Hello,
I have a Windows Server 2008 R2 SP1 production environment with Citrix User Profile Management installed. On these servers we are running Symantec Endpoint Protection version 14.0.2349.0100. This in essence utilizes the Windows Roaming profile mechanism and local user profiles are created under C:\Users. Occasionally, I observe the following behavior:
When a user logs off from Citrix, the corresponding local profile folder under C:\Users is not deleted thus creating issues with Citrix profile properties not being retained as a temporary profile is created on subsequent logon. After having carried out in-depth troubleshooting, the issue is narrowed down to the following folder/file not being deleted.
- C:\Users\[username]\AppData\Local\Symantec\Symantec Endpoint Protection\Logs\xxyyzz.log
If i try to manually delete these folders I get an "Access is Denied" error and I cannot change the owner of the folders to any domain administrator or local administrator user.
The above file/folder cannot be deleted due to permissions/security reasons and they are only deleted after server reboot or if I temporarily disable the Symantec client on the affected servers, which of course is not an acceptable fix to the issue. We have tried applying MS hotfix https://support.microsoft.com/en-us/help/2661663/stale-user-profile-folders-are-not-deleted-completely-in-windows-7-or on the affected servers but to no avail.
Do you have any ideas or thoughts? Is this is a known issue with Symantec Endpoint Protection? Is there a Symantec or Microsoft specific patch which fixes this issue?