Work@Home Slow User Logon „waiting for user profile service” approx. 1,5 to 2 minutes waiting
For notebook and desktop users who using credential caching policy for work@home and use the Azure VPN tunnel too, there is maybe some long logon time.
After type in credentials for the domain the user has to wait approx. 2 to 3 minutes before logging in completely with the message “waiting for user profile service”. In that case, there is no VPN connection established before logging in. All our DC's are in Azure Infra as IaaS. Clients are running Windows 10 & DC are 2016 Datacenter Server. We have Azure AD & AD Infra on Iaas in Azure & they do not sync with each other.
The behavior is starting approx. after 18.01.2021. The event viewer show nothing bad or waiting for some responses or timeouts a long time. We checked and had a look at changed domain policies or windows updates with no impact of our issue.
If you’re connecting through Cisco VPN and connect with VPN before logging in you’ll have no long login time because the domain controller is available. Here everything is fine.
I figured out first that this problem is solved if I delete the entry “Home Folder” in my AD object. Then I connect via Cisco VPN first and logon (normal logon time) – then I reboot and try connection without VPN before logon -> Login time is about 5 seconds. I change back to the entry in my AD object and logon time is still approx.. 2 minutes.
After boot I login with my AD Account: Ankit001 .
My Home Folder path is \\internaldomain.net\users\Controller__Data01\Ankit001\Homeshare.
If I change from DFS path to local fileserver path \\descspcwfs01.internaldomain.net\Controller_Data01$\Ankit001\Homeshare and connect first via Cisco VPN then reboot and login again with Ankit001 the login is fast (5 seconds).
If I change back to the DFS path and log in again through Cisco VPN, boot client and logon takes up to 2 minutes.
Then I put focus on DFS and username. In my constellation my Pre-Windows 2000 prefix is ankit001.internaldomain.net and User logon name (UPNP) is ankit.user@externaldomain.com . I try logging in without VPN with my UPNP ankit.user@externaldomain.com the logon time is about 5 seconds.
Logoff and try logging in without VPN with pre2000 name is about 2 minutes waiting time.
So I change back my UPNP from ankit.user@externaldomain.com to ankit001@internaldomain.net, boot and connect with Cisco VPN – login – boot and try logging in with no VPN connection takes 2 minutes.
Workaround for Azure VPN users who are using UPNP@externaldomain.com in User Logon Name:
1st – Login with UPNP firstname.lastname@externaldomain.com and not with Pre-Windows 2000 Logon Name
2nd – Change DFS to the local path in “home folder”. But that contains the possibility to login first through Cisco VPN and after change, you can use Azure VPN without long login
Seems that recently using pre2000 logon name in combination with DFS path in home folder path and credential caching to login without domain connectivity gets the long waiting time.
Do you have any idea about this logon time? This is affecting multiple locations.