Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Web app running 50x slower on locked down Vista machine 2

Status
Not open for further replies.
zenenigma

zenenigma

Programmer
Apr 23, 2001
119
0
0
US
(Forgive my lack of code detail, I'm not the lead programmer, just working with what I know. I can ask him if there are questions about certain files/code he is using)

I'm doing testing on a web application my team has developed. It uses Microsoft.Net framework 2.0 - and downloads & runs the .NET 2.0 component when you click a button on the site. We have a separate executable that sets the fulltrust .NET framework access to our server (and checked that it's valid by using caspol -lg).

We've done testing on multiple machines, two of which is are images of XP and Vista that have their settings locked down by a group policy (FDCC image). I have the ability to change the locked settings


Performance:

Local PC XP (IE7) - shows up in under 10 seconds
Local PC Vista (IE7) - shows up in under 10 seconds
Locked down XP Image (IE7) - shows up in under 10 seconds
Locked down Vista Image (IE7) - <b>shows up in about 6 minutes</b>


I've gone through these steps to allow the component to run (though slowly for the locked down Vista):

1) Added our local server's web address to the "Trusted Sites" zone - the default is "Medium" security (which allows signed/unsigned components, high safety permissions for components w/ manifests)
2) Set the FIPSAlgorithmPolicy = 0 (until we can change Rijndael to TripleDES)


I've attempted to speed it up by:

1) Disabling Windows Firewall
2) Disabling UAC
3) Disabling Windows Defender
4) Disabling Protected Mode


What happens:

When the button on the site is clicked, the IE window basically freezes for 5-6 minutes. The progress bar at the bottom of the window looks stuck at about 5%. Then when it gets near 6 or so minutes, it immediately loads the component. I never get any errors.

On the unlocked Vista machine the component starts within 10 seconds of pressing the button.

When I check the Windows Security Log there multiple entries - but they seem to be all related to search indexing and license activation scheduler, nothing that seemed relating to the issue.


Any help would be appreciated. My next step is having the programmer look into the issue, but he's got so much on his plate I'm trying to be of some help.

-ZE
 
Sort by date Sort by votes
Are the hardware specifications, especially on the Networking side, different between the machines?

Can you test performance if you log on from "Safe Mode with Networking"?


Troubleshooting Group Policy Objects for Windows Vista

See if this type of program can identify any problems occurring during that 6 minutes?

Process Monitor v1.37

Also try the Server forums.
 
Upvote 0 Downvote
While running it again I noticed this in the Event Viewer/Windows Logs/Security (happens at the very end, right before the control is displayed):

1:58:37pm
A new process has been created.
New Process Name: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
Token Elevation Type: TokenElevationTypeDefault(1)

1:58:38pm
A new process has been created.
New Process Name:
C:\Windows\Microsoft.NET\Framework\v2.0.50727\csctres.exe
Token Elevation Type: TokenElevationTypeDefault(1)

 
Upvote 0 Downvote
Do you see those entries on your other machines? The significance of them is unknown to me. You could check this site to see if they have any relevance.


.NET Framework Tools

.NET Framework Configuration Tool (Mscorcfg.msc)


How to repair the .NET Framework 2.0 and 3.0 on Windows Vista
 
Upvote 0 Downvote
I'm sorting through the 57mb XML file that ProcessMon spit out over the 6 minute time frame. I have no idea what I'm looking for - any suggestions on what I can filter out so that it's a bit more managable?
 
Upvote 0 Downvote
Try your luck here where they have a dedicated forum.

I have no real experience with the program but I guess I would be looking at the Networking and .Net side of things.

If there is not a lot of drive activity during those 6 minutes that might in itself give you a clue as to what you can filter out. Can you pick up any repetitive entries from the log?

Does Task Manager highlight any excessive usage that you can concentrate on?

Sorry not much help, but that forum seems quite active and is probably a good place to check out.
 
Upvote 0 Downvote
I think you'd need to install a clean Vista image on that box first and ensure that the behavior isn't exhibited. Hardware/network issues?

Aside from that you might have to peel back policies one at a time hoping to find a single culprit. From there perhaps a workaround can be developed.
 
Upvote 0 Downvote
I'll be working on those suggestions this morning. As for the "clean Vista image", I'll see what I can do. The only images I have are the FDCC locked down Vista & XP images. The working Vista is a local machine - and I have no idea how close to clean it is. I'll keep an eye on the task manager to see if anything's hogging up the processor (other than IE7).


When looking through the logs, I see quite a few "Buffer Overflow"s and "FastIO" errors.

"Buffer Overflow" errors:
1) iexplore.exe is going a "RegQueryValue", however it's usually two Overflows followed by a "Success" (running the same command) about 0.0002 seconds later.

2) iexplore is going "IRP_MJ_QUERY_VOLUME_INFORMATION" (or "IRP_MJ_QUERY_INFORMATION").


"FASTIO" related errors:
1)<Operation>FASTIO_ACQUIRE_FOR_SECTION_SYNCHRONIZATION</Operation>
<Result>FILE LOCKED WITH ONLY READERS</Result>

2)<Operation>FASTIO_NETWORK_QUERY_OPEN</Operation>
<Result>FAST IO DISALLOWED</Result>


Thanks again for all your help guys. After some task manager reviewing and a few more ProcessMon reviews I'm going to start stripping security until I see some improvement. But keep up the suggestions. They're much appreciated.

-ZE
 
Upvote 0 Downvote
Is your machine on a network or not? If not, I bet it is some network-related code timing out.
 
Upvote 0 Downvote
Thank you all for your help, you were all on the right track with Networking. Star goes to Linney for his persistent and patient toleration of my unknowingness.

Evidently the FDCC image has several cross-certified certificates. These Vista CryptoAVI (CAPI) attempts to reach a retrieval URL for each certificate, which will timeout after 15 seconds.

The FDCC image was not part of our domain, and thus did not have outside internet access. With 25 or so certificates to cycle through, the total timeout delay was about 6.5 minutes (exactly the length of my freeze).

I tried both deleting the certificates (before I found the hotfix) and trying the hotfix once I found it. Both worked perfectly.

Technet Article:

The Windows Hotfix (which evidentaly has not been run on this image) disables the automatic cross-certificate retrieval functionality.

Article kb955805:

Thanks for all of your help. Hopefully this thread will help if someone else runs into the same problem.

-ZE
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

TrekBiker
  • Locked
  • Question
Version 23H2 preventing full shut down
Replies
5
Views
139
pjw001
pjw001
goombawaho
  • Locked
  • Question
Risk of running unsupported server version 1
Replies
7
Views
124
goombawaho
goombawaho
spamjim
  • Locked
  • Question
Sanitizing illegal filenames on NTFS volumes
Replies
2
Views
81
spamjim
spamjim
pjw001
  • Locked
  • Question
Programs not loading on Windows 11 Version 22H2.
Replies
9
Views
208
pjw001
pjw001
Flinx
  • Locked
  • Question
the SAGA of trying to get a computer to sleep and wake up on a schedule
Replies
1
Views
242
Flinx
Flinx

Part and Inventory Search

Sponsor

Back
Top