Sign-in on an Entra-joined laptop takes minutes
WAM, Web Account Manager, often hangs on a slow CRL check or an expired device token. Sometimes it is Conditional Access evaluation itself.
Try this first
- 1Run dsregcmd /status and check AzureAdJoined, DeviceAuthStatus and TpmProtected
- 2Inspect Event Viewer under AAD/Operational around the sign-in time
- 3Test reachability of CRL endpoints crl.microsoft.com and mscrl.microsoft.com
- 4Reset the WAM token cache with dsregcmd /forcerecovery if the device cert is broken
When to bring us in
For persistent slow sign-ins: capture a Fiddler trace during login and identify the hanging endpoint.
See also
- My laptop is suddenly slowThree main suspects: a runaway background process, near-full disk, or a Windows update in progress.
- One specific application is slow for everyoneIf an app is slow for one person: local. For everyone at once: server side or vendor side.
- Opening files from the file server takes minutesOften the server itself is fine and the issue is network routing or stalling DNS resolution.
None of the above fits?
Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.
Or skip the DIY entirely
Our Managed IT clients do not look these things up. One point of contact, a fixed monthly price, resolved within working hours.