Terminal Server Logon Issue
We have a 2003 Enterprise Terminal Server. Dual Xeon Quad Core, 12 gb ram. During the working day there are usually about 60 active sessions. Just about daily we are forced to reboot the server because users can not log in. Event Viewer on the server shows these messages:
1401 The following handles in user profile hive have been remapped because they were preventing the profile from unloading successfully, Rtvscan.exe (2372) HKCU\Software\Symantec\Sym
1508 Windows was unable to load the registry. This is often caused by insufficient memory or insufficient security rights. DETAIL - Insufficient system resources exist to complete the requested service. for C:\Documents and Settings\username\ntuser.d
1500 Windows cannot log you on because your profile cannot be loaded. Check that you are connected to the network, or that your network is functioning correctly. If this problem persists, contact your network administrator. DETAIL - Insufficient system resources exist to complete the requested service.
1219 Logon rejected for domain\username. Unable to obtain Terminal Server User Configuration. Error: Not enough resources are available to complete this operation.
Using Symantec End Point 11 mr4 unmanaged. Any help would be greatly appreciated.
Thanks
1401 The following handles in user profile hive have been remapped because they were preventing the profile from unloading successfully, Rtvscan.exe (2372) HKCU\Software\Symantec\Sym
1508 Windows was unable to load the registry. This is often caused by insufficient memory or insufficient security rights. DETAIL - Insufficient system resources exist to complete the requested service. for C:\Documents and Settings\username\ntuser.d
1500 Windows cannot log you on because your profile cannot be loaded. Check that you are connected to the network, or that your network is functioning correctly. If this problem persists, contact your network administrator. DETAIL - Insufficient system resources exist to complete the requested service.
1219 Logon rejected for domain\username. Unable to obtain Terminal Server User Configuration. Error: Not enough resources are available to complete this operation.
Using Symantec End Point 11 mr4 unmanaged. Any help would be greatly appreciated.
Thanks
Brian Harrington
Have you tried disabling Symantec for a day or two to see if it is the culprit? You could try removing and re-installing symantec. I had an issue with TrendMicro being set up before terminal services were installed and it blew the whole thing up. Re-installation fixed the issue.
Sorry, for the two postings, but it looks as if Symantec is blowing out your network stack.
ASKER
My next step was to try uninstalling SEP 11 and putting version 10 on there.
I think that is where your problem lies. In my instance it was 2008, but it was the Anti-Virus that screwed things up. On the other hand, it's a great solution. If no one can use the machine, it can't get infected :).
ASKER
I like the glass half full approach. I'll give that a shot tonight and see what happens.
ASKER
Reinstalled End Point 11 mr4, same issue exists. last night uninstalled End Point and installed 10.1.5. Hopefully that does the trick.
I have the exact same issue on my 2003 Terminal server with Endpoint MR4 MP2. Symantec Endpoint is definitely causing these issues. I have tried adding exclusions to the individual users ntuser.dat file. So now I no longer have errors unloading those files when a user logs off but now its complaining about this hive in the registry. HKCU\Software\Symantec\Sym
I have uninstalled, cleaned and reinstalled Endpoint now 5 times with no change. This is driving me bananas because I have to reboot the server every morning in order for my users to get back into their correct profiles. Endpoint in theory is a great product however, I have struggled with this product since day one on my network. If I could get this last issue resolved I may be a happier person...
Any ideas?
Thanks!
I have uninstalled, cleaned and reinstalled Endpoint now 5 times with no change. This is driving me bananas because I have to reboot the server every morning in order for my users to get back into their correct profiles. Endpoint in theory is a great product however, I have struggled with this product since day one on my network. If I could get this last issue resolved I may be a happier person...
Any ideas?
Thanks!
ASKER
After a week of having Symantec AV 10 on the terminal server we are still having the same issue just a little less frequent. I'm at a loss.
ASKER
with both SEP 11 and SAV 10 it keeps blocking uphclean even though I've added it to the exceptions list. any ideas?
I have resolved my issue! I had to remove all user profiles on the Terminal Server. I used the profile cleanup tool issued by Microsoft to delete them. I also had some "ghost" profiles that I had to delete manually. As soon as I cleaned up the profiles, rebooted and re added them the server has been running great. It was a royal PITA to remove all the profiles cause everyone has their customized profiles but I just bit the bullet as a last ditch effort and everything worked great in the end!
good luck!
good luck!
ASKER
It seems like there must be a better solution than rebuilding all of the profiles. We have over 100 on here with a lot of users connecting back to local printers that are shared off of their desktops. I made the change from Symantec AV to Kaspersky which has improved the situation but did not completely resolve it. Still working on it.
Good luck! I have been running for almost three weeks now(knock on wood) without issue after deleting and recreating the user profiles. I also run the UPHclean utility as well. My users are much happier!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
What/where is the "profile cleanup tool " mentioned above. I am having simliar issues on our Termnal Server.
ID:25003631Author:OccITDat
Thanks
ID:25003631Author:OccITDat
Thanks
Here is the link to the profile tool
http://www.microsoft.com/downloadS/details.aspx?FamilyID=1b286e6d-8912-4e18-b570-42470e2f3582&displaylang=en
http://www.microsoft.com/downloadS/details.aspx?FamilyID=1b286e6d-8912-4e18-b570-42470e2f3582&displaylang=en
Thanks for the link. I have already been running UPHClean. The wording led me to think that you had found a tool to delete the profiles. " used the profile cleanup tool issued by Microsoft to delete them." Does UPHClean have this capability? Or were you just stating you had deleted the profiles and allowed the system to rebuild at next login. Thanks in advance for the clarification.
I have been chasing the problem for several months. The latest findings is that both Terminal Servers ( we have two) had problems this Monday morning. The two terminal servers are for two different companies in two different states. The only common factor so far is that the both run a Syamentec virus scan early monay a.m. but it completes by the time the users begin to log in. I am digging deeper into reported AV issues and profile cannot log in, but as of yet have found nothing definitive excpet for "This issue has been addressed in release 10.3.1.13 of the SymEvent driver" was suppose to fix the problem. However, several blogs state it did nothing for them. (REF MS KB Article ID: 272568 )
Thanks to all who contribute, perhaps my little bit of info may allow someone else to resolve their issue.
I have been chasing the problem for several months. The latest findings is that both Terminal Servers ( we have two) had problems this Monday morning. The two terminal servers are for two different companies in two different states. The only common factor so far is that the both run a Syamentec virus scan early monay a.m. but it completes by the time the users begin to log in. I am digging deeper into reported AV issues and profile cannot log in, but as of yet have found nothing definitive excpet for "This issue has been addressed in release 10.3.1.13 of the SymEvent driver" was suppose to fix the problem. However, several blogs state it did nothing for them. (REF MS KB Article ID: 272568 )
Thanks to all who contribute, perhaps my little bit of info may allow someone else to resolve their issue.
I'm sorry, I have too many things on the brain right now. There is a tool that does delete user profiles. Here is the link:
http://www.microsoft.com/downloads/details.aspx?familyid=901a9b95-6063-4462-8150-360394e98e1e&displaylang=en
In my situation I took the dive and just cleaned out all the profiles and started from scratch. It was a huge PITA! In the end things are working great!
http://www.microsoft.com/downloads/details.aspx?familyid=901a9b95-6063-4462-8150-360394e98e1e&displaylang=en
In my situation I took the dive and just cleaned out all the profiles and started from scratch. It was a huge PITA! In the end things are working great!
Thanks,,,, I will look into this..