Write a comment

A slow login can have many reasons, but with newer operating systems, the bloated registry appears to be popular. This short article describes the three most common reasons why the registry is bloated, sometimes massively slowing down logins. Here is the three-step cure when the registry is bloated.

Step1 The UFH start menu bug

Description
Shortcuts from the user's start menu are stored in the registry key, but due to a bug, the entries are added each time the user logs on, thus inflating the key. This can quickly result in thousands of entries. However, the entire key is also read out each time the user logs on, which can take up to minutes. 

This error became known with Windows 2008R2 and continues to exist with Windows Server 2016 and 2019.

Solution
To resolve the problem, delete the entire key via group policy at each logon and also exclude the key with the Citrix User Profile Manager.


References

 

Step 2. The notification bug

Description
This problem exists specifically with Microsoft FSLogix and can massively slow down the login. The registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Notifications is massively inflated. I did an export of the key for a customer and it was 30 MB in size! The explorer.exe process reads thousands of values from the Windows Push Notification Platform (WPN) and the Windows Notification Facility (WNF) during the user logon.

 

Solution
With FSLogix it is quite simple, because Microsoft has reacted to this and set a standard policy in the current FSLogix release CleanOutNotifications and automatically cleans up outdated entries.
Once again, the error can be rectified by simply deleting the key and creating it again. This can be done via a group policy or via Powershell commands:

Remove-Item "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Notifications" -Recurse 
New-Item "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Notifications"


References

 

Step 3. The firewall-rule bug

Description
With Windows Server 2016/2019, there is a bug that creates local firewall rules every time a user logs on. In the long term, this slows down the logon process, but can also cause the entire system to lose performance. This is often a matter of seconds in the interactive logon in Citrix Director.

Solution
Microsoft released an update for this in March 2019 (KB4490481), but a registry value must also be set manually! Addresses an issue that slows server performance or causes the server to stop responding because of numerous Windows firewall rules

HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy
DeleteUserAppContainersOnLogoff REG_DWORD = 0x00000001

In addition, there could already be thousands of rules and these also need to be cleaned up. The PoSh script below can be used for this.


References

Write comments...
or post as a guest
Loading comment... The comment will be refreshed after 00:00.

Be the first to comment.