Update: Logon GPO Analysis via PowerShell

End-user happiness would decrease exponentially if your end-user had enough time to make a cup of joe while logging on.  Therefore, a crucial part of a good end-user experience is keeping logon times short.

Part of your job as a SysAdmin is to make sure that the logon sequence, including authorization, profile load, shell initialization and Group Policy processing, is smooth and quick.

Often, Group Policy is to blame for slowing down the overall logon process.  Group Policy is actually sending instructions to Client-Side Extensions (CSEs), .dll files which reside on the client itself, over the domain to make changes to the workstation accordingly.  Each CSE is in charge of a different policy type.  With so many working parts it is usually one or many CSEs creating a rupture in the Group Policy process and significantly increasing logon time.

In order to simplify the process of troubleshooting long Group Policy load times, we have created a PowerShell script that shows all CSEs used during the logon process with their respective processing times.

The steps the script takes are as follows*:

  1. Query the Group Policy event log for event ID 4001 that contains the username if specified, or else the running user username is delivered
  2. Get the Activity ID value from the most recent 4001 event
  3. Query the Group Policy event log for event IDs 4016, 5016, 6016 and 7016 with correlation to the specified Activity ID
  4. Display the event properties that include the CSE name, load time and GPO name

When running the PowerShell function with the username parameter the output will be similar to what you see here:

In this specific example, it took a total of 45 seconds for the Group Policy process which is extremely slow.  Within this process you can see that the ‘Group Policy Drive Maps’ CSE took over 34 seconds and therefore needs further investigation.

Click here to copy the PowerShell code.

Script Based Actions with ControlUp

The same operation explained above can be executed simply within ControlUp.  Once the console is open you take the script from the SBA repository, add it to your organization inventory and execute through a remote connection from a central location over different machines and sessions. Watch this video to see how easy it is to use SBAs with ControlUp:

Get to know ControlUp today and learn how its many features can help you provide a superior end-user experience.  Give ControlUp a go with a 30-day free trial.

* Local admin privileges are needed to query the Group Policy event log.