I’ve been dealing with an issue of when I log in to my workstation, that is the standard domain based AD server log in, it takes so long for DUO to send me a push notification to authenticate using my phone that Windows has timed out and even if I approve the login using the mobile app, I have to log in again. The second time is most often then not successful, although I have at times had the login timeout twice in a row.
I know there are a few things Windows wise we could do, such as setting the login timeout timer to a larger value in the registry keys. We have also tried ensuring that the system is up to date on drivers, BIOS, Windows updates, etc. just to be safe. Lastly we disabled all High demand start up services that are not required to see if the problem might lie in Windows itself taking too long to start, and therefore the DUO notification coming in too late.
However, the Windows login timeout timer is managed by security groups on our AD server, and I seem to be the only one amongst my immediate peers that has this issue. I was hoping to ask the community if there is anyone who has experienced such an issue and if it is for some odd reason related to DUO and not my startup time that makes the push notification come late.
I can’t test my start up time now that DUO is implemented company wide but I don’t recall it taking long to login at all prior to the implementation. I will be continuing to investigate why it might be Windows of course, as to tackle the issue both ways. But any feedback or experiences would be appreciated!