ccsvchst fails to close properly on Citrix XenApp servers leaving an active session
search cancel

ccsvchst fails to close properly on Citrix XenApp servers leaving an active session

book

Article ID: 154984

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

A session remains active after logging off when Symantec Endpoint Protection (SEP) is installed on a Citrix XenApp Server.  A ccsvchst process running under the user's context will remain active, even when LaunchSMCgui registry value is set to 0.  To active session ends when the ccsvchst process running under the user's account is manually closed.    

Environment

XenApp 6.5 for Windows Server 2008 R2
XenApp 6.0 for Windows Server 2008 R2
XenApp 5.0 for Windows Server 2008

Cause

User sessions will be left in an active state if the ccsvchst process fails to close properly, even when the LaunchSMCgui registry value is set to 0.  This is due to the Seamless Desktop Integration feature of Citrix, where resources running on a Terminal Server might be made to appear as if the resources are running on the client.  

Resolution

Follow the steps in these two Citrix knowledge base articles:  

An Active Session Exists Even after Logging off the Session when Symantec Endpoint Protection is Installed on a Citrix XenApp Server

Graceful Logoff from a Published Application Renders the Session in Active State

These articles will have you create the following two registry keys.  Be sure to create a backup of the registry before making these changes.  

• Registry Key:

HKEY_LOCAL_MACHINE/System/CurrentControlSet/Control/Citrix/wfshell/TWI

Value Name: SeamlessFlags
Value Type: REG_DWORD
Values: 0x20 (this is the flag for the DISABLE SYSTRAY AGENT)"

Value Name: LogoffCheckSysModules
Value Type: REG_SZ
Values: ccSvcHst.exe,ccSvcHst.exe*32