Solved

Profile Loading Errors at Logon

Posted on 2008-10-08
8
1,750 Views
Last Modified: 2010-04-21
Recently we began migrating users to our new Citrix 4.5 environment.  As part of the migration we upgraded the client to the Web Client 10.1/10.2 and now some have 11.0.  We also modified the terminal services roaming profile path to point to a DFS Share.  Ever since we began migrating these users, a small percentage began to report local logon profile errors.  As they logged into their workstations they would get either one or two errors regarding their profile not being able to load.  With one error, there profile would load, with both Windows would load a temp.  We installed the client several weeks prior to migrating the users.  The only thing that was done on the day of migration was the terminal service roaming profile path change. As we have migrated over 1400 users, this is now happening to about 40-100 users a day and not very consistently.  I have reviewed the software and hardware on the workstations and there doesn't appear to be a common platform or software install that could be causing the problem.  
I have a case opened with MS.  We installed UPClean on many of the computers both in log only mode and action mode.  Neither helped.  The userenv logs do not indicate clearly what the source is.  Occasionally logs show the profile is locked by a process:  ssonsvr (which is the Citrix client SSO server executable but this is inconsistent.

AD OS: Windows 2K3 SP2
Workstation OS:  XP SP2
Citrix: CPS 4.5 HFRP2 with 10.1/10.2/11.0 web client using Single Sign On.  SSO Passthru has been enabled via a GPO.  

Event Log Errors:
IEvent Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1511
Date:            6/12/2008
Time:            6:36:39 PM
User:            AKUSA_NT\lunsfordj
Computer:      WS17
Description:
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1515
Date:            6/12/2008
Time:            6:36:39 PM
User:            AKUSA_NT\lunsfordj
Computer:      WS17
Description:
Windows has backed up this user's profile. Windows will automatically try to use the backed up profile the next time this user logs on.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1502
Date:            6/12/2008
Time:            6:36:39 PM
User:            NT AUTHORITY\SYSTEM
Computer:      WS17
Description:
Windows cannot load the locally stored profile. Possible causes of this error include insufficient security rights or a corrupt local profile. If this problem persists, contact your network administrator.

 DETAIL - The process cannot access the file because it is being used by another process.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1508
Date:            6/12/2008
Time:            6:36:36 PM
User:            NT AUTHORITY\SYSTEM
Computer:      WS17
Description:
Windows was unable to load the registry. This is often caused by insufficient memory or insufficient security rights.

 DETAIL - The process cannot access the file because it is being used by another process.  for C:\Documents and Settings\lunsfordj\ntuser.dat
0
Comment
Question by:jeffrey_lunsford
  • 4
  • 3
8 Comments
 
LVL 8

Expert Comment

by:Herrmannator
ID: 22674936
First thing I would do is change a "zone" to Citrix as this is a common issue there.
Regarding your question, here are a few things to check:
1) make sure that "offline caching" is disabled on the file share where these profiles are stored.  That is another frequest cause of profile problems.  See this link:
http://www.brianmadden.com/Forum/Topic/91182
2) Is UPHClean installed on all Citrix servers?  It should be because any server can corrupt the profiles.  We use the "beta" version (out for several years now and works well).
http://windowsitpro.com/article/articleid/42257/whats-user-profile-hive-cleanup-service-uphclean.html
http://blogs.technet.com/uphclean/archive/2008/03/03/about-uphclean-v2-0-events-1630-1631-and-1632.aspx
3) Anti-Virus software can be a common cause of this problem where the profile gets locked by an active process.  You may want to try making some changes to the auto-protect settings to exclude scanning the NTUser.dat, for example.  If you can easily replicate the problem, then you might try temporarily disabling auto-protect all together as a test to see if that is the underlying cause.  Here is one on tuning AV for Citrix:
http://www.jhouseconsulting.com/articles/antivirus_strategy_for_citrix_servers.html

0
 

Author Comment

by:jeffrey_lunsford
ID: 22675464
Thanks for the info. I will change this to the Citrix Zone.
I will check into the offline caching on the file share that the roaming profiles are on but I should be more clear in that the errors reported are on the workstation before these users access Citrix  and a roaming profile.  It happens when logging into Windows.
Also UPHClean is installed on all of our Citrix servers but also on the workstations now as part of the troubleshooting MS is having me do.

As far as anti-virus is concerned we are excluding the scanning of *.dat on the file share as well as on the PCs for some time but will try disabling it for a couple of days. The hard part about diagnosing this problem is that it is so inconsistent and implementing a "fix" and testing after.
I will let you know tomorrow
0
 
LVL 8

Expert Comment

by:Herrmannator
ID: 22676104
So are roaming profiles used when logging into anything, or just when logging into TS/Citrix servers?  Everything you are already doing sounds good, and now I see why you did not put this just in Citrix zone.   A few other things you might try excluding from autoprotect:
*.LOG, *.INI
%AppData%\ICAClient\Cache
%programfiles%\Citrix\ICA Client
C:\WINDOWS\system32\spool
C:\WINDOWS\system32\spool\PRINTERS
0
 

Author Comment

by:jeffrey_lunsford
ID: 22683998
I checked on the offline caching.   We do have it enabled on the share(s).  I am discussing it with our team to turn it off.  Should have a decision by tomorrow.
I will look at making the AV changes you suggested  tomorrow as well.   Tks,
0
Shouldn't all users have the same email signature?

You wouldn't let your users design their own business cards, would you? So, why do you let them design their own email signatures? Think of the damage they could be doing to your brand reputation! Choose the easy way to manage set up and add email signatures for all users.

 

Author Comment

by:jeffrey_lunsford
ID: 22838023
We have disabled offline caching.  Made the AV Changes but that did not help.  I know that I had said we had uninstalled AV and tested before but not me specifically.  I began uninstalling AV on 3 "reliable" user s' machines.  The errors have stopped and been silent for a week.  I am going to reinstall and see if the errors return.  
The question I have now is, if it turns out to be Anti Virus, how do you troubleshoot or log the conflicts at logon.
0
 
LVL 8

Accepted Solution

by:
Herrmannator earned 500 total points
ID: 22841639
Is it possible to open a ticket with your AV vendor?  They may have utilities to do extensive logging that would help.
I don't know any method to offer other than trial and error (maybe start by reinstalling AV on those PC's but turning off autoprotect, and see if still no problem.  Then turn it back on, but exclude c: entirely.  Then allow auto-protect for every major subdirectory you think could not possible be part of the problem.  Then 1 at a time add the ones you suspect.
Another thought is that (if you can get this to happen on some machines in a predictable way), try opening you (symantec?) AV client and viewing the real-time protection files as they are being scanned.  (ie, it will show you the file names on screen as they are scanned).  And perhaps you will see a particular file being scanned when this problem occurs.
0
 

Author Closing Comment

by:jeffrey_lunsford
ID: 31504432
I am closing this case as I have moved on to another job and will not be able to resolve it.  That being said, I think it is highly likely that the AV was/is the culprit.  I am accepting this answer to award points for the assistance.
0
 

Expert Comment

by:dodger99
ID: 28063251
Am having the identical problem as above. Were there any specific AV scanning processes identified that caused the profile not to load?
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

This is an article about Leadership and accepting and adapting to new challenges. It focuses mostly on upgrading to Windows 10.
In this article, I will show you HOW TO: Perform a Physical to Virtual (P2V) Conversion the easy way from a computer backup (image).
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now