Environment
Citrix XenApp Server Operating System: Windows 2008 R2
Citrix XenApp Version: 6.5
Citrix XenApp Hotfix: Rollup 1
Citrix Profile Management Version: 4.1
Problem
You’ve received complaints from various users that when they launch applications published on the Citrix XenApp 6.5 servers, they receive Windows Script Host error prompts similar to the following:
Script:
\\domain.internal\SysVol\domain.internal\Policies\{someGuid}\User\Scripts\Logon\logon.vbs
Line: 16
Char: 1
Error: Permission denied: ‘GetObject’
Code: 800A0046
Source: Microsoft VBScript runtime error
To further troubleshoot, you proceed by configuring the XenApp server to allow users to directly remote desktop to the server. Upon directly logging onto the server with the user’s credentials, the following is displayed:
While troubleshooting the issue, you also noticed that you are unable to browse the path:
\\domain.internal
Windows cannot access \\domain.internal
You do not have permission to access \\domain.internal. Contact your network administrator to request access.
For more information about permissions, see Windows Help and Support
The server also exhibits the same behavior when you browse directly to a server via the name or IP:
What’s strange is that you are able to ping other servers:
You notice that if you add the user to the local administrators group, the error goes away.
Solution
While the symptoms described in the following KB:
http://support.citrix.com/article/CTX128255
… did not directly map to the ones described above, I found that the solution was resolved my issue. The reason why non local administrators were experiencing these symptoms is because of the UsrClass.dat file located in the following directory when the user is logged onto the server:
C:\Users\Default\AppData\Local\Microsoft\Windows
You will also notice the same file stored on the file server that stores the user’s profile management folder:
\\someFileserver\profilemanagement\someUsername\UPM_Profile\AppData\Local\Microsoft\Windows
The solution as described in the article is to delete this file but note the following:
- You may not be able to delete the UsrClass.dat file from C:\Users\Default\AppData\Local\Microsoft\Windows while the user is logged in
- Even if you delete the file while the user is logged off, the saved UsrClass.dat will be copied back to the server from the server
To correctly resolve the issue and remove the problematic UsrClass.dat file, first log off as the user to make sure profile management has saved the user’s profile on the file server and no other sessions will overwrite the profile, then go to the user’s profile on the file server and delete UsrClass.dat. Once this is done, log back onto the server as the user and and ensure the symptoms are gone.
No comments:
Post a Comment