A session remains active after logging off when Symantec Endpoint Protection (SEP) is installed on a Citrix XenApp Server. A ccsvchst process running under the user's context will remain active, even when LaunchSMCgui registry value is set to 0. To active session ends when the ccsvchst process running under the user's account is manually closed.
User sessions will be left in an active state if the ccsvchst process fails to close properly, even when the LaunchSMCgui registry value is set to 0. This is due to the Seamless Desktop Integration feature of Citrix, where resources running on a Terminal Server might be made to appear as if the resources are running on the client.
Follow the steps in these two Citrix knowledge base articles:
These articles will have you create the following two registry keys. Be sure to create a backup of the registry before making these changes.
• Registry Key:
Value Name: SeamlessFlags
Value Type: REG_DWORD
Values: 0x20 (this is the flag for the DISABLE SYSTRAY AGENT)"
Value Name: LogoffCheckSysModules
Value Type: REG_SZ