2008R2 Remote Desktop Server Profile Problems
Posted on 2014-11-06
We have 4 Windows 2008 R2 servers set up with RDS (session host, license manager etc).
Two are physical servers, one is a virtual ESXi 5.5 that was migrated from a physical, and one is a Virtual ESXi 5.5 built from scratch). All of them are having the same problems.
I can log in locally with a domain admin to the servers with no problems. (note - domain admin account does not have a roaming profile)
Users have a "Remote Desktop Services User Profile" specified in their account: EX: "\\ct01\root\RProfiles\JFanguy"
When I log in with either an existing domain user or a new one all goes swimmingly and the TS roaming profile is created on the share and the login time is a matter of seconds. All the network drives are available. User is able to interact with file shares on our FILE server with no problems.
First time the user Logs off the remote desktop server is fine.
However on any subsequent logoff the process hangs (sometimes for hours or until I physically power off the server) on the "Please wait for the User Profile Service" and when rebooted the event viewer show their profile wasn't fully synchronized.
The errors in event viewer are:
Some version of Event 1530:
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.
3 user registry handles leaked from \Registry\User\S-1-5-21-2000478354-1801674531-725345543-2662:
Process 668 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2000478354-1801674531-725345543-2662\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
Process 2372 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2000478354-1801674531-725345543-2662\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
Process 1728 (\Device\HarddiskVolume1\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2000478354-1801674531-725345543-2662\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
about 1 minute later:
Event ID 6005 - The winlogon notification subscriber <Profiles> is taking long time to handle the notification event (Logoff).
Here is where it hangs on "Please Wait for the User profile Service" - most of the time i have to physically power off the remote desktop server.
When it reboots, i see a bunch of these:
Event ID 1509 - Windows cannot copy file C:\Users\JFanguy\ntuser.dat to location \\ct01\root\RProfiles\jfanguy.V2\ntuser.dat. This error may be caused by network problems or insufficient security rights.
DETAIL - The network path was not found.
Event ID 1509 -Windows cannot copy file C:\Users\JFanguy\ntuser.ini to location \\ct01\root\RProfiles\jfanguy.V2\ntuser.ini. This error may be caused by network problems or insufficient security rights.
DETAIL - The specified network name is no longer available.
Event ID 1534 - There are too many profile copy errors. Refer to the previous events for details. Windows will not log any additional copy errors for this copy process.
Event ID 1504 - Windows Windows cannot update your roaming profile completely. Check previous events for more details.
Once logged in the user can access all the shares and indeed clicking on the link produced in Event ID 1509 takes you to the correct location. I'm pretty sure the permissions are correct on the share (the profile creates initially after all). We have Dfs in operation but even on a non Dfs share this occurs.
Logging off again hangs at the User Profile Service and then give a message about partially synchronizing before logging off.
If I delete all trace of the TS roaming profile locally and at the share then the process starts again with a good initial login and logoff and hangs on subsequent logoffs.
Anyone come across this behavior before? DNS seems ok as far as I can tell.
I worked 6 hours with Microsoft yesterday, all they did was work on "scoping" the case - no actual help.
Note: 3 weeks ago, we migrated our physical file server (which houses the roaming profiles) to ESXi 5.5 Virtual.
This is the only thing I can think of that all of our 4 remote desktop servers have in common.
all 5 servers (File and remote desktop servers) have these settings:
TCP Global Parameters
Receive-Side Scaling State : disabled
Chimney Offload State : disabled
NetDMA State : enabled
Direct Cache Acess (DCA) : disabled
Receive Window Auto-Tuning Level : disabled
Add-On Congestion Control Provider : ctcp
ECN Capability : disabled
RFC 1323 Timestamps : disabled
TCP Window Scaling heuristics Parameters
Window Scaling heuristics : disabled
Qualifying Destination Threshold : 3
Profile type unknown : normal
Profile type public : normal
Profile type private : normal
Profile type domain : normal
Any help appreciated