Endpoint Protection 14 prevents graceful Citrix session logoff

book

Article ID: 169917

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

After installing or upgrading to Symantec Endpoint Protection (SEP) 14 in a Citrix environment, you find that it prevents graceful session logoff.

 

Cause

Our SymQual error reporting service prevents graceful session logoff due to locked WER folders:

Users\%username%\AppData\Local\Microsoft\Windows\WER\ReportArchive
Users\%username%\AppData\Local\Microsoft\Windows\WER\ReportQueue

Resolution

Symantec is aware of this issue and will update this document when a solution becomes available. It is not necessary to log a support case on this issue. Please subscribe to this article to be notified of any updates.

The following workaround will effectively resolve the issue:

  1. Double-click the Symantec Endpoint Protection notification area icon. In the left-hand column, click Change Settings.
  2. Scroll down to Client Management and click the Configure Settings button.
  3. Navigate to the Tamper Protection tab.
  4. Uncheck the Protect Symantec security software from being tampered with or shut down checkbox and click the OK button.
  5. Browse to the SEP installation path ...\Symantec Endpoint Protection\14.x\bin\ folder.
  6. Rename sqsvc.dll, sqscr.dll and symerr.exe files to: sqsvc.dll.old, sqscr.dll.old and symerr.exe.old
  7. Click Windows Start > Run and type and run the following: smc -stop, and then followed by smc -start. Return to the Tamper Protection tab and click the Protect Symantec security software from being tampered with or shut down checkbox and click the OK button.
     

Additional Information

ESCRT-767