Installed in LDAP Credential Manager mode with DoNTAssoc set (i.e. user credentials from Windows log in are passed to NSL for behind the scenes authentication)
SecureLogin does not accept Windows credentials, fails to start seamlessly.
Microsoft logon notification components Winlogon.exe and MPNotify.exe do not notify SecureLogin's NLDAPAUT.DLL (or any other credential managers) that a successful Windows logon has occurred.
Problem only occurs on some workstations, and only occurs on the first login of the day. Workstations were locked or otherwise left running the night before.
Rebooting before logging in prevents the problem from occurring
1. Reconfigure the "expensive" background task to run at a different time. (See ācauseā below.)
2. Reduce the scope of the background task so it does not monopolize system resources to a degree that it causes problems in Winlogon.
3. Exclude Winlogon from the background task activity.
4. Upgrade the computer to Windows Vista or Windows 7. This problem has not been seen on newer operating systems. Winlogon calls MpNotify.exe in the same way on newer operating systems, but changes in memory management prevent this problem from occurring on Windows Vista or newer.
5. Run "empty.exe winlogon.exe" as a scheduled task shortly before the user is expected to login for the day. This frees the memory used by winlogon and allows it to call mpnotify.
Use perfmon to see what is interfering with Winlogon.exe. Configure perfmon logging as follows:
1. Click on Start -> Run and type āperfmonā
2. Expand āPerformance logs and alertsā. Click and highlight āCounter Logsā.
3. Right click on āCounter Logsā and choose āNew Log Settingsā
4. Type in a name for the log and click āOKā
5. Click on the button that reads āAdd Objectsā in the following window
6. Choose the following āObjectsā
Server work queues
7. Click the āCloseā button after adding all the objects.
8. Choose interval as 05 seconds
9. Click on the āLog Filesā tab across the top of the Window
10. Choose āBinary Circular Fileā in the drop down menu. Click on the āConfigureā Button. Set the maximum limit of 250 MB. Also choose appropriate location to save the log file ensuring that there is enough free space
11. Click on the āScheduleā tab and choose āManuallyā option under āStart Logā
12. Now right click on the log that you created and choose āStartā to start logging information.
13. Capture perfmon log for about 30-40 minutes at the time the problem occurs so that valid information will be captured regarding the issue.
You might need help from Microsoft to read the logs.
In this case perfmon indicated that naPrdMgr.exe and VsTskmgr.exe were interfering
with Winlogin. NaPrdMgr and VsTskmgr are both McAfee files.