Solved

Folder redirection on XenApp 5 on Windows 2008 SP2 Server

Posted on 2010-09-15
1
1,382 Views
Last Modified: 2012-05-10
Hiya,

Currently supporting a XENAPP 5 server that has a desktop published on the server (CTX1). The Desktop and Start Menu for Domain Users accounts are redirected to the \\Domain\netlogon\Citrix\Desktop and \\Domain\netlogon\Citrix\StartMenu folders. The "Authenticated users' group have Read and Execute access to the \\Domain\netlogon\Citrix folder and sub folders. We also have a group policy that sets Terminal Services Profile to a file server (FILE1) for all users.

The first time a new user logs onto the published desktop they are able to double click on the icons on the redirected desktop and start menu and launch the applications. However, if the same user tries to log onto the published desktop, the applications won't launch when the user tries to double click on the icons on the redirected desktop and start menu.

The following error is displayed in the Application Event viewer on the server when domain users log onto a XENAPP 5 Published Desktop: -
"Folder redirection policy application has been delayed until the next logon because the group policy logon optimization is in effect" issue that results in having to wait a few minutes before being able to access the start menu icons.

As a test, I temporarily gave "Authenticated users" Read and Execute AND Write access to the \\Domain\netlogon\Citrix folder and sub folders. Then the applications do launch when the user tries to double click on the icons on the redirected desktop and start menu, dispite how many times the user logs onto the CTX1.

I also tested the Desktop and Start Menu for Domain Users are redirected to the \\FILE1\Citrix\Desktop and \\FILE1\Citrix\StartMenu shared folders and the "Authenticated users" group have Read and Execute access to these folders and sub folders. Then the applications will also launch when the user tries to double click on the icons on the redirected desktop and start menu, dispite how many times the user logs onto the CTX1.

Ideally, we want the Desktop and Start Menu for Domain Users accounts are redirected to the \\Domain\netlogon\Citrix\Desktop and \\Domain\netlogon\Citrix\StartMenu folders. We also want the "Authenticated users' group to have Read and Execute access to the \\Domain\netlogon\Citrix folder and sub folders.

I've gone through many of the forums and not had any luck, please assist.
0
Comment
Question by:klikon
1 Comment
 
LVL 3

Accepted Solution

by:
sbo2002 earned 250 total points
ID: 33746863
The netlogon share on the domain controller is not the appropriate place to store data of any kind. That's a special share created by Windows to support domain authentication functions.

If you've adjusted the permissions on the netlogon share, the first step you should take is to put them back to the default. With write access, users can upload all kinds of stuff to that folder, which will impact your domain functionality because that folder gets replicated among the domain controllers.

Create a new folder somewhere, share it, then move your Start menu and whatever other redirected folders you have to that location.

The setup you have using \\FILE1 is the correct way to do what you want. Using the netlogon share is not only not ideal, it is something that you don't want to do under any circumstances.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Synchronize a new Active Directory domain with an existing Office 365 tenant
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question