Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, March 14, 2019 4:35 PM
Hi all,
I have a customer complains of slow login to domain issue for Windows 10 machines, this issue started 10 days ago, the machines, random clients working with OS Windows 10 suffer the slow logon from 2 or 3 minutes to 10 and some even more.
We did the below:
1. Disabled all non-Microsoft services, same issue
2. Removed\disabled all security controls in AD servers like Symantec, Fire Eye, Microsoft ATA gateway, splunk services, etc.. same issue
3. We build new DC and force client to authenticate against that DC, same issue.
4. We connected one DC to the same switch as the client and in same vlan, same issue
5. We checked all events, logs, netlogin, etc.. in AD, no errors...
We end up logging a case with MS, they collected the logs from a client suffers from the issue and currently investigating them.
However I found one interesting thing, which is if the client has direct internet access -no proxy in browser- login is fast, in 4-6 seconds only, but if the machine has the proxy, login takes long time. I did the below tests:
- Once we connected the laptop to direct internet access (without proxy), the client logged in to domain in 4-6 seconds only, we noticed that the client is trying to connect to Microsoft online services (OneDrive, Cortana, etc.…); we found that by running command: netstat -ano and observing the results.
- After we did the test in point 1 above, we did the following tests: Connect back the machine to use proxy with no direct internet access, user still login normally (4-6 seconds) to the machine. We removed internet access totally (no proxy, no direct internet access) from the machine, user still login normally (4-6 seconds) to the machine.
So it seems the windows client is trying to connect to Microsoft online services during the login to domain at least one time, if it got successful, it will login normally, even after you remove the access to those online services IPs, the machine still login normally, but long login time behavior comes back after a while.
Would you please let us know if this behavior is normal or not? I mean we need to know the root cause for why Windows 10 client is trying to connect to Microsoft Online Services (OneDrive, Cortana, etc.) during logging to domain.
Please note that our customer cannot allow direct internet access to the user machines in their proxy, thier proxy is ZScalar.
All replies (7)
Friday, March 15, 2019 9:24 AM
Hi,
Thank you for posting here.
Based on my knowledge, loading service like OneDrive is one of logon process.
Would you please check if the always wait for the network at computer startup and logon policy is enabled or not? (navigate to computer configuration->administrative templates->system->logon)
In addition, sorry that root cause is not supported by forum. You may need to submit a case for this.
The following is a link in the case of submission:
https://support.microsoft.com/en-us/gp/contactus81?forceorigin=esmc&Audience=Commercial&wa=wsignin1.
Best regards,
Lavilian
Please remember to mark the replies as answers if they help and unmark them if they provide no help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Monday, March 18, 2019 6:59 AM
Hi,
Just checking in to see if the information provided above was helpful. Please let us know if you would like further assistance.
Best Regards,
Lavilian
Please remember to mark the replies as answers if they help and unmark them if they provide no help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Monday, March 18, 2019 7:03 AM
Hi,
Just checking in to see if the information provided above was helpful. Please let us know if you would like further assistance.
Best Regards,
Lavilian
Please remember to mark the replies as answers if they help and unmark them if they provide no help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Hi,
I disabled OneDive and Cortana but same issue..I checked the setting you mentioned, it is not configured by policy
Tuesday, March 19, 2019 9:12 AM
Hi,
Thank you for your reply.
Unfortunately I get no thoughts so far although I consulted other colleagues.
If it is not urgent, would you mind my changing this from question to general discussion to wait for other community members sharing different opinions?
Best regards,
Lavilian
Please remember to mark the replies as answers if they help and unmark them if they provide no help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Tuesday, March 19, 2019 9:16 AM
Hi,
Thank you for your reply.
Unfortunately I get no thoughts so far although I consulted other colleagues.
If it is not urgent, would you mind my changing this from question to general discussion to wait for other community members sharing different opinions?
Best regards,
Lavilian
Please remember to mark the replies as answers if they help and unmark them if they provide no help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Thanks, sure you can change it to general discussion.
Just want to share Microsoft support last update as we logged a ticket, they asked to configure system-wide static proxy for one affected machine with the customer proxy IP (zscalar) and test, we did this and issue is gone!..but we cannot keep this enabled as
most of the machines are laptops and users take their laptops to home.
How is this related to domain login issue is not clear for us yet, consider there is no internet for users, why login to domain is dependent in this case on the proxy\internet?
Wednesday, March 20, 2019 9:16 AM
Hi,
Appreciate your understanding very much.
I've changed this post into general discussion.
Assume logon is stuck at the interface of loading those services, and the workaround is related to proxy/internet, having it asked in network forum might be a sally port.
Also hope other community members who are of different opinions join into the discussion here.
Best regards,
Lavilian
Please remember to mark the replies as answers if they help and unmark them if they provide no help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Thursday, September 12, 2019 10:07 AM
I have a similar situation.
The notebook is domain joined. When connected to the domain network, it is stuck at the welcome message. But when WIFI and LAN is disconnected it logs in fine. I did rejoin the laptop to no avail. I did check the above mentioned suggestions.
We are in process of migration from an old 2008 server to 2016, the new DC is online but not active yet.
Non of the other 15 nodes have these symptoms.