Did both users have the same level of access? Or did one have access to a more limited subset of endpoints?
Outside of trying to figure out what's different between the accounts - it could be the database needs to be cleaned up, system resources on the ePO server (and/or the database server need to be increased.
If you log in as the other identity first then log in as you, are the queries still faster the second time? If so you may be exposing resource problems on the SQL server. Basically the first user caches the information and the second uses what has already been loaded into memory. Before complaining to the SysAdmins/DBAs for more memory you could ask them to run a query to see what type of info you're capturing. There may be extraneous events that are not really needed. I turned off like 5 events and my DB shrank by 30%. It has been a # of years so I don't remember which ones I turned off. I really should have documented them
SELECT ThreatEventID, Count(ThreatEventID) as Count FROM EPOEvents
GROUP BY ThreatEventID
ORDER By Count desc
Message was edited by: Slyfin on 7/23/14 1:43:16 PM GMT-05:00
Forgot the Threat ID List
Sorry guys forgot to send feedback on this. DBA's got back to me that there was transactions blocked (sleeping) in the EPO DB with that specific username. They killed it then it was faster again.