Geeks With Blogs
Cajun MCSE MS technology down on the bayou

Recently, I had an enterprise customer who was experiencing intermittent and random slow logins across the network by users with Windows XP workstations on a Windows 2003 network.  The customer had been fighting this issue for over 2 years and had allocated plenty of different resources towards it throughout that time frame. 

Upon first diagnosing the issue, corrupt profiles, corrupt group policy objects, or even network infrastructure all came to mind.  The first course of action was to actually find a user who was experiencing the issue with some regularity and to enable verbose logging for the user environment during logon.  

To enable verbose logging of the user environment, you have make a registry change.

Insert warning about editing the windows registry and the potential harm it can cause nonsense here


Create a DWORD entry UserEnvDebugLevel at
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon .

Set the value of UserEnvDebugLevel to 0x00000002 (hexidecimal)


For anyone who’s ever looked at a verbose log for the first time and tried to make sense of it, it might as well  be written in ancient Sanskrit.  Thankfully Microsoft’s Directory Services team has a great post about making sense of a verbose user environment log here: Understanding How to Read a Userenv Log

After reviewing the logs of a few login attempts, I ran across the infamous Failed to Impersonate User 5 error.  This is a pretty common userenv error and can be extremely difficult to track down because it has so many causes.  Possible causes are

  • DNS Issues either with the DNS server itself or on the workstation (The most common culprit)
  • Group policy issues with with permissions or file corruption
  • Network communication between the workstation and active directory
  • Flaky SPN for the computer
  • Trust relationship between the computer and the domain


In the next part, I’ll go through the troubleshooting process.

Posted on Thursday, November 5, 2009 11:02 AM Windows Networking | Back to top

Comments on this post: Battling Slow Login Issues

# re: Battling Slow Login Issues
Requesting Gravatar...
we have the same issue and have been working on a solution for over 2 years now. we have isolated the problem to either the router module on the cisco cat 6500, Cisco 7400 router or individual switches. If we plug into the Cisco 6500 switch blade that the pdc is on everything works great. 15 sec login times. If we go back to any of the other switches that are all on different vlans we see 2 to 10 minute logons. It seems to be worse if the machines are turned off over night. we have built a completly new domain and users without any login scripts or group policies and still have the same issues. Any suggestions would be greatly appreciated.
Left by Jason T on May 06, 2010 5:02 PM

Your comment:
 (will show your gravatar)

Copyright © Ryan Roussel | Powered by: