The steps that were previously mentioned are official steps and can also be found in the McAfee Knowledge base.
We raised a support case with McAfee and were sent the mentioned reg fix but this did not resolve our problem. As mentioned in my original post, back in February, we have 200 users connecting to a 5 node terminal server farm on a daily basis. We found many users were getting roaming profile sync errors when logging off. This caused us endless issues as any customisation the user had made to their desktop environment (ie: default printer, recent documents, MS Word settings, Outlook layout, etc) were lost each time they logged off. We examined the event logs on the terminal servers and found lots of 'USER PROFILE GENERAL' Event ID '1509' errors:
Windows cannot copy file C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Cookies\email@example.com to location \\server\ts redir$\TS Profiles\username\AppData\Roaming\Microsoft\Windows\Cookies\firstname.lastname@example.org. This error may be caused by network problems or insufficient security rights.
DETAIL - Access is denied.
To confirm McAfee SaaS 5.2.1 was the cause we uninstalled McAfee from one the terminal server nodes. Then using a user account suffering from this issue we logged them on and off. Surely enough no roaming profile error was given until we reinstalled McAfee and performed the same test.
To resolve this we created a simple GPO log off script (as follows) to clear out the users cookies:
del /F /Q C:\Users\%username%\AppData\Roaming\Microsoft\Windows\Cookies\*.txt
del /F /Q C:\Users\%username%\AppData\Roaming\Microsoft\Windows\Cookies\Low\*.txt
This is hardly ideal but McAfee seem to be burying their head in the sand and hoping it goes away on this one! We made 3 phone calls to McAfee support and were told each time to re-apply the reg fix and reboot the servers despite confirming we had already done this over and over.
We have a McAfee SaaS Endpoint - 3year - 200 seat subscription with gold support which expires at the end of 2011. Needless to say we will NOT be renewing and will look for an alternative AV vendor who doesnt sweep product bugs/faults under the carpet and palm off customers.
I am admin a 7000 seat SaaS install and found that implementing this https://kc.mcafee.com/corporate/index?page=content&id=KB71093 McAfee suggestion solved most of our 5.2 cookie issues. We've also implemented https://kc.mcafee.com/corporate/index?page=content&id=KB70863.
I also found that excluding .TXT and .IE file extensions works if you are unable to edit the registry.
It has been for over a year now since McAfee set us up with this annoying defect in their software and still no suitable solution!
I serve several customers with McAfee in client/server and terminal Server environments and still having problems with roaming profiles. Also the Online back-up solutions we use with rSync are being affected.
So I decided to try figure this out and come up with a solution that works.
Been to all the forums, spoke to McAfee, since we have Gold Support and all... No luck.
Patches, registry tweaks, you name it... It does not work!
Then I decided to figure out how to exclude these annoying cookies from being scanned...
This is what I came up with and it works! Finally!
Setup your policies with wildcards ** to exclude folders containing cookies.
For Windows XP and Server 2003:
Folder: C:\Documents and Settings\**\Cookies\
For Windows 7 and Server 2008:
The ** means to exclude all folders it comes across form the folder “Documents and Settings” or “Users”
In other words, this applies for all users on the workstation or server.
I also excluded the shares profile folder on the server for my online back-up:
For Windows 7: F:\Profile\**\AppData\Roaming\Microsoft\Windows\Cookies\
For Windows XP: F:\profile\**\Cookies\
Also the shared UNC path is excluded:
For Windows 7: \\ServerName\prf$\**\AppData\Roaming\Microsoft\Windows\Cookies
For Windows XP: \\ ServerName\prf$\**\Cookies\
But be aware, double wildcards for folders does not seem to work, eg.
I tried this on my provisioned Terminal Server, witch is shared with more company’s.
It’s not a very neat solution because no cookies get scanned anymore by McAfee, but in my humble opinion, cookies aren’t that harmful in this case.
I sure hope McAfee can come up with a more subtle solution than this, but I kind of lost hope after a year!
I hope I can help fellow system administrators with this solution.
Michael van Zomeren
too late for me though, after months of messing about with gold support ive switched our entire setup over to trend micro - thanks BYTE Internet
PauloMessage was edited by: paulo112 on 21/09/11 07:36:32 CDT
Thank you so much for taking efforts with this issue and keeping us updated with the solution that worked.
Let we check this solution in our test environment and we will post our suggestions regarding this.
Once again thanks for this.
I too have been wrestling with the problem of roaming profiles not saving correctly for some time. Have tried excluding cookies from scans, edited registries, and all the other suggestions.
I am hoping that I have found my solution in excluding cookies from saving in the roaming profile through group policy. Saving cookies in the roaming profile is not needed on our network. Mainly we are using roaming profiles to ease backup of files stored in My Documents on the user's computers.
Since I had not seen this suggested as solution to the on going problem thought it would be nice to throw it out there to others.
Good luck with the battle
TerryMessage was edited by: terryg on 11/3/11 2:30:16 PM CDT
McAfee has now given a fix that resolves the issue with the Roaming profile issue.
This fix is not listed in the Knowledge base though so I will not be able to mention it here.
Please contact the McAfee Gold Business support and we will be more than happy to help you with the fix that resolves the roaming profile issue.
This issue was resolved back in December 2011 for everybody across all products.