Certainly good advice ~Eric. :)
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric Fleischman Sent: Wednesday, April 06, 2005 5:10 PM To: [email protected] Subject: RE: [ActiveDir] SLOWWWWWW Logons Staring a new thread from the original post, as I am going to address this from a troubleshooting methodology perspective, not a "take a swing and perhaps one hit out of the park" perspective. My approach to slow logon: 1) I always start with a userenv log (logging set to 10002). I then take the log, and begin looking for "gaps" of time in the log, to perhaps understand components that are being slow during user init. 2) If I don't immediately see an answer in the userenv, or at least a starting point (can go either way depending upon the case) I go with two pieces of data: userenv + network trace. Network trace can be tricky, given that you can't take it on the client....the client hasn't logged on yet. :) Typically, I take the client machine and throw it on a silly little hub, and on that hub also place another machine which I take a trace from. Start the trace (some larger buffer, say 50MB or so), then boot the client + log on to the client, and I don't usually stop the trace until the logon is complete. >From there, you can line up gaps of time in the userenv log to what was going over the wire. I find this approach more fruitful than just taking a trace and trying to guess where the problem is. ~Eric -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Wednesday, April 06, 2005 12:38 PM To: [email protected] Subject: [ActiveDir] SLOWWWWWW Logons I have two users amongst 50 in a remote site that no matter what PC they login to it takes forever, but if someone else logs into that PC, they log on quickly with no problems. I have already run netdiag and everything passed, I have deleted the local profile on the computer, disjoined and rejoined the domain, changed the network card, provided a different IP address, verified I can access \\domainname\sysvol\domainname and rebooted the PC as well as all the domain controllers and the routers inbetween the sites. No ports are being blocked by anything, no changes to policies have been done, no new servers have been made domain controllers and none have been demoted. There are two Global Catalogs in that AD Site, replications is working and I have not thrown the PC out the window yet. What else could be happening here? Justin A. Salandra MCSE Windows 2000 & 2003 Network and Technology Services Manager Catholic Healthcare System 212.752.7300 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
