• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1398
  • Last Modified:

Folder redirection on XenApp 5 on Windows 2008 SP2 Server

Hiya,

Currently supporting a XENAPP 5 server that has a desktop published on the server (CTX1). The Desktop and Start Menu for Domain Users accounts are redirected to the \\Domain\netlogon\Citrix\Desktop and \\Domain\netlogon\Citrix\StartMenu folders. The "Authenticated users' group have Read and Execute access to the \\Domain\netlogon\Citrix folder and sub folders. We also have a group policy that sets Terminal Services Profile to a file server (FILE1) for all users.

The first time a new user logs onto the published desktop they are able to double click on the icons on the redirected desktop and start menu and launch the applications. However, if the same user tries to log onto the published desktop, the applications won't launch when the user tries to double click on the icons on the redirected desktop and start menu.

The following error is displayed in the Application Event viewer on the server when domain users log onto a XENAPP 5 Published Desktop: -
"Folder redirection policy application has been delayed until the next logon because the group policy logon optimization is in effect" issue that results in having to wait a few minutes before being able to access the start menu icons.

As a test, I temporarily gave "Authenticated users" Read and Execute AND Write access to the \\Domain\netlogon\Citrix folder and sub folders. Then the applications do launch when the user tries to double click on the icons on the redirected desktop and start menu, dispite how many times the user logs onto the CTX1.

I also tested the Desktop and Start Menu for Domain Users are redirected to the \\FILE1\Citrix\Desktop and \\FILE1\Citrix\StartMenu shared folders and the "Authenticated users" group have Read and Execute access to these folders and sub folders. Then the applications will also launch when the user tries to double click on the icons on the redirected desktop and start menu, dispite how many times the user logs onto the CTX1.

Ideally, we want the Desktop and Start Menu for Domain Users accounts are redirected to the \\Domain\netlogon\Citrix\Desktop and \\Domain\netlogon\Citrix\StartMenu folders. We also want the "Authenticated users' group to have Read and Execute access to the \\Domain\netlogon\Citrix folder and sub folders.

I've gone through many of the forums and not had any luck, please assist.
0
klikon
Asked:
klikon
1 Solution
 
sbo2002Commented:
The netlogon share on the domain controller is not the appropriate place to store data of any kind. That's a special share created by Windows to support domain authentication functions.

If you've adjusted the permissions on the netlogon share, the first step you should take is to put them back to the default. With write access, users can upload all kinds of stuff to that folder, which will impact your domain functionality because that folder gets replicated among the domain controllers.

Create a new folder somewhere, share it, then move your Start menu and whatever other redirected folders you have to that location.

The setup you have using \\FILE1 is the correct way to do what you want. Using the netlogon share is not only not ideal, it is something that you don't want to do under any circumstances.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now