Active Directory Joined Mobile User Login Very Slow Off AD Network

It sounds like the issue is the automount of the share(s). Before going too deep, try removing the automount from login items and see if your login process is sped up. If I recall, each mount will try to connect for 120 seconds before timing out. If you have multiple automounts that cannot be reached, then you will have a significant pause when logging in. Assuming these are added to login items, remove them, then log out and log in when off the network. If you are defining the automounts via your MDM, then exclude the test machine from the profile.

If the mounts prove to be the cause of the delay, then consider crafting a script/app with conditional logic to detect your corporate LAN. Only on detection will the mount process be attempted. This can allow off-LAN logins to bypass the mount attempt. With an MDM, you might be able to use network state change trigger. But this may not work if your units are FileVault encrypted as the speed of power on > decrypt > boot > to desktop may not allow the MDM to be contacted in time. Likely better to create a local script/app that contains the conditional logic. Add that to login items. Now when the user logs in, there is logic behind the mount attempt. "Am I on the LAN? Yes > attempt share mount. No > do nothing."

Hope this is helpful,

Reid

Just to clarify, what you are describing is not automounting. That’s just adding network volumes to login items.

There is an actual automount mechanism that uses autofs. I don’t know if it still works anymore. Apple pulled the documentation years ago, but you can still find it on the internet where copyright doesn’t matter. Due to changing security expectations, it only worked in properly AD-bound computers.

Otherwise, I don’t know anything about this issue. It is probably related to some kind of network lookup problem. Either there is a inaccessible network lookup that is failing, or the mechanism to modify the local DNS isn’t working.