EThere can be many reasons for a slow login, but with newer operating systems, it seems that the bloated registry to be popular. This short article describes the the three most common reasons, Why the registry is bloated and, as a result, can significantly slow down the login process. Here is a three-step solution if your registry is bloated.
The UFH Start Menu Bug
Description
The registry key stores shortcuts from the user's Start menu, but due to a bug, the entries are added again every time the user logs in, causing the key to grow larger and larger. This can quickly result in thousands of entries. However, the entire registry key is also read every time the user logs in, which takes increasingly longer—sometimes up to several minutes.
This error occurred in Windows 2008 R2 is well-known and continues to exist with Windows Server 2016 and 2019.
Solution
To resolve the issue, delete the entire key via Group Policy at each login and also exclude the key using Citrix UPM.
References
- Slow logon with a blank screen in Windows 7 or Windows 8.1
https://docs.microsoft.com/en-us/troubleshoot/windows-client/user-profiles-and-logon/slow-logon-with-blank-screen - Slow Logon with a Black Screen in XenDesktop Server VDA
https://support.citrix.com/article/CTX212905
The Notification Bug
Description
This problem occurs specifically with Microsoft FSLogix and can significantly slow down the login process. This involves the registration key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Notifications massively bloated. I exported the key for one customer, and it was 30 MB in size! During user logon, the explorer.exe process reads thousands of values from the Windows Push Notification Platform (WPN) and the Windows Notification Facility (WNF).
Solution
With FSLogix, it's quite simple, because Microsoft has addressed this issue and included a default policy in the latest FSLogix release CleanOutNotifications and automatically cleans up outdated entries. Once again, however, the issue can also be resolved by simply deleting the key and recreating it. This can be done via a Group Policy or using PowerShell commands:
Remove-Item "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Notifications" -Recurse New item "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Notifications"
References
- Registry bloat causes slow logons or the "insufficient system resources" error (0x800705AA) in Windows 8.1
https://support.microsoft.com/en-us/topic/registry-bloat-causes-slow-logons
The Firewall Rules Bug
Description
Windows Server 2016/2019 has a bug that creates local firewall rules every time a user logs in. Over time, this slows down the login process and can also cause the entire system to lose performance. This often adds a few seconds to the interactive login process in Citrix Director.
Solution
Microsoft released an update for this in March 2019 (KB4490481), but you also need to manually set a registry value!
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicyDeleteUserAppContainersOnLogoff REG_DWORD = 0x00000001
In addition, there may already be thousands of rules in place, and those need to be cleaned up as well. The PoSh script below can be used for this purpose.
References
- March 26, 2019—KB4490481 (OS Build 17763.402)
https://support.microsoft.com/en-us/help/4490481/windows-10-update-kb4490481 - Removes unwanted FW rules:
https://github.com/Koetzing/Powershell-Scripts/blob/main/ClearFWRules.ps1
