Issue: you are getting complaints from some or all users that their logon’s are slow in a MS Active Directory environment
1) Are you using roaming profiles
2) Do you have multiple sites
Solutions and what to look at:
If you are using roaming profiles, check the following:
– profile size of the end user, to check this open properties of the end users profile folder on the server. If it is large, use treesize or another tool to see what is taking up all the space in the profile. Research common files to exclude from roaming profiles. Consider renaming the profile when the end user is logged off which will generate a fresh new profile (be prepared to re-create some settings for the end user). If you rename their roaming profile you will want to also rename the profile on their local desktop and any terminal server C:\Users so that the bloated local profile anywhere the user logs on does not get copied back up to the server.
Verify that Active Directory Sites and Services is populated correctly. In a nutshell any location that is across a slow WAN link from another location should be considered a site. That said if there is no Domain Controller (DC) in the remote location then you may leave it part of whichever site it is closest to or has the fastest connection to. Make sure the IP address ranges are populated in AD Sites and Services so that end user devices home to the correct site.
Determine which DC a user is logging onto when they experience slow logon:
For this I use: start, run, %logonserver%, hit enter. This will show you the DC the user logged onto, this may give you a clue if this DC is cross site that could contribute to a slow logon and would indicate issues with AD Sites and Services.
Lastly, check the event log of the workstation as well as event log of the DC that the slow logon user was using.