We have a 2008 R2 Server running Remote Desktop Services. It's been working fine for a few months, and access has been quick and consistent.
Recently though, clients using the server have been complaining of very slow logon times, often with the remote session console going 'black' until the desktop eventually appears. This can take anywhere between 2-10 minutes. Once the desktop is available it works fine, and is quick as usual. This only affects 'new' sessions. Disconnected sessions resume quickly with no problem.
When the screen is 'black', if you press CTRL-ALT-END, the Windows screen showing the option the Change Password/Tun Task Manager appears, so there is life in the session - it hasn't hung.
What I've noticed is that, after every 'slow' client logon, I see this entry in the system log on the server;
DCOM Event: 10009
DCOM was unable to communicate with the server <server1.mydomain.local> using any of the configured protocols
In this case, server1.mydomain.local is a DC in a different child domain within our forest root. The terminal server has no need or requirement to communicate with this DC, and infact the domain the DC resides in is completely secured from the terminal server's domain. There's no rogue DNS entry, and I've searched the registry for the FQDN and IP of the referenced DC, but nothing.
I don't know why it's started, or why it's trying to communicate with the DC, but it seems to be really slowing the logon process down for users. Oddly, admin sessions aren't affected - they're as quick as always, it's just user logons.