I am having the most frustrating problem because it appears to be random and inconsistent.
We have a Windows 2003 R2 server. There are 100 or so user accounts. A few weeks ago, one of the users logged in to a client computer running Windows XP (all our clients are still running XP) and immediately it logged her off. She tried repeatedly and it just kept logging her off. Sometimes it would get to displaying the desktop and then log off and other times it would just go through the log on dialogs and then start the log off dialogs right away. I didn't really have time to dig into it right then and she didn't urgently need to use the computer so I said I would fix it the next day. However, the next day when I went to replicate the problem so I could gather clues to fix it, her account would log in fine. I chalked it up to something being updated in Windows Update on the server or client and didn't give it further thought.
Then early this week, this same user had been logged in for most of the day. She logged out, and I asked her to log back in to check something for me and it started doing the immediate log off thing again. We tried her account on 18 computers and all but two of them booted her out immediately. The computer doesn't restart, it just bounces back to the ctrl-alt-del screen. As we were trying to figure out what was going on, which ones of the 18 computers she could log into changed. For a few minutes she'd be able to log into computers 1 and 2, then they would stop working for her and computers 7 and 12 might. This also affected another user that day. However, the next day both accounts worked fine again. I was hoping maybe it was just their accounts and I could recreate them but wanted to test out other users first to see if it happened with anyone else. Today, I had one user (not either one of the first two it happened to) report it. I'm guessing tomorrow his account will work fine.
Sometimes a dll error flashes briefly and when I managed to take a photo of it (gotta love smart phones with those build-in cameras) it is related to our anti-virus client. I am guessing since it doesn't appear every time that it only happens because the computer has already initialized the log off sequence and the error is a notification that the dll can't load because the computer is logging off.
Info about how these accounts are configured. They are set with roaming profiles and have group policies applied. This seems to have started after creating the group policies, but I can't be totally sure as we are a school and no one has used their accounts for months until this week and I created and applied the policies over this summer. The policies really don't do much aside from deploying the printers, locking the desktop and some other Windows cosmetic things like color schemes, and specifying what desktop to load for the group. Of the three users this has happened to, two of them use one policy and the third uses a different policy. So far I do not have any reports of it happening to users who only use the default policy or the faculty policy.
Solutions I've explored so far:
Virus - this just doesn't feel like the problem because of how random and inconsistent it is.
Missing usrinit.exe and other files missing from \System32\ - those files aren't missing from the clients in question and wouldn't explain why a client will not work for a while and then be fine later with no fixes applied
Corrupt user profiles on the server - I've deleted the server copy of the profiles, I did NOT however delete the local copies though I would suspect that if it were the local copies again the clients wouldn't just suddenly start to work with no fixes applied
I don't have any way to connect these vague clues to even search for and answer via Google. Someone please give me an idea of where to look, what is going on, and what to do about it.
We have a Windows 2003 R2 server. There are 100 or so user accounts. A few weeks ago, one of the users logged in to a client computer running Windows XP (all our clients are still running XP) and immediately it logged her off. She tried repeatedly and it just kept logging her off. Sometimes it would get to displaying the desktop and then log off and other times it would just go through the log on dialogs and then start the log off dialogs right away. I didn't really have time to dig into it right then and she didn't urgently need to use the computer so I said I would fix it the next day. However, the next day when I went to replicate the problem so I could gather clues to fix it, her account would log in fine. I chalked it up to something being updated in Windows Update on the server or client and didn't give it further thought.
Then early this week, this same user had been logged in for most of the day. She logged out, and I asked her to log back in to check something for me and it started doing the immediate log off thing again. We tried her account on 18 computers and all but two of them booted her out immediately. The computer doesn't restart, it just bounces back to the ctrl-alt-del screen. As we were trying to figure out what was going on, which ones of the 18 computers she could log into changed. For a few minutes she'd be able to log into computers 1 and 2, then they would stop working for her and computers 7 and 12 might. This also affected another user that day. However, the next day both accounts worked fine again. I was hoping maybe it was just their accounts and I could recreate them but wanted to test out other users first to see if it happened with anyone else. Today, I had one user (not either one of the first two it happened to) report it. I'm guessing tomorrow his account will work fine.
Sometimes a dll error flashes briefly and when I managed to take a photo of it (gotta love smart phones with those build-in cameras) it is related to our anti-virus client. I am guessing since it doesn't appear every time that it only happens because the computer has already initialized the log off sequence and the error is a notification that the dll can't load because the computer is logging off.
Info about how these accounts are configured. They are set with roaming profiles and have group policies applied. This seems to have started after creating the group policies, but I can't be totally sure as we are a school and no one has used their accounts for months until this week and I created and applied the policies over this summer. The policies really don't do much aside from deploying the printers, locking the desktop and some other Windows cosmetic things like color schemes, and specifying what desktop to load for the group. Of the three users this has happened to, two of them use one policy and the third uses a different policy. So far I do not have any reports of it happening to users who only use the default policy or the faculty policy.
Solutions I've explored so far:
Virus - this just doesn't feel like the problem because of how random and inconsistent it is.
Missing usrinit.exe and other files missing from \System32\ - those files aren't missing from the clients in question and wouldn't explain why a client will not work for a while and then be fine later with no fixes applied
Corrupt user profiles on the server - I've deleted the server copy of the profiles, I did NOT however delete the local copies though I would suspect that if it were the local copies again the clients wouldn't just suddenly start to work with no fixes applied
I don't have any way to connect these vague clues to even search for and answer via Google. Someone please give me an idea of where to look, what is going on, and what to do about it.