locked
Windows 7 slow login off domain RRS feed

  • Question

  • My windows 7 client takes an exceedingly long time to login when off domain.  The welcome screen remains on for close to a minute whether from a fresh boot or simplying logging back into the user account from an already booted machine.  This only occurs when off domain and is not fixed by updating the desktop to a .jpg.  I do not have a roaming profile but we do use gpo login scripts.  This happens whether network drives are mapped or not.  I've performed some boot tracing (below) which shows the long delay but now what?

     

    Thursday, October 27, 2011 12:26 PM

Answers

All replies

  • Hi, it's a login problem not a shutdown problem nor a boot problem.  Thanks
    Thursday, October 27, 2011 12:43 PM
  • Hi, On domain it's fast so the network is responding quickly. The login is slow when I am NOT on the domain. The trace looks like it is waiting for something but I don't know what it's waiting for
    Thursday, October 27, 2011 1:03 PM
  • cohenjsc wrote:

    My windows 7 client takes an exceedingly long time to login when off
    domain.  The welcome screen remains on for close to a minute whether
    from a fresh boot or simplying logging back into the user account
    from an already booted machine.  This only occurs when off domain and
    is not fixed by updating the desktop to a .jpg.  I do not have a
    roaming profile but we do use gpo login scripts.  This happens
    whether network drives are mapped or not.  I've performed some boot
    tracing (below) which shows the long delay but now what?

     

    <http://social.microsoft.com/Forums/getfile/27215/>

    If your machine is joined to the domain it will always try to
    authenticate to the domain, read GPs, scripts, etc.. As your domain is
    not reachable, you have to wait till the search for the domain times
    out several times, till Windows falls back to local authentication via
    cached credentials. Depending on the structure of the non-domain
    network, it can take quite a while, till this occurs.

    I therefore never join laptops, which are used without domain
    connection frequently, to the domain - instead I put a "logon" script
    equivalent onto the desktop of the laptop, which can be run if
    connected to the domain, to connect to the domain and get drives mapped
    and settings applied, which you need to work in the domain. That way
    you are much quicker up outside of the domain - and can use the domain
    resources if connected with one fingertip.


    Wolfgang
    Thursday, October 27, 2011 3:08 PM
  • Does this help?

    How to enable user environment debug logging in retail builds of Windows

    http://support.microsoft.com/kb/221833

     


    • Edited by JS2010 Wednesday, June 5, 2013 6:48 PM
    Friday, October 28, 2011 3:51 PM
  • Thanks but that doesn't appear to work in windows 7. Any other ideas?
    Saturday, October 29, 2011 9:19 PM
  • if they are off the domain, simply log into the machine and create a new user account.

    Login as the new user.. is it still slow to log in?

     

    if so try running gpupdate /force from the cmd prompt. or add then remove from the domain again.

    What Firewall are you running and what is the AV?


    Also, try http://www.thetechgroup.com.au/forum/1/, it worked for me!
    _____________________________________________________
    Real Engineers, Real Problems, Real Solutions
    www.thetechgroup.com.au
    Monday, October 31, 2011 5:56 AM
  • We have experienced the same behavior in our environment.  Like WolfP stated, the machine is attempting to authenticate by reaching a domain controller.  The timeout appears to be a long time and can be annoying.  We have noticed that if the machine doesn't have an active network connection, it will skip the check completely and immediately use cached credentials (if there are any).  All our Dell Latitude laptops have hardware switches for enabling/disabling the wireless adapter.  We tell our laptop users that if they are performing a cold boot off-site to slide the switch to the off position before booting.  As soon as they get to their desktop, they slide it back over and go about their merry way.  Of course, they can't have an ethernet cable plugged in either for this to work.

    The other solution, which is probably the best, is to setup Direct Access.  Not only would that alleviate the slow offsite domain login times, but users would have access to their network resources!

    • Marked as answer by Niki Han Friday, November 4, 2011 1:49 AM
    • Unmarked as answer by cohenjsc Friday, November 4, 2011 3:45 PM
    Wednesday, November 2, 2011 9:01 PM
  • Hi disk2

     

    Unfortunately the problem presents itself even if i dont have any active network connections (no ethernet cable and wifi switch disabled).  The machine still sits at the wait screen for the 50 seconds before the local credentials are used.  It's a very perplexing problem..The client is clearly looking for something from the DC for a long time....Any help would be appreciated

    Friday, November 4, 2011 3:48 PM
  • cohenjsc wrote:

    Hi disk2

     

    Unfortunately the problem presents itself even if i dont have any
    active network connections (no ethernet cable and wifi switch
    disabled).  The machine still sits at the wait screen for the 50
    seconds before the local credentials are used.  It's a very
    perplexing problem..The client is clearly looking for something from
    the DC for a long time....Any help would be appreciated

    And you don't have any other internal network adapters like e.g.
    virtual network adapters for virtual machines on this machine?


    Wolfgang
    Friday, November 4, 2011 4:31 PM
  • Hi Wolfgang,

    I have a bluetooth, Cisco VPN client and Sonic Wall net extender adapters all which show disconnected.  There is a virtual machine running XP on this client but it is not running at login or boot time

    Tuesday, November 8, 2011 4:10 PM
  • cohenjsc wrote:

    Hi Wolfgang,

    I have a bluetooth, Cisco VPN client and Sonic Wall net extender
    adapters all which show disconnected.  There is a virtual machine
    running XP on this client but it is not running at login or boot time

    Yes but you have a virtual network adapter, to which this virtual
    machine can connect. That counts as a connected network adapter for the
    Domain logon.

    If I were in your situation I'd create a local user with administrative
    rights (otherwise it is complicated to access resources of the Domain
    user) and logon as that user, if I were offsite.

    Even Direct Access will not help you if you have no Internet Access
    from a particular location.


    Wolfgang
    Tuesday, November 8, 2011 4:46 PM
  •  I'm still trying to fix this problem and there are no real helpfull hints posted here.  
    Monday, December 3, 2012 12:39 PM
  • Dragos Ionescu wrote:

     I'm still trying to fix this problem and there are no real helpfull
    hints posted here.  

    If you have a virtual network adapter try to set the NDISdevicetype to
    an endpoint device (look e.g. here for info on how to do this:
    http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd
    =displayKC&externalId=1004813) and see if that helps.


    Wolfgang
    Tuesday, December 4, 2012 10:14 PM
  • None of these responses addresses the problem at all, english almost seems like a second language to some of theses commenters. The firewall and other remote connections have nothing to do with it. The client is searching for a connection to the domain controller and it goes thru a full cycle of attempts before it brings up the login screen.

    I read that the GPO "Slow link detection" can be added to the logon policy which bypasses the normal login routine if the domain controller cannot be reached at a minimum speed. If this policy is effective it should also detect if there is no connection to the domain controller and continue to local credentials with a nominal wait.

    10
    • Proposed as answer by sysrik Friday, March 8, 2013 3:44 PM
    Wednesday, February 13, 2013 12:59 AM
  • hi 

    i got the same issue and none of the answers address the issue (its either a bug or configurable ) 

    except the last response below .

    no success yet

    please update if you managed to fix it

    BR

    Arik 

    Friday, March 8, 2013 3:44 PM
  • Hi there,

    Similar story here. One of my satellite office employees experiences the same thing when logging to his laptop from home. (Sonicwall here too)

    I tried (from random reading) changing Local GPOs ( GPO1 , GPO2 ) with no success.

    The funny thing is I have no such issue with my own work laptop, exactly the same as the satellite office employees config.

    I wonder whether the fact that we (me and the other employee) reside at two different physical sites, and use local DCs to authenticate whenever we ARE connected to the domain, has anything to do with this.

    UPDATE: I was wrong, my machine also experiences a long time at the "welcome" screen. Well, maybe not as long, but still uncomfortable.

    • Edited by Multra Wednesday, June 5, 2013 4:41 PM
    Wednesday, June 5, 2013 5:45 AM
  • I have exactly the same issue. The thing is, I didn't used to, my laptop worked perfectly off domain for over a year, it suddenly developed this problem about 8 months ago, I suspect down to a windows update as nothing else has changed about the machine.

    Worse, when off domain I can now longer compile applications in Visual Studio, it seems to run but then times out and errors in the final stage (it may work about 1 in 20 attempts).

    To me this all indicates that there is something fundamental that has changed in the OS but I've got no idea what. Like many here I have trawled various forums for hours without being any nearer to finding an answer.


    Monday, July 14, 2014 2:04 PM
  • I have exactly the same problem! I have two Dell Latitude laptops one E5410 and one E7440 and both have the same problem that they wait 10-20 minutes after logon before I can start using windows when I'm not connected to the local domain. When connected they boot immediatly. Whe are using many of these laptops and I'm the only one with this problem. When I disable all the network adapters in the configuration screen they boot immediatly when off the network. When Wifi is enabled in the control panel but disabled with the switch it will not boot. Also when only Lan connection enabled but not connected it will also not boot fast. So all network connections must be turned off when not connected to the network to boot normally.

    I also have network drives connected..

    Interesting is that the E5410 is 32bit windows 7 professional and the E7440 is x64 W7 Enterprise. When we made an identical installation on also a new E7440 the problem was not occuring until I installed LabView 2013 and Autodesk Inventor LT suite 2015. So probably the software installed makes a change in some settings..

    Also interesting was that when I was off the network and I signed in the first time with a new account it started immediatly. When logged in with the same account on the network it worked and then off the network again it failed. So it looks a conflict in the domain settings applied to the computer with the software installed... When I turned off in the MSConfig all the startup things except windows services it still fails to boot when off the network..

    how to solve this?



    • Edited by Cor Kuin Wednesday, July 30, 2014 7:46 AM
    • Proposed as answer by Matt J Johnson Monday, April 15, 2019 2:30 PM
    Tuesday, July 29, 2014 3:16 PM
  • Same issue here.

    Domain joined machine (W7 Ent) with quick logon when connected to the domain.

    When off the domain, the logon seems to hang.  I left it 7 minutes before powering it off.  In the Event Log, we see:

    0 mins: Event 27 : network link disconnected

    0 mins: Event 5719 : NETLOGON - unable to set up a secure session with DC

    0 mins: Event 1129 Group Policy processing failed because of lack of network connectivity to a domain controller)

    0 mins: Event 26017 : Windows Event Log Provider is 8207 minutes behind in processing events  (seems to be related to Windows Intune - trial subscription has ended)

    1 mins: Event 37 : The speed of processor 0 in group 0 is being limited by firmware. The processor has been in this reduced state for 71 seconds  (repeats for 3 other processors)

    2 mins: Event 10 : Event filter with query...could not be reactivated because of error 0x80041003.  

    2 mins: Event 21402 : Forced to terminate the following process because it ran past configured timeout of 120 seconds (also related to Windows Intune)

    I'll be opening a call with Windows Intune to see if an expired trial subscription could cause this behaviour, but since this thread describes the problem we are seeing, just wanted to add in details of our situation.

    Tuesday, August 5, 2014 10:05 AM