Hi, I am running a 7 server citrix XenApp 5.0 farm running on Server 2008 64 bit edition. It is on a 2003 domain.
To create a mandatory profile and have all citrix users point to it... I am doing something wrong.
I created a share on my 7th citrix server for the profile ( \\stuctx07\profiles$ )
I created a folder inside of that, and named it profile, so the full profile path is \\stuctx07\profiles$\profile
I copied a profile to that directory, and renamed the ntuser.dat to ntuser.man
Under the profile tab in AD for the test users, I put: \\stuctx07\profiles$\profile
When I load the published desktop, it pops up with the "user profile was not loaded correctly" bubble. It basically tells me I failed at my job, and it is pulling a tempory profile from somewhere. :)
I did notice that the ntuser.man was renamed to ntuser.man.log
The user has read and list access to the profile.
I think that pretty much explains my problem, what am I missing to pull the profile down?
Thanks guys.
Mowens
Hi,
The NTUSER.MAN.log should be created on the fly.....loading log. What about specifying the roaming profile path (for all users) to use that mandatory path. That should work, barring any 2008 issues.
Do you mean through GP?
Preferrably. If not, then it'll have to be a local system policy. I've done this in 2003 and it worked great! I have found 1 caveat:
If you choose to use the famous GP setting "Delete cached copies of roaming profiles on logoff" this DOES NOT WORK in 2008 YET. I dont know Y - MS? *cough* This may be fixed in R2, but i havent tested. I opened a case with MS on this and they said that the only workarounds (at this opint) are to bounce the User Profile service or reboot the server, to delete the cached copies.
That has yet to be desired in my book. If you dont care about that (which you may not) please test away :)
Isnt that what UPH clean does? Or is that something else?
Just curious, why would you choose local policy over group policy?
UPHClean, whcih is now included in the 2008 user profile service, allows for a more graceful logoff, if there are any snags in the registry, while unloading the user hive. It doesn't actually delete the user profile.
I would ONLY use local system policy for "one-off" situations. GP is absolutely preferred, when applicable.
I think I might have explained something incorectly here. I just happend to put the profile store on a citrix server... All users that log onto the farm should pull the mandatory profile.
I should set that as a local policy on all of the servers?
No problem - you're just using 1 Citrix server as a "file server location". No issue with that - just make sure it's always accessible during user logins ;) i would leave the manprof location (or possibly move to a more "up" location, if need be) and apply a GPO to all the Citrix servers stating:
Roaming profile path/location - \\citrixserver\manprofdir (Please dont use exact syntax) :P
Delete cached copies of roaming profiles. - Again, that one may be "iffy".
I think we're on the same page, just different books :P
Haha turn in your books to page 42....
didnt work. I tried it from group policy and I still get the same error message. I even went in and added modify rights to the share (even though for a mandatory profile you wouldnt think that it needs that) and it didnt work.
The stupid thing will not load the profile as requested. Any other thoughts?
I was going to upload a screenshot proving that the path name of the profile share and the profile path in GPO were the same, but I cant find a screen shot option
Bummer....maybe try enabling verbose logging for logins - http://support.microsoft.com/kb/221833
That should help you ID what the issue may be. The link will tell you where the log files goes - I think it's "C:\WINDOWS\Debug\UserMode\userenv.log"
Maybe try defining a local location of the manprof....to take out any network dependent issues.....
In the AD User object are you using the "Terminal Services User Profile" path?
Rudy
I will try the verbose logging right now.
No, I am not using the "terminal services user profile" tab. Should I be?
Ok. I tried to enable verbose logging, and check me on this, I may be doing it wrong.
I made a n entry in the desired location, and named it "2"
No logfile was created.
I tried adjusting the value to 30002, and again no log file.
I restarted the server after every logon change.
Am I doing something insanely stupid?
You should be using the Terminal Services Profile path in AD to configure Terminal Services Profiles.