18 years ago, I had written several pages about the Windows logon and how to speed up and optimize the logon. Today the logon is still a problem, and just some days ago, I helped a customer solve his slow logon issue.
I compiled a small list of common logon issues and how to solve them. Let me know if it helped you too!
List of common logon issues
|
|
The UFH registry key bug
Description The key stores' links from the user start menu, but the same keys are added with each user logon due to a bug. The enumaration of the key during Logon can lead to thousands of entries and slow down the Logon even by minutes. Since the delay depends on how often users log in, it can be different for users, some really slow, some slow and some normal.
The bug started with Windows 2008R2, and I have seen it last with server 2016 and 2019.
Solve To solve the issue delete the wohle key at logon by group policy and exclude it with Citrix UPM
References
|
|
|
|
|
|
|
|
Citrix UPM and the App Readiness service
Description Microsoft introduced this new service "App Readiness" to: "Gets apps ready for use the first time a user signs in to this PC and when adding new apps". On multi-user systems, the service is useless. Nevertheless, Citrix UPM was deleting that service's registry entries and led to slow or even stuck Logon, usually for minutes a black screen.
Solve On multi-user systems, disable the App Readiness service by group policy.
References
|
|
|
|
|
|
|
|
Recent Windows and Office files
Description Recent files of Windows and Office are store in tiny files in the user profile. Those files are hidden and can become thousands of them. You can limit the "view" of recent files, but that doesn't mean old ones are deleted! How many recent files depends on each user, and therefore login can be very slow (minutes) to normal. It also seems to be a bug because I only have seen it with some customers. In Citrix Director you will see a vast gap when you add the single times (gpo + profile + scripts...) to the total time.
Solve You usually cannot delete those files because users like to have at least the last twenty recent files. I used a script that deleted files "older than" and runs at night over the profile share.
|
|
|
|
|
|
|
|
The firewall rules bug
Description With Windows server 2016/2019, a bug adds firewall rules each time a user logs on. The growing firewall rules will slow down the Logon (minutes to seconds) and decrease the total server performance.
Solve Microsoft has released an update in March 2019 (KB4490481), but you must set a registry key to activate the fix!
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy
DeleteUserAppContainersOnLogoff REG_DWORD = 0x00000001
Even with the Hotfix, you might already have thousands of unwanted firewall rules that still slow everything down. For that, use the attached PoSh script to clean up the unwanted rules.
References
|
|
|
|
|
|
|
|
GPO with dead drives or network printer
Description When you map network drives or network shares with group policies, but the shared printer is not available, the login is usually delayed around 30 seconds.
Solve You must find the "dead" printers or shares and remove them from the GPO. Check the event log for group policy to find the not available objects.
|
|
|
|
|
|