Endpoint Protection 14.2 prevents Terminal Server\Citrix Server user profiles from being deleted at logoff

book

Article ID: 184245

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Symantec Endpoint Protection (SEP) 14 prevents Citrix roaming profiles from being deleted at logoff. The following Windows Error Reporting folders are locked / in-use:

Users\%username%\AppData\Local\Microsoft\Windows\WER\ReportArchive
Users\%username%\AppData\Local\Microsoft\Windows\WER\ReportQueue

 

Resolution

This issue is fixed in Symantec Endpoint Protection 14.3 RU1. For information on how to obtain the latest build of Symantec Endpoint Protection, see Download the latest version of Symantec software here.

The following steps to disable the SymQual component can serve as a temporary workaround:

  1. Double-click the Symantec Endpoint Protection notification area icon. In the left-hand column, click Change Settings.
  2. Scroll down to Client Management and click the Configure Settings button.
  3. Navigate to the Tamper Protection tab.
  4. Uncheck the Protect Symantec security software from being tampered with or shut down checkbox and click the OK button.
  5. Browse to the SEP installation path ...\Symantec Endpoint Protection\14.x\bin\ folder.
  6. Rename sqsvc.dll, sqscr.dll and symerr.exe files to: sqsvc.dll.old, sqscr.dll.old and symerr.exe.old
  7. Click Windows Start > Run and type and run the following: smc -stop, and then followed by smc -start. Return to the Tamper Protection tab and click the Protect Symantec security software from being tampered with or shut down checkbox and click the OK button.

 

 

 

Additional Information

ESCRT-767