Under certain conditions, when you create MCS pooled random Windows 10 machines, they might point to wrong domain controller as the logon server. This will lead to delayed user logon and GPO applications might take longer than expected.

On further investigation, you would observe the following registry key being created on MCS provisioned machines.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\JoinDomain



 

To resolve this issue, follow the steps below:

1. Launch elevated PowerShell on Delivery Controller and execute the commands below -
   1. asnp citrix*
   2. Set-ProvServiceConfigurationData –Name DisableDomainInjection –Value true
2. Reboot all the Delivery Controllers
3. Create a new MCS pooled random catalog

---

Problem Cause

This issue can occur because of the domain injection process during MCS provisioning process. Be default, MCS will use the domain controller from the AD site (to which the Delivery Controller belongs to) as the preferred logon server. This means MCS provisioned pooled machines would point to that particular domain controller regardless of what AD site and subnet they belong to.