question

Adamb-0026 avatar image
0 Votes"
Adamb-0026 asked FanFan-MSFT commented

Server 2012 R2 Logon Times

I have been having issues for the last few months with logon times in one datacenter. I have tried pretty much every RDP/Logon slow posting I could find but nothing is resolving it. Some bullet points below:

  • Has been occurring since late last year.

  • RDP to member servers is slow, to domain controllers are not having the issue.

  • Environment is fully patched. ( I even tried backing out all updates through Dec 2020 with no difference. )

  • Networking / DNS is good all domain tests come back PASS and local DNS has no errors.

  • Slow RDP logon occurs once every few hours based on usage of the server. So if I login slow and then logoff and right back on it is fine.

  • GPO seems to be processing fine in a gpresult

Found indicators of the slow logon. ( See timestamps )

 GPSVC(3c4.1220) 16:13:48:104 GPOThread(Machine)
 GPSVC(3c4.1220) 16:13:48:104 GPOThread: registering for NLA when GPService is running
 GPSVC(3c4.1220) 16:13:48:104 GPOThread(Machine): dwOffset=780000., dwTimeout=6180000.
 GPSVC(3c4.1220) 16:13:48:104 RecentlyResumed: dwNow=31843. dwSinceResume=31843. recentlyResumed=0.
 GPSVC(3c4.1220) 16:13:48:104 GPOThread(Machine): Waiting 6180000.
 GPSVC(1594.1598) 16:14:27:427 CGPNotify::RegisterForNotification: Entering with target Machine and event 0x224
 GPSVC(1594.1598) 16:14:27:427 CGPNotify::RegisterForNotification: Exiting with status = 0
 GPSVC(1594.1598) 16:14:27:427 CGPNotify::RegisterForNotification: Entering with target User and event 0x278
 GPSVC(1594.1598) 16:14:27:427 CGPNotify::RegisterForNotification: Exiting with status = 0
 GPSVC(3c4.7c4) 16:18:32:190 CGPEventSubSystem::GroupPolicyCreateSession::++ (SessionId: 2)
 GPSVC(3c4.7c4) 16:18:32:190 CGPApplicationService::CreateSessionEvent::++ (SessionId: 2)
 GPSVC(3c4.7c4) 16:18:32:190 CGPApplicationService::CheckAndCreateCriticalPolicySection.
 GPSVC(3c4.7c4) 16:18:32:190 User SID = MACHINE SID

Does anyone have any ideas?



windows-active-directoryremote-desktop-serviceswindows-group-policy
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

FanFan-MSFT avatar image
0 Votes"
FanFan-MSFT answered
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Adamb-0026 avatar image
0 Votes"
Adamb-0026 answered FanFan-MSFT commented

None of this seems to work in my situation.

  • Network topology - All server are on same esxi host on single local subnet.

  • Active Directory topology - Simple, no real special configuration. Have about 8 group policies hitting systems which include STIGs and firewall settings. Nothing changed recently.

  • User and computer group membership - Nothing special here either. Simple admin group assigned to each server for user permissions.

  • Operating System and service pack level - All servers are running on Server 2012 R2 fully updated directly from Microsoft update.

  • Installed Applications - I have thought of this and actually disabled all applications before a reboot.

  • Network bandwidth - It is all 10gbe networking and not having issues.

  • NIC driver - Has the latest vmware tools installed which includes the NIC drivers.

  • UserENV - This is all local no roaming profiles.

  • Network traces - Have performed numerous checks to domain controller for communication pathways. No latency or loss of data.

  • Group Policy information - Same as above about 8 GPOs per system with nothing that has changed within the last 6 months. Processing of gpresult shows all GPOs process within 4 - 5 seconds.

Delay on RDP login has been up to 15 minutes with an average around 5 - 6 minutes of just a black screen.

NLA is enabled so the delay is after domain authentication. No failed logins are found in Security log.

Many of the tools on there are for Windows 7 and server 2008, either way these of government systems and I can not install additional tooling like that.

The issue seems to be related just to RDP, local login via the VMware console works fine. I can even login to the VMware console and cache my profile that minute then try to login to RDP while still in the console and it takes forever. So it seems to be directly related to RDP in some way. Event viewer has no errors which would indicate an issue.

I am at a loss, any other ideas?





· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi,
Or you can try to Enabling debug logging for the Netlogon service
If there is no progress, I would suggest you contact Microsoft Customer Services and Support to get an efficient solution:
https://support.microsoft.com/en-in/hub/4343728/support-for-business

0 Votes 0 ·