ASP.NET Login control is very slow making the initial connection to AD when authenticating to a different domain than the domain the web server is a member of. Problem occur
I had the same issue. Following this advice seems to have sorted it.
https://elgg.leeds.ac.uk/webteam/weblog/15385.html
We had a custom user running as the app pool user, giving the user read access to this directory 'C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys' Sorts the issue.
If you have the .NET 2.0 SP1 installed just add the following to the machine.config (of course all sites will not check verisign any longer)
<runtime>
<generatePublisherEvidence enabled="false"/>
</runtime>
http://forums.asp.net/t/968778.aspx
we finaly fixed it with
connectionProtection="None"
To turn off all attmepts to connetc on the secure port and only use 389.
We also had to specify the Connection username like "ad/bob" instead of just "bob" after the connetionProtection change.
Thanks,
Eric-