrors="1"><q1:GPOSettingOrder>6</q1:GPOSettingOrder><q1:Properties action="R" thisDrive="NOCHANGE" allDrives="NOCHANGE" userName="" path="\\domain.local\olddata\data-Local" label="Data - Local" persistent="0" useLetter="1" letter="Q"></q1:Properties><q1:Filters><q1:FilterCollection bool="AND" not="0"><q1:FilterGroup bool="AND" not="0" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterCollection bool="OR" not="0"><q1:FilterGroup bool="AND" not="1" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterGroup bool="AND" not="0" name="domain\domain-users-LocalComputer" sid="S-1-5-21-1410742142-344776957-3069341034-1232" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup></q1:FilterCollection></q1:FilterCollection><q1:FilterGroup bool="AND" not="1" name="domain\domain-role-dne-technieker" sid="S-1-5-21-1410742142-344776957-3069341034-1268" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterGroup bool="AND" not="1" name="domain\domain-role-domain-techniekers" sid="S-1-5-21-1410742142-344776957-3069341034-1277" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterUser bool="AND" not="1" name="domain\tania.b" sid="S-1-5-21-1410742142-344776957-3069341034-1299"></q1:FilterUser><q1:FilterGroup bool="AND" not="1" name="domain\domain-users-Subdepartment1" sid="S-1-5-21-1410742142-344776957-3069341034-1325" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup></q1:Filters></q1:Drive><q1:Drive clsid="{935D1B74-9CB8-4e3c-9914-7DD559B7A417}" name="R:" status="R:" image="1" changed="2016-11-23 11:27:13" uid="{96393BCE-0699-440C-99CD-554E4C52918E}" disabled="0" removePolicy="1" bypassErrors="1"><q1:GPOSettingOrder>7</q1:GPOSettingOrder><q1:Properties action="R" thisDrive="NOCHANGE" allDrives="NOCHANGE" userName="" path="\\domain.local\olddata\projecten-Local" label="Projecten - Local" persistent="0" useLetter="1" letter="R"></q1:Properties><q1:Filters><q1:FilterCollection bool="AND" not="0"><q1:FilterGroup bool="AND" not="0" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterCollection bool="OR" not="0"><q1:FilterGroup bool="AND" not="1" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterGroup bool="AND" not="0" name="domain\domain-users-LocalComputer" sid="S-1-5-21-1410742142-344776957-3069341034-1232" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup></q1:FilterCollection><q1:FilterUser bool="OR" not="0" name="domain\cooltool" sid="S-1-5-21-1410742142-344776957-3069341034-1246"></q1:FilterUser></q1:FilterCollection><q1:FilterGroup bool="AND" not="1" name="domain\domain-role-dne-technieker" sid="S-1-5-21-1410742142-344776957-3069341034-1268" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterGroup bool="AND" not="1" name="domain\domain-role-domain-techniekers" sid="S-1-5-21-1410742142-344776957-3069341034-1277" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterUser bool="AND" not="1" name="domain\tania.b" sid="S-1-5-21-1410742142-344776957-3069341034-1299"></q1:FilterUser><q1:FilterGroup bool="AND" not="1" name="domain\domain-users-Subdepartment1" sid="S-1-5-21-1410742142-344776957-3069341034-1325" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup></q1:Filters></q1:Drive><q1:Drive clsid="{935D1B74-9CB8-4e3c-9914-7DD559B7A417}" name="S:" status="S:" image="1" changed="2016-11-23 11:27:19" uid="{682C7C42-B8B1-4F0F-9976-03CAE4954768}" disabled="0" removePolicy="1" bypassErrors="1"><q1:GPOSettingOrder>8</q1:GPOSettingOrder><q1:Properties action="R" thisDrive="NOCHANGE" allDrives="NOCHANGE" userName="" path="\\domain.local\olddata\DNE" label="Data - DNE" persistent="0" useLetter="1" letter="S"></q1:Properties><q1:Filters><q1:FilterCollection bool="AND" not="0"><q1:FilterGroup bool="AND" not="0" name="domain\domain-users-Subdepartment2" sid="S-1-5-21-1410742142-344776957-3069341034-1638" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterCollection bool="AND" not="0"><q1:FilterGroup bool="AND" not="0" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterCollection bool="OR" not="0"><q1:FilterGroup bool="AND" not="1" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterGroup bool="AND" not="0" name="domain\domain-users-LocalComputer" sid="S-1-5-21-1410742142-344776957-3069341034-1232" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup></q1:FilterCollection></q1:FilterCollection></q1:FilterCollection><q1:FilterGroup bool="AND" not="1" name="domain\domain-role-dne-technieker" sid="S-1-5-21-1410742142-344776957-3069341034-1268" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup></q1:Filters></q1:Drive><q1:Drive clsid="{935D1B74-9CB8-4e3c-9914-7DD559B7A417}" name="T:" status="T:" image="1" changed="2016-11-23 11:27:24" uid="{699B336A-B408-4138-9AC1-420C185300F2}" disabled="0" removePolicy="1" bypassErrors="1"><q1:GPOSettingOrder>9</q1:GPOSettingOrder><q1:Properties action="R" thisDrive="NOCHANGE" allDrives="NOCHANGE" userName="" path="\\domain.local\olddata\dne-techniekers" label="Data - DNE Techniekers" persistent="0" useLetter="1" letter="T"></q1:Properties><q1:Filters><q1:FilterGroup bool="AND" not="0" name="domain\domain-users-Subdepartment2" sid="S-1-5-21-1410742142-344776957-3069341034-1638" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterCollection bool="AND" not="0"><q1:FilterGroup bool="AND" not="0" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterCollection bool="OR" not="0"><q1:FilterGroup bool="AND" not="1" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterGroup bool="AND" not="0" name="domain\domain-users-LocalComputer" sid="S-1-5-21-1410742142-344776957-3069341034-1232" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup></q1:FilterCollection></q1:FilterCollection></q1:Filters></q1:Drive><q1:Drive clsid="{935D1B74-9CB8-4e3c-9914-7DD559B7A417}" name="L:" status="L:" image="1" changed="2016-11-23 11:27:29" uid="{F6FA981B-B4E8-481B-9902-8347594C2A76}" disabled="0" removePolicy="1" bypassErrors="1"><q1:GPOSettingOrder>10</q1:GPOSettingOrder><q1:Properties action="R" thisDrive="NOCHANGE" allDrives="NOCHANGE" userName="" path="\\domain.local\data" label="DATA" persistent="0" useLetter="1" letter="L"></q1:Properties><q1:Filters><q1:FilterCollection bool="AND" not="0"><q1:FilterGroup bool="AND" not="0" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterCollection bool="OR" not="0"><q1:FilterGroup bool="AND" not="0" name="domain\domain-users-LocalComputer" sid="S-1-5-21-1410742142-344776957-3069341034-1232" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterGroup bool="AND" not="1" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup></q1:FilterCollection></q1:FilterCollection><q1:FilterGroup bool="AND" not="0" name="domain\domain-users-Subdepartment1" sid="S-1-5-21-1410742142-344776957-3069341034-1325" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup></q1:Filters></q1:Drive><q1:Drive clsid="{935D1B74-9CB8-4e3c-9914-7DD559B7A417}" name="J:" status="J:" image="1" changed="2016-11-23 11:27:38" uid="{6895B094-3888-4D98-8FA8-778126D09FE6}" removePolicy="1" bypassErrors="1"><q1:GPOSettingOrder>11</q1:GPOSettingOrder><q1:Properties action="R" thisDrive="NOCHANGE" allDrives="NOCHANGE" userName="" path="\\srvdomain005\data$" label="BRILJANT" persistent="0" useLetter="1" letter="J"></q1:Properties><q1:Filters><q1:FilterGroup bool="AND" not="0" name="domain\domain-app-Briljant" sid="S-1-5-21-1410742142-344776957-3069341034-1291" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterGroup bool="AND" not="0" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup></q1:Filters></q1:Drive><q1:Drive clsid="{935D1B74-9CB8-4e3c-9914-7DD559B7A417}" name="S:" status="S:" image="1" changed="2016-11-23 11:27:45" uid="{814B7A9A-5DC1-421A-A8D3-7610D9250396}" removePolicy="1" bypassErrors="1"><q1:GPOSettingOrder>12</q1:GPOSettingOrder><q1:Properties action="R" thisDrive="NOCHANGE" allDrives="NOCHANGE" userName="" path="\\domain.local\domain\frigodata" label="FrigoData" persistent="0" useLetter="1" letter="S"></q1:Properties><q1:Filters><q1:FilterUser bool="AND" not="0" name="domain\techdienst" sid="S-1-5-21-1410742142-344776957-3069341034-1747"></q1:FilterUser></q1:Filters></q1:Drive><q1:Drive clsid="{935D1B74-9CB8-4e3c-9914-7DD559B7A417}" name="M:" status="M:" image="1" changed="2016-09-08 15:33:34" uid="{1F552E4C-D8E2-4EFB-BBA2-9CFF86B89C89}" removePolicy="1" userContext="1" bypassErrors="1"><q1:GPOSettingOrder>13</q1:GPOSettingOrder><q1:Properties action="R" thisDrive="NOCHANGE" allDrives="NOCHANGE" userName="" path="\\domain.local\userdata\home\%USERNAME%" label="HOME" persistent="0" useLetter="1" letter="M"></q1:Properties><q1:Filters><q1:FilterCollection bool="AND" not="0"><q1:FilterGroup bool="AND" not="0" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterCollection bool="OR" not="0"><q1:FilterGroup bool="AND" not="0" name="domain\domain-users-LocalComputer" sid="S-1-5-21-1410742142-344776957-3069341034-1232" userContext="1" primaryGroup="0" localGroup="0"></q1:FilterGroup><q1:FilterGroup bool="AND" not="1" name="domain\domain-servers-ts" sid="S-1-5-21-1410742142-344776957-3069341034-1630" userContext="0" primaryGroup="0" localGroup="0"></q1:FilterGroup></q1:FilterCollection><q1:FilterUser bool="OR" not="0" name="domain\cooltool" sid="S-1-5-21-1410742142-344776957-3069341034-1246"></q1:FilterUser></q1:FilterCollection></q1:Filters></q1:Drive></q1:DriveMapSettings></Extension><Name>Drive Maps</Name></ExtensionData></User><LinksTo><SOMName>Users</SOMName><SOMPath>domain.local/customer/Users</SOMPath><Enabled>true</Enabled><NoOverride>false</NoOverride></LinksTo><LinksTo><SOMName>TS</SOMName><SOMPath>domain.local/customer/Servers/TS</SOMPath><Enabled>false</Enabled><NoOverride>false</NoOverride></LinksTo><
    Tuesday, November 29, 2016 10:17 AM

Answers

All replies

  • > 06:34:06.046 until 06:46:56.072 if I'm not mistaken. Why does this take
     
    This is not from the Drive Maps trace, but AFAIK from the gpsvc debug
    log. That's useless for your issue - the Drive Maps trace should contain
    these 12 minutes gap and what it is doing during that gap.
     
     
     
    Is this the content of your drive mapping GPO? Very lot of security
    principals in there - might be an issue with resolving them.
     
    Tuesday, November 29, 2016 4:30 PM
  • Am 29.11.2016 um 17:30 schrieb Martin Binder [MVP]:
    > Is this the content of your drive mapping GPO? Very lot of security
    > principals in there - might be an issue with resolving them.
     
    ... or if the destination is not reachable, it takes a while to get a
    RPC timeout.
     
    Mark
    --
    Mark Heitbrink - MVP Group Policy - Cloud and Datacenter Management
     
    Homepage:  http://www.gruppenrichtlinien.de - deutsch
     
    Tuesday, November 29, 2016 4:44 PM
  • Unfortunately this is the Drive Maps trace, it isn't showing why it's waiting 12 minutes. See the log below. The user shut down his computer when it took to long to logon so the log isn't complete. I've added another log from a different user experiencing the same issue. Is there some other kind of logging I could enable to see what it's waiting on?

    The XML is indeed the the content of my drive mapping GPO. I know it has a lot of security but the weird thing is the problem only happens at the first (re)boot of the day. That's why I'm ruling out it has something to do with resolving the security principals or a destination unreachable of any kind.

    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] Entering ProcessGroupPolicyExDrives()
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] SOFTWARE\Policies\Microsoft\Windows\Group Policy\{5794DAFD-BE60-433f-88A2-1A31939AC01F}
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] BackgroundPriorityLevel ( 0 )
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] DisableRSoP ( 0 )
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] LogLevel ( 3 )
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] Command subsystem initialized. [SUCCEEDED(S_FALSE)]
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] Set user security context.
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] Set system security context.
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] User impersonation initialized.
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] Client context subsystem initialized.
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] Configuration subsystem initialized.
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] Licensing subsystem initialized.
    2016-11-29 06:34:06.046 [pid=0x4fc,tid=0x15f0] Set user security context.
    2016-11-29 06:46:56.072 [pid=0x4fc,tid=0x15f0] User information initialized.
    2016-11-29 06:46:58.958 [pid=0x4fc,tid=0x15f0] Variable %ComSpec% = "C:\Windows\system32\cmd.exe"
    2016-11-29 06:46:58.958 [pid=0x4fc,tid=0x15f0] Variable %FP_NO_HOST_CHECK% = "NO"
    2016-11-29 06:46:58.958 [pid=0x4fc,tid=0x15f0] Variable %OS% = "Windows_NT"
    2016-11-29 06:46:58.958 [pid=0x4fc,tid=0x15f0] Variable %Path% = "C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Microsoft SQL Server\Client SDK\ODBC\110\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\DTS\Binn\"
    2016-11-29 06:46:58.989 [pid=0x4fc,tid=0x15f0] Variable %PATHEXT% = ".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC"
    2016-11-29 06:46:58.989 [pid=0x4fc,tid=0x15f0] Variable %PROCESSOR_ARCHITECTURE% = "AMD64"
    2016-11-29 06:46:58.989 [pid=0x4fc,tid=0x15f0] Variable %TEMP% = "C:\Users\jan\AppData\Local\Temp"
    2016-11-29 06:46:58.989 [pid=0x4fc,tid=0x15f0] Variable %TMP% = "C:\Users\jan\AppData\Local\Temp"
    2016-11-29 06:46:58.989 [pid=0x4fc,tid=0x15f0] Variable %USERNAME% = "jan.b"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %windir% = "C:\Windows"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %PSModulePath% = "C:\Windows\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\PowerShell\Modules\"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %NUMBER_OF_PROCESSORS% = "8"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %PROCESSOR_LEVEL% = "6"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %PROCESSOR_IDENTIFIER% = "Intel64 Family 6 Model 60 Stepping 3, GenuineIntel"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %PROCESSOR_REVISION% = "3c03"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %CM2015DIR% = "C:\Program Files (x86)\Common Files\Autodesk Shared\Materials\"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %CM2012DIR% = "C:\Program Files (x86)\Common Files\Autodesk Shared\Materials\"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %ILBDIR% = "C:\Program Files (x86)\Common Files\Autodesk Shared\Materials\"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %asl.log% = "Destination=file"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %ALLUSERSPROFILE% = "C:\ProgramData"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %APPDATA% = "C:\Users\jan\AppData\Roaming"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %CommonProgramFiles% = "C:\Program Files\Common Files"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %CommonProgramFiles(x86)% = "C:\Program Files (x86)\Common Files"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %CommonProgramW6432% = "C:\Program Files\Common Files"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %COMPUTERNAME% = "COOLPC97"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %HOMEDRIVE% = "C:"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %HOMEPATH% = "\Users\jan"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %LOCALAPPDATA% = "C:\Users\jan\AppData\Local"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %LOGONSERVER% = "\\SRVdomain001"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %ProgramData% = "C:\ProgramData"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %ProgramFiles% = "C:\Program Files"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %ProgramFiles(x86)% = "C:\Program Files (x86)"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %ProgramW6432% = "C:\Program Files"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %PUBLIC% = "C:\Users\Public"
    2016-11-29 06:46:59.005 [pid=0x4fc,tid=0x15f0] Variable %SystemDrive% = "C:"
    2016-11-29 06:46:59.020 [pid=0x4fc,tid=0x15f0] Variable %SystemRoot% = "C:\Windows"
    2016-11-29 06:46:59.020 [pid=0x4fc,tid=0x15f0] Variable %USERDNSDOMAIN% = "domain.LOCAL"
    2016-11-29 06:46:59.020 [pid=0x4fc,tid=0x15f0] Variable %USERDOMAIN% = "domain"
    2016-11-29 06:46:59.020 [pid=0x4fc,tid=0x15f0] Variable %USERPROFILE% = "C:\Users\jan"
    2016-11-29 06:46:59.020 [pid=0x4fc,tid=0x15f0] Variable %LogonUser% = "jan.b"
    2016-11-29 06:46:59.020 [pid=0x4fc,tid=0x15f0] Variable %LogonDomain% = "domain"
    2016-11-29 06:46:59.020 [pid=0x4fc,tid=0x15f0] Variable %LogonUserSid% = "S-1-5-21-1410742142-344776957-3069341034-1237"
    2016-11-29 06:46:59.020 [pid=0x4fc,tid=0x15f0] Variable %BinaryUserSid% = "000004D5B6F26D6A148CE0FD5416377E000000150500000000000501"
    2016-11-29 06:46:59.020 [pid=0x4fc,tid=0x15f0] Variable %UserDN% = "CN=Jan B,OU=Customer,OU=Users,OU=Customer,DC=domain,DC=local"
    2016-11-29 06:46:59.020 [pid=0x4fc,tid=0x15f0] Variable %LdapUserSid% = "\01\05\00\00\00\00\00\05\15\00\00\00\7E\37\16\54\FD\E0\8C\14\6A\6D\F2\B6\D5\04\00\00"
    2016-11-29 06:46:59.020 [pid=0x4fc,tid=0x15f0] Variable %ReversedUserSid% = "0105000000000005150000007E371654FDE08C146A6DF2B6D5040000"
    2016-11-29 06:46:59.020 [pid=0x4fc,tid=0x15f0] Variable %BinaryComputerSid% = ""
    2016-11-29 06:46:59.020 [pid=0x4fc,tid=0x15f0] Variables subsystem initialized. [ hr = 0x80070057 "De parameter is onjuist." ]
    2016-11-29 06:46:59.020 [pid=0x4fc,tid=0x15f0] Set system security context.
    2016-11-29 06:46:59.036 [pid=0x4fc,tid=0x15f0] User impersonation uninitialized.
    2016-11-29 06:46:59.036 [pid=0x4fc,tid=0x15f0] Leaving ProcessGroupPolicyExDrives() returned 0x00000057
    2016-11-29 06:46:59.036 [pid=0x4fc,tid=0x15f0]

    Log from a different user:

    2016-11-30 07:30:02.375 [pid=0x494,tid=0xa5c] Entering ProcessGroupPolicyExDrives()
    2016-11-30 07:30:02.375 [pid=0x494,tid=0xa5c] SOFTWARE\Policies\Microsoft\Windows\Group Policy\{5794DAFD-BE60-433f-88A2-1A31939AC01F}
    2016-11-30 07:30:02.375 [pid=0x494,tid=0xa5c] BackgroundPriorityLevel ( 0 )
    2016-11-30 07:30:02.375 [pid=0x494,tid=0xa5c] DisableRSoP ( 0 )
    2016-11-30 07:30:02.375 [pid=0x494,tid=0xa5c] LogLevel ( 3 )
    2016-11-30 07:30:02.375 [pid=0x494,tid=0xa5c] Command subsystem initialized. [SUCCEEDED(S_FALSE)]
    2016-11-30 07:30:02.375 [pid=0x494,tid=0xa5c] Set user security context.
    2016-11-30 07:30:02.375 [pid=0x494,tid=0xa5c] Set system security context.
    2016-11-30 07:30:02.375 [pid=0x494,tid=0xa5c] User impersonation initialized.
    2016-11-30 07:30:02.375 [pid=0x494,tid=0xa5c] Client context subsystem initialized.
    2016-11-30 07:30:02.375 [pid=0x494,tid=0xa5c] Configuration subsystem initialized.
    2016-11-30 07:30:02.375 [pid=0x494,tid=0xa5c] Licensing subsystem initialized.
    2016-11-30 07:30:02.375 [pid=0x494,tid=0xa5c] Set user security context.
    2016-11-30 07:42:52.969 [pid=0x494,tid=0xa5c] User information initialized.
    2016-11-30 07:42:58.508 [pid=0x494,tid=0xa5c] Variable %ComSpec% = "C:\windows\system32\cmd.exe"
    2016-11-30 07:42:58.508 [pid=0x494,tid=0xa5c] Variable %FP_NO_HOST_CHECK% = "NO"
    2016-11-30 07:42:58.508 [pid=0x494,tid=0xa5c] Variable %OS% = "Windows_NT"
    2016-11-30 07:42:58.508 [pid=0x494,tid=0xa5c] Variable %Path% = "C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT"
    2016-11-30 07:42:58.523 [pid=0x494,tid=0xa5c] Variable %PATHEXT% = ".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC"
    2016-11-30 07:42:58.523 [pid=0x494,tid=0xa5c] Variable %PROCESSOR_ARCHITECTURE% = "AMD64"
    2016-11-30 07:42:58.523 [pid=0x494,tid=0xa5c] Variable %TEMP% = "C:\Users\sabrina.v\AppData\Local\Temp"
    2016-11-30 07:42:58.523 [pid=0x494,tid=0xa5c] Variable %TMP% = "C:\Users\sabrina.v\AppData\Local\Temp"
    2016-11-30 07:42:58.523 [pid=0x494,tid=0xa5c] Variable %USERNAME% = "sabrina.vdh"
    2016-11-30 07:42:58.523 [pid=0x494,tid=0xa5c] Variable %windir% = "C:\windows"
    2016-11-30 07:42:58.523 [pid=0x494,tid=0xa5c] Variable %PSModulePath% = "C:\windows\system32\WindowsPowerShell\v1.0\Modules\"
    2016-11-30 07:42:58.523 [pid=0x494,tid=0xa5c] Variable %NUMBER_OF_PROCESSORS% = "4"
    2016-11-30 07:42:58.523 [pid=0x494,tid=0xa5c] Variable %PROCESSOR_LEVEL% = "6"
    2016-11-30 07:42:58.523 [pid=0x494,tid=0xa5c] Variable %PROCESSOR_IDENTIFIER% = "Intel64 Family 6 Model 94 Stepping 3, GenuineIntel"
    2016-11-30 07:42:58.523 [pid=0x494,tid=0xa5c] Variable %PROCESSOR_REVISION% = "5e03"
    2016-11-30 07:42:58.523 [pid=0x494,tid=0xa5c] Variable %windows_tracing_logfile% = "C:\BVTBin\Tests\installpackage\csilogfile.log"
    2016-11-30 07:42:58.523 [pid=0x494,tid=0xa5c] Variable %windows_tracing_flags% = "3"
    2016-11-30 07:42:58.523 [pid=0x494,tid=0xa5c] Variable %FPPUILang% = "en-US"
    2016-11-30 07:42:58.523 [pid=0x494,tid=0xa5c] Variable %OnlineServices% = "Online Services"
    2016-11-30 07:42:58.523 [pid=0x494,tid=0xa5c] Variable %platformcode% = "7F"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %RegionCode% = "EMEA"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %PTSMINSTALLPATH_X86% = "c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %OOBEUILang% = "nl-NL"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %ALLUSERSPROFILE% = "C:\ProgramData"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %APPDATA% = "C:\Users\sabrina.v\AppData\Roaming"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %CommonProgramFiles% = "C:\Program Files\Common Files"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %CommonProgramFiles(x86)% = "C:\Program Files (x86)\Common Files"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %CommonProgramW6432% = "C:\Program Files\Common Files"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %COMPUTERNAME% = "COOLPC114"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %HOMEDRIVE% = "C:"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %HOMEPATH% = "\Users\sabrina.v"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %LOCALAPPDATA% = "C:\Users\sabrina.v\AppData\Local"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %LOGONSERVER% = "\\SRVdomain002"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %ProgramData% = "C:\ProgramData"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %ProgramFiles% = "C:\Program Files"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %ProgramFiles(x86)% = "C:\Program Files (x86)"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %ProgramW6432% = "C:\Program Files"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %PUBLIC% = "C:\Users\Public"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %SystemDrive% = "C:"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %SystemRoot% = "C:\windows"
    2016-11-30 07:42:58.539 [pid=0x494,tid=0xa5c] Variable %USERDNSDOMAIN% = "domain.LOCAL"
    2016-11-30 07:42:58.554 [pid=0x494,tid=0xa5c] Variable %USERDOMAIN% = "domain"
    2016-11-30 07:42:58.554 [pid=0x494,tid=0xa5c] Variable %USERPROFILE% = "C:\Users\sabrina.v"
    2016-11-30 07:42:58.554 [pid=0x494,tid=0xa5c] Variable %LogonUser% = "sabrina.vdh"
    2016-11-30 07:42:58.554 [pid=0x494,tid=0xa5c] Variable %LogonDomain% = "domain"
    2016-11-30 07:42:58.554 [pid=0x494,tid=0xa5c] Variable %LogonUserSid% = "S-1-5-21-1410742142-344776957-3069341034-1685"
    2016-11-30 07:42:58.554 [pid=0x494,tid=0xa5c] Variable %BinaryUserSid% = "00000695B6F26D6A148CE0FD5416377E000000150500000000000501"
    2016-11-30 07:42:58.554 [pid=0x494,tid=0xa5c] Variable %UserDN% = "CN=Sabrina V,OU=Subdepartment1,OU=Users,OU=Customer,DC=domain,DC=local"
    2016-11-30 07:42:58.554 [pid=0x494,tid=0xa5c] Variable %LdapUserSid% = "\01\05\00\00\00\00\00\05\15\00\00\00\7E\37\16\54\FD\E0\8C\14\6A\6D\F2\B6\95\06\00\00"
    2016-11-30 07:42:58.554 [pid=0x494,tid=0xa5c] Variable %ReversedUserSid% = "0105000000000005150000007E371654FDE08C146A6DF2B695060000"
    2016-11-30 07:42:58.554 [pid=0x494,tid=0xa5c] Variable %BinaryComputerSid% = ""
    2016-11-30 07:42:58.554 [pid=0x494,tid=0xa5c] Variables subsystem initialized. [ hr = 0x80070057 "De parameter is onjuist." ]
    2016-11-30 07:42:58.554 [pid=0x494,tid=0xa5c] Set system security context.
    2016-11-30 07:42:58.554 [pid=0x494,tid=0xa5c] User impersonation uninitialized.
    2016-11-30 07:42:58.601 [pid=0x494,tid=0xa5c] Leaving ProcessGroupPolicyExDrives() returned 0x00000057
    2016-11-30 07:42:58.601 [pid=0x494,tid=0xa5c]
    2016-11-30 07:45:59.036 [pid=0x498,tid=0xb18] Entering ProcessGroupPolicyExDrives()
    2016-11-30 07:45:59.052 [pid=0x498,tid=0xb18] SOFTWARE\Policies\Microsoft\Windows\Group Policy\{5794DAFD-BE60-433f-88A2-1A31939AC01F}
    2016-11-30 07:45:59.052 [pid=0x498,tid=0xb18] BackgroundPriorityLevel ( 0 )
    2016-11-30 07:45:59.052 [pid=0x498,tid=0xb18] DisableRSoP ( 0 )
    2016-11-30 07:45:59.052 [pid=0x498,tid=0xb18] LogLevel ( 3 )
    2016-11-30 07:45:59.052 [pid=0x498,tid=0xb18] Command subsystem initialized. [SUCCEEDED(S_FALSE)]
    2016-11-30 07:45:59.052 [pid=0x498,tid=0xb18] Set user security context.
    2016-11-30 07:45:59.052 [pid=0x498,tid=0xb18] Set system security context.
    2016-11-30 07:45:59.052 [pid=0x498,tid=0xb18] User impersonation initialized.
    2016-11-30 07:45:59.052 [pid=0x498,tid=0xb18] Client context subsystem initialized.
    2016-11-30 07:45:59.052 [pid=0x498,tid=0xb18] Configuration subsystem initialized.
    2016-11-30 07:45:59.052 [pid=0x498,tid=0xb18] Licensing subsystem initialized.
    2016-11-30 07:45:59.052 [pid=0x498,tid=0xb18] Set user security context.
    2016-11-30 07:58:48.776 [pid=0x498,tid=0xb18] User information initialized.
    2016-11-30 07:58:53.752 [pid=0x498,tid=0xb18] Variable %ComSpec% = "C:\windows\system32\cmd.exe"
    2016-11-30 07:58:53.767 [pid=0x498,tid=0xb18] Variable %FP_NO_HOST_CHECK% = "NO"
    2016-11-30 07:58:53.767 [pid=0x498,tid=0xb18] Variable %OS% = "Windows_NT"
    2016-11-30 07:58:53.767 [pid=0x498,tid=0xb18] Variable %Path% = "C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT"
    2016-11-30 07:58:53.767 [pid=0x498,tid=0xb18] Variable %PATHEXT% = ".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC"
    2016-11-30 07:58:53.767 [pid=0x498,tid=0xb18] Variable %PROCESSOR_ARCHITECTURE% = "AMD64"
    2016-11-30 07:58:53.767 [pid=0x498,tid=0xb18] Variable %TEMP% = "C:\Users\sabrina.v\AppData\Local\Temp"
    2016-11-30 07:58:53.767 [pid=0x498,tid=0xb18] Variable %TMP% = "C:\Users\sabrina.v\AppData\Local\Temp"
    2016-11-30 07:58:53.767 [pid=0x498,tid=0xb18] Variable %USERNAME% = "sabrina.vdh"
    2016-11-30 07:58:53.767 [pid=0x498,tid=0xb18] Variable %windir% = "C:\windows"
    2016-11-30 07:58:53.767 [pid=0x498,tid=0xb18] Variable %PSModulePath% = "C:\windows\system32\WindowsPowerShell\v1.0\Modules\"
    2016-11-30 07:58:53.767 [pid=0x498,tid=0xb18] Variable %NUMBER_OF_PROCESSORS% = "4"
    2016-11-30 07:58:53.767 [pid=0x498,tid=0xb18] Variable %PROCESSOR_LEVEL% = "6"
    2016-11-30 07:58:53.767 [pid=0x498,tid=0xb18] Variable %PROCESSOR_IDENTIFIER% = "Intel64 Family 6 Model 94 Stepping 3, GenuineIntel"
    2016-11-30 07:58:53.767 [pid=0x498,tid=0xb18] Variable %PROCESSOR_REVISION% = "5e03"
    2016-11-30 07:58:53.767 [pid=0x498,tid=0xb18] Variable %windows_tracing_logfile% = "C:\BVTBin\Tests\installpackage\csilogfile.log"
    2016-11-30 07:58:53.767 [pid=0x498,tid=0xb18] Variable %windows_tracing_flags% = "3"
    2016-11-30 07:58:53.767 [pid=0x498,tid=0xb18] Variable %FPPUILang% = "en-US"
    2016-11-30 07:58:53.783 [pid=0x498,tid=0xb18] Variable %OnlineServices% = "Online Services"
    2016-11-30 07:58:53.783 [pid=0x498,tid=0xb18] Variable %platformcode% = "7F"
    2016-11-30 07:58:53.783 [pid=0x498,tid=0xb18] Variable %RegionCode% = "EMEA"
    2016-11-30 07:58:53.783 [pid=0x498,tid=0xb18] Variable %PTSMINSTALLPATH_X86% = "c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\"
    2016-11-30 07:58:53.783 [pid=0x498,tid=0xb18] Variable %OOBEUILang% = "nl-NL"
    2016-11-30 07:58:53.783 [pid=0x498,tid=0xb18] Variable %ALLUSERSPROFILE% = "C:\ProgramData"
    2016-11-30 07:58:53.783 [pid=0x498,tid=0xb18] Variable %APPDATA% = "C:\Users\sabrina.v\AppData\Roaming"
    2016-11-30 07:58:53.783 [pid=0x498,tid=0xb18] Variable %CommonProgramFiles% = "C:\Program Files\Common Files"
    2016-11-30 07:58:53.783 [pid=0x498,tid=0xb18] Variable %CommonProgramFiles(x86)% = "C:\Program Files (x86)\Common Files"
    2016-11-30 07:58:53.783 [pid=0x498,tid=0xb18] Variable %CommonProgramW6432% = "C:\Program Files\Common Files"
    2016-11-30 07:58:53.783 [pid=0x498,tid=0xb18] Variable %COMPUTERNAME% = "COOLPC114"
    2016-11-30 07:58:53.783 [pid=0x498,tid=0xb18] Variable %HOMEDRIVE% = "C:"
    2016-11-30 07:58:53.783 [pid=0x498,tid=0xb18] Variable %HOMEPATH% = "\Users\sabrina.v"
    2016-11-30 07:58:53.783 [pid=0x498,tid=0xb18] Variable %LOCALAPPDATA% = "C:\Users\sabrina.v\AppData\Local"
    2016-11-30 07:58:53.783 [pid=0x498,tid=0xb18] Variable %LOGONSERVER% = "\\SRVdomain001"
    2016-11-30 07:58:53.783 [pid=0x498,tid=0xb18] Variable %ProgramData% = "C:\ProgramData"
    2016-11-30 07:58:53.783 [pid=0x498,tid=0xb18] Variable %ProgramFiles% = "C:\Program Files"
    2016-11-30 07:58:53.798 [pid=0x498,tid=0xb18] Variable %ProgramFiles(x86)% = "C:\Program Files (x86)"
    2016-11-30 07:58:53.798 [pid=0x498,tid=0xb18] Variable %ProgramW6432% = "C:\Program Files"
    2016-11-30 07:58:53.798 [pid=0x498,tid=0xb18] Variable %PUBLIC% = "C:\Users\Public"
    2016-11-30 07:58:53.798 [pid=0x498,tid=0xb18] Variable %SystemDrive% = "C:"
    2016-11-30 07:58:53.798 [pid=0x498,tid=0xb18] Variable %SystemRoot% = "C:\windows"
    2016-11-30 07:58:53.798 [pid=0x498,tid=0xb18] Variable %USERDNSDOMAIN% = "domain.LOCAL"
    2016-11-30 07:58:53.798 [pid=0x498,tid=0xb18] Variable %USERDOMAIN% = "domain"
    2016-11-30 07:58:53.798 [pid=0x498,tid=0xb18] Variable %USERPROFILE% = "C:\Users\sabrina.v"
    2016-11-30 07:58:53.798 [pid=0x498,tid=0xb18] Variable %LogonUser% = "sabrina.vdh"
    2016-11-30 07:58:53.798 [pid=0x498,tid=0xb18] Variable %LogonDomain% = "domain"
    2016-11-30 07:58:53.798 [pid=0x498,tid=0xb18] Variable %LogonUserSid% = "S-1-5-21-1410742142-344776957-3069341034-1685"
    2016-11-30 07:58:53.798 [pid=0x498,tid=0xb18] Variable %BinaryUserSid% = "00000695B6F26D6A148CE0FD5416377E000000150500000000000501"
    2016-11-30 07:58:53.798 [pid=0x498,tid=0xb18] Variable %UserDN% = "CN=Sabrina V,OU=Subdepartment1,OU=Users,OU=Customer,DC=domain,DC=local"
    2016-11-30 07:58:53.798 [pid=0x498,tid=0xb18] Variable %LdapUserSid% = "\01\05\00\00\00\00\00\05\15\00\00\00\7E\37\16\54\FD\E0\8C\14\6A\6D\F2\B6\95\06\00\00"
    2016-11-30 07:58:53.798 [pid=0x498,tid=0xb18] Variable %ReversedUserSid% = "0105000000000005150000007E371654FDE08C146A6DF2B695060000"
    2016-11-30 07:58:53.798 [pid=0x498,tid=0xb18] Variable %BinaryComputerSid% = ""
    2016-11-30 07:58:53.798 [pid=0x498,tid=0xb18] Variables subsystem initialized. [ hr = 0x80070057 "De parameter is onjuist." ]
    2016-11-30 07:58:53.798 [pid=0x498,tid=0xb18] Set system security context.
    2016-11-30 07:58:53.798 [pid=0x498,tid=0xb18] User impersonation uninitialized.
    2016-11-30 07:58:53.814 [pid=0x498,tid=0xb18] Leaving ProcessGroupPolicyExDrives() returned 0x00000057
    2016-11-30 07:58:53.814 [pid=0x498,tid=0xb18]



    Wednesday, November 30, 2016 8:52 AM
  • > some other kind of logging I could enable to see what it's waiting on?
     
    Did you enable "Informatin, Warning, Error" in the debug level? It
    should contain more information like in this example:
     
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Variables subsystem
    initialized.
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Set system security context.
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] ----- Parameters
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] CSE GUID :
    {5794DAFD-BE60-433f-88A2-1A31939AC01F}
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Flags : (   )
    GPO_INFO_FLAG_MACHINE - Apply machine policy rather than user policy
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4]         ( X )
    GPO_INFO_FLAG_BACKGROUND - Background refresh of policy (ok to do slow
    stuff)
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4]         (   )
    GPO_INFO_FLAG_SLOWLINK - Policy is being applied across a slow link
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4]         (   )
    GPO_INFO_FLAG_VERBOSE - Verbose output to the eventlog
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4]         ( X )
    GPO_INFO_FLAG_NOCHANGES - No changes were detected to the Group Policy
    Objects
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4]         (   )
    GPO_INFO_FLAG_LINKTRANSITION - A change in link speed was detected
    between previous policy application and current policy application
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4]         (   )
    GPO_INFO_FLAG_LOGRSOP_TRANSITION - A change in RSoP logging was detected
    between the application of the previous policy and the application of
    the current policy.
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4]         (   )
    GPO_INFO_FLAG_FORCED_REFRESH - Forced Refresh is being applied. redo
    policies.
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4]         (   )
    GPO_INFO_FLAG_SAFEMODE_BOOT - windows safe mode boot flag
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4]         (   )
    GPO_INFO_FLAG_ASYNC_FOREGROUND - Asynchronous foreground refresh of policy
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Token (computer or user
    SID): S-1-5-21-4063112376-1576679057-3622664657-1107
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Abort Flag : Yes (0x8449c310)
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] HKey Root : Yes (0x00001698)
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Deleted GPO List : No
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Changed GPO List : Yes
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Asynchronous Processing : Yes
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Status Callback : No
    (0x00000000)
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] WMI namespace : No
    (0x00000000)
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] RSoP Status : Yes (0x81fbe464)
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Planning Mode Site : (none)
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Computer Target : No
    (0x00000000)
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] User Target : No (0x00000000)
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Calculated session relevance.
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Completed CSE pre-processing.
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Calculated list relevance.
    [SUCCEEDED(S_FALSE)]
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Deleted GPO list is not
    relevant to the CSE.
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Calculated list relevance.
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Planning mode not detected.
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Processing changed list.
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Processing user policy.
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Got WMI namespace for
    logging mode.
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Completed get GPO list.
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Initialized internal RSoP
    storage.
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Completed GPO list
    pre-processing.
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] ----- Changed - 0
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Options : (   )
    GPO_FLAG_DISABLE - This GPO is disabled.
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4]           (   )
    GPO_FLAG_FORCE - Do not override the settings in this GPO with settings
    in a subsequent GPO.
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Options (raw) : 0x00000000
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] Version : 524296 (0x00080008)
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] GPC :
    LDAP://CN=User,cn={2F4BA886-E2FB-4217-AB9B-5F8CA5701CEA},cn=policies,cn=system,DC=corp,DC=contoso,DC=com
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] GPT :
    \\corp.contoso.com\SysVol\corp.contoso.com\Policies\{2F4BA886-E2FB-4217-AB9B-5F8CA5701CEA}\User
    2016-10-28 09:35:23.259 [pid=0x35c,tid=0x9a4] GPO Display Name : Users -
    Network Drives
     
    Wednesday, November 30, 2016 12:38 PM
  • Dear Martin

    Yes, I've enabled all debug levels. This GPO is applied to the malfunctioning clients.

    Wednesday, November 30, 2016 1:47 PM
  • > Yes, I've enabled all debug levels. This GPO is applied to the malfunctioning clients.
     
    Just to make sure - did you verify it applied to the client by running a RSoP report on the client? I've never seen the logging being broken in GPP before ?!?
     
    Wednesday, November 30, 2016 3:11 PM
  • Yes I've verified the policy is applied on the malfunctioning clients. I've also enabled netsh trace. I see this kind of events in the log but don't find anything online what they could mean. Do you have any clue?

    - <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    - <System>
      <Provider Name="Microsoft-Windows-Networking-Correlation" Guid="{83ed54f0-4d48-4e45-b16e-726ffd1fa4af}" /> 
      <EventID>60003</EventID> 
      <Version>0</Version> 
      <Level>1</Level> 
      <Task>0</Task> 
      <Opcode>9</Opcode> 
      <Keywords>0x8000000000000001</Keywords> 
      <TimeCreated SystemTime="2016-12-05T20:44:23.717598700Z" /> 
      <EventRecordID>98049</EventRecordID> 
      <Correlation RelatedActivityID="{367ABB81-02A0-0E18-1D00-000084B27D4E}" /> 
      <Execution ProcessID="3608" ThreadID="6484" ProcessorID="3" KernelTime="6" UserTime="14" /> 
      <Channel /> 
      <Computer>clientcomputer.domain.local</Computer> 
      <Security /> 
      </System>
    - <ProcessingErrorData>
      <ErrorCode>15005</ErrorCode> 
      <DataItemName>SourceProvider</DataItemName> 
      <EventPayload /> 
      </ProcessingErrorData>
      </Event>

    Monday, December 5, 2016 9:45 PM
  • > Do you have any clue?
     
    No - sorry...
     
    >   <ErrorCode>15005</ErrorCode>
     
    # for decimal 15005 / hex 0x3a9d :
      ERROR_ENTRY_PT_NOT_FOUND                                      netsh.h
      SQL_15005_severity_10                                         sql_err
    # Statistics for all tables have been updated.
      ERROR_EVT_EVENT_CHANNEL_MISMATCH                              winerror.h
    # The specified event was declared in the manifest to go a
    # different channel than the one this publisher handle is
    # bound to.
    # 3 matches found for "15005"
     
    Seems the 3rd match fits on the Error code, but I have absolutely no idea what this exactly means...
     
    Tuesday, December 6, 2016 1:41 PM
  • In case someone wonders: I've disabled MS RPC ALG on our physical firewalls and so far so good :).
    Monday, December 12, 2016 10:45 AM
  • Hi,
    Appreciate you for the update and share, it will be greatly helpful to others who have the same question.

    Best regards,
    Wendy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Wednesday, December 14, 2016 1:04 AM
    Moderator