MessageJoe, If you look under Machine\Adm Templates\System\Group Policy you will see there is a setting for slow Link detection. This does a ping to the Domain controller to determine the line speed. There are also individual policies for Registry Policy processing, IE maintenance etc. You can then set whether these will apply over a slow link. Be aware though that if the user is always running remotely, they will never get the policies applied. There is also a setting for slow link detection under User\ADM templates\System\Group Policy. Alan Cuthbertson Policy Management Software:- http://www.sysprosoft.com/index.php?ref=activedir&f=pol_summary.shtml ADM Template Editor:- http://www.sysprosoft.com/index.php?ref=activedir&f=adm_summary.shtml Policy Log Reporter(Free) http://www.sysprosoft.com/index.php?ref=activedir&f=policyreporter.shtml ----- Original Message ----- From: Attardo, Joe To: gptalk@xxxxxxxxxxxxx Sent: Friday, September 22, 2006 10:30 PM Subject: [gptalk] Re: Authentication Thanks Bart for you feedback. A little more information. We do not use roaming profiles. Is there a way I can get the login script to stop running so the users are not trying to map drives from remote locations? -----Original Message----- From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On Behalf Of bart.schillebeeks@xxxxxxxxxx Sent: Friday, September 22, 2006 5:57 AM To: gptalk@xxxxxxxxxxxxx Subject: [gptalk] Re: Authentication Hi, Logging on to a domain controller in another site shouldn't make a difference in GPO processing times as they are in that local site also (DC/sysvol). The gpo processing will check the version and will not apply unless there is a difference. What i'm suspecting is that you draw the roaming profile from their "home office" share over the wan. Also folder redirection to home folders on their "native" file server will slow it down cosiderably. The only way to solve this is to deploy DFS based file shares for home folders and profiles. Also make sure you son't delete local cached copies of their profile as this will also force GPO settings to reapply completely. Vriendelijke groeten, Cordialement, Kind Regards, Schillebeeks Bart Active Directory Security Consultant Small and Departmental Systems - NT Systems Fortis Bank Bart.schillebeeks@xxxxxxxxxxxxxx AD Internet Consulting BVBA Disclaimer: Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of any such entity.This Message is in no way legally binding and has to be viewed as a personal opinion of the sender. This message reflects in no way the views of FORTIS BANK and its associates and AD internet Consulting BVBA and its associates. Unless otherwise stated, any pricing information given in this message is indicative only, is subject to change and does not constitute an offer to deal at any price quoted. Any reference to the terms of executed transactions should be treated as preliminary only and subject to our formal written confirmation. AD Internet Consulting BVBA, Hezemeer 7, 2430 Eindhout-Laakdal ON:0470419019 www.adinternet.com mailto:Sales@xxxxxxxxxxxxxx -----Original Message----- From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On Behalf Of Attardo, Joe Sent: Friday, September 22, 2006 11:41 AM To: gptalk@xxxxxxxxxxxxx Subject: [gptalk] Authentication Good Morning, We have many people who travel to other offices as part of their jobs and the logon experience when they get there is painfully slow. Is there a way to set a policy so if a user authenticates to a domain controller away from their "home office" that they will not receive any policies such as a logon script or folder redirection. Any suggestions would be appreciated. Thanks, Joe