Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 9 replies
  • Subscribers 5 subscribers
  • Views 6267 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Safeguard 5.4 0 Logon Delays

Planet_Uranus

We are experiencing logon delays of up to 30 seconds (including when a machine is locked / unlocked). This is not occurring on all of our machines, but on some which is causing our users inconvenience. Our environment is as follows:

OS - WinXP SP2
SafeGuard Enterprise client 5.40.0.152
SafeGuard Port Protector client 5.40
SafeGuard Client Configuration 5.40

We have tried changing the logon gina back to msgina.dll but this doesn’’’’t seem to work (keeps defaulting back to sggina.dll). Note: The PC’’’’s affected do NOT have any other software such as Checkpoint software which would interfere with the login process.

The machines do boot fine, there is unfortunately the delay is very noticeable delay at the login screen.

We thought that by changing the gina it may resolve this issue.

Note that we do not have Disk Encryption, only Data Exchange and Configuration Protection.

Cheers

Matt

:1427


This thread was automatically locked due to age.
  • 0

    Hi Matt,

    Thanks for joining the SophosTalk community and posting your question.

    After reading your post it looks like you have been trying a few things. Did you try KBA 108998 ?

    Please let us know your results so others can benefit.

    :1430
  • 0

    Thanks for the reply, David.

    We tried the changes as per the KB article, but it has made no difference.  I have since removed the Data Exchange via the Add/Remove programs and this has not made a differnce either.

    One thing to point out is that the problems appear to have started after the policy was recived from the server.  The same policy is out on a few hundred other workstations without problem but for a handful the logon is impacted.

    Any further ideas?

    thank agin

    Matt

    :1448
  • 0

    You're welcome Planet_Uranus,

    I wish I could provide you with a silver bullet but logon delays are tricky to diagnose over a forum such as this. Since you are only experiencing the delay on a small number of devices, it is clear that the delay is related to those systems. Quickly off the top of my head here are some things to look at:

    1. Are the policies the same for the computers experience the delay compared to the one that are not? Don't dismiss a small difference.

    2. Are they based on the same image or are their differences related to additonal services starting?

    3. DNS baked into the image. (see below)

    4. The list goes on.

    I worked with a customer a couple years ago that experienced logon delays over 6 minutes on some computers and not others. After going through the stop watch tests, then digging through the Windows Event logs, we found an error which was always around system startup. I forgot the error code (this was a long while ago) but it was related to a DNS failure pointing to a decommissioned Domain Controller! The old DC was baked into the image, taken offline, but the clients weren't updated. The net result was that the clients had to wait for DNS to timeout before trying another DC. They updated the registry with a the correct DC and the logon delay was resolved.

    If none of these items help you out, please contact Sophos Technical Support so they can boil the issue down to the root cause.

    :1495
  • 0

    Hi David

    Thanks for the reply.  I can confirm the following:

    1. The policies are identical for the computers experience the delay (i.e. the same for theose that do not)
    2. All images are the same (with problems / without problems).  Safegaurd is applied consistently via the same sript using the same account for all workstations within our environment.
    3. DNS is not a problem; again consistent settings for all workstations.

    Most of the machines (I can't say all) appear to be Dell GX620s although there are many many more in our environment without the issue.  Here are a few things I've tried since the last post:

    1. With and without the Data Exchnage module - no differnece.
    2. Installing the 5.40.0 client only (i.e. no patch) - no difference.
    3. Removing our Sophos AV - no difference.

    One other thing to note, if I logon using a local account the logon goes from ~45 seconds to <2 seconds!!

    Any more ideas??

    Cheers

    Matt

    :1499
  • 0

    ....a couple of other updates on the above.

    We have updated the BIOS on a machine which has the problem; this did not fix the problem.

    One other thing we've notified is the Default Policies are set for both the Authenticated Users and Authenticated Machines.  Was wondering if this may make a difference seeing as if we logon locally the problem goes away??

    Matt

    :1501
  • 0

    You pointed us in the right direction, by un-checking the “Append parent suffixes to the primary DNS suffixes” in the Advanced DNS settings resolved this particular issue. 

    This is a site-specific problem and something that onlty came to the fore when we installed SafeGuard.

    Cheers

    Matt

    :1511
  • 0

    Planet_Uranus,

    Thanks for posting your findings and the resolution for everyone else to benefit from. I'm curious to know, what is your current logon duration after the fix? For example, was there a gain from 30 seconds to 5 seconds?

    Also, have you noticed if any other applications have benefited from the DNS change?

    :1538
  • 0

    Hi David

    Login time - on one particular computer - was reduced from 45 seconds to <10 seconds.  Much improvement.  (Without checking) I suspect that most PCs in our environment have a login time of around 5 - 10 seconds and we may reduce this down by a one or two seconds.

    Another factor with login time appears to be how our AV (Sophos) is set-up.  We are looking at making the changes as per you KB below as performance has dropped significantly on some machines since installing SGN.

    http://www.sophos.com/support/knowledgebase/article/14245.html

    Thanks again

    Matt

    :1551
  • 0

    Matt - where is the Advanced DNS setting you refer to - on the machine, in the image or on the DNS server?? We've had similar issues and have been trying to fix it.

    :9211
Unfiltered HTML