Hello, we recent migrated our file server to Server 2012 R2. Everything went smooth until I noticed users' account we're getting their Roaming Profiles when launching a Citrix application/session. They're being logged into the Citrix servers with the 'TEMP' profile. Upong logon, I'm seeing the error below thrown in the App logs of the Citrix server:
Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you log off. This error may be caused by network problems or insufficient security rights.
DETAIL - Access is denied.
Each user account's 'Profile' and 'Remote Desktop Services Profile' tab are using the same UNC path to their profile folder. I've checked the share permissions of the parent folder which I gave 'Everyone' 'Full Control' and I've checked the security permissions of the users' folders. Each user has 'Full Control' of their folder. What's a bit stranger is that I also have their account configured to map a drive to the same profile folder which works when they launch an application in Citrix. They can browse the folder, create sub-folders and files, etc.. So while the error suggests that it could be a permissions issue, the fact they can do all this within the mapped drive contradicts that idea. Also, my Domain Admin account is able to access my roaming profile which would also suggest a permissions issue, but like I said, I think all the share and security permissions are fine.
Is there anything else that may be affecting why the profiles aren't being copied to the Citrix servers and causing this error? Is there a Local Security Policy setting that would weigh in on this? We do harden these servers so I was wondering if it's something of that nature?