CTX891671 – Graceful Logoff from a Published Application Renders the Session in Active State – Citrix Knowledge Center

Graceful Logoff from a Published Application Renders the Session in Active State

Document ID: CTX891671 / Created On: Jun 19, 2000 / Updated On: Nov 2, 2010

Average Rating: (61 ratings)

View products this document applies to

Symptoms

Graceful logoffs from a published application launched in a seamless, fixed window, or as an RDP Initial Program, might result in the session not closing and the user being logged off. Sessions are able to be reset or exited correctly by manually resetting them, or by terminating remnant user processes in Terminal Services Administration, the Management Console, or Access Suite Console.

Cause

When publishing an application, only the main executable file is specified, however, some applications may spawn additional processes that run in the background and are not closed by the corresponding main executable file. Additional processes may also be created from scripts that are executed or from specific registry keys, such as the RunOnceKey:

HKEY_LOCAL_MACHINESWMicrosoftWindowsCurrentVersionRunOnce

Some processes might create a visible window for added functionality, and others might not.

Because the Explorer.exe Desktop is not running when launching an application in one of these ways, there is no default mechanism in either Presentation Server or Windows to terminate these background processes when a user has exited the main application.

Presentation Server has a hard coded list of what are considered ‘System’ type secondary processes that are checked for and terminated once all user application processes have terminated, these include:
atok1*.exe
clipsrv.exe
conime.exe
csrss.exe
ctfmon.exe
ddhelp.exe
eventlog.exe
iatokik*.exe
iatokqb*.exe
iatqb1*.exe
ibdbsch.exe
imejp98m.exe
imejpmgr.exe
imepadsv.exe
jsvschvw.exe
lmsvcs.exe
lsass.exe
msgsvc.exe
nddeagent.exe
nddeagnt.exe
netdde.exe
netstrs.exe
os2srv.exe
proquota.exe
screg.exe
smss.exe
spoolss.exe
ssonsvr.exe
wfshell.exe
win.com
winlogon.exe
wpabaln.exe
wuauclt.exe

Note: To specify additional processes specific to your environment, see the Resolution section of this article for more information.

Examples of Secondary Processes

CTX123073 – ICA Session Remains Active for Five Minutes when Streaming to Server with the Version 5.2 Offline Plug-in
CTX106747 – Active Session Left After Logging Off the Session When Microsoft Office XP or Microsoft Office 2003 is Installed on Citrix Presentation Server
CTX112370 – Seamless Sessions Take 30 Seconds to Close when the SoftGrid Client is Installed
CTX106951 – Session Stays in Active State After User Logs Off

Cwbprovd.exe is a process initiated by IBM Client Access. If you have IBM Client Access on your system and observe the same behavior as stated above, follow these steps:

1. Verify the sessionID that is having this issue.
2. Before logoff, type the following at a command prompt to manually kill Cwbprovd.exe:
   kill cwbprovd.exe session id
3. Gracefully exit the published application.
4. The Cwbprovd.exe process (among two other processes) is being launched at logon by IBM Client Access (even if you do not run it) through the following registry key:
   HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonUserinit
   Contact IBM for a utility called CWBCFWTS to remove these processes from the registry.
   Note: Servers running IBM’s Client Access Express ARE NOT known to exhibit this behavior.

Proquota.exe is a process initiated by having a Windows 2000 policy, Limit Profile Size, enabled. This may conflict with the Seamgr.exe process. Manually terminating either of these two processes temporarily fixes the problem and allows the session to reset. This issue is resolved by installing Service Pack 2 for MetaFrame 1.8 for Windows 2000.

Sxplog32.exe is a process initiated by the SoftWare Delivery Agent by Computer Associates and can be found in the userinit value of the winlogon registry key. Manually terminating the process temporarily fixes the problem and allows the session to reset.

Etlits.exe and Entell50.exe are processes initiated by Entrust 6.1 and can be found in the userinit value of the winlogon registry key. Manually terminating the process temporarily fixes the problem and allows the session to reset.

Wisptis.exe is a process that runs as a system service that provides pen-data collection for other components of the SDK. When a component needs to interact with the pen (for example, to collect ink or to detect gestures), this executable is spawned as a service to communicate directly with the input device. On a Tablet PC, Wisptis.exe interacts with the digitizer, whereas on a desktop it interacts with the mouse as well. The executable’s name is an acronym that references an outdated internal name for the team that developed it (Windows Ink Services Platform Tablet Input Subsystem). You cannot remove wisptis.exe by renaming or deleting it: Windows File Protection would reinstall the file the next time Adobe Acrobat 6.0 started. In general, the ways in which wisptis.exe can get installed on the system are by installing Journal Viewer using Windows Update or installing Microsoft Office 2003.

Ssonsvr.exe

If a starting program was specified under the Environment tab in User Account Properties and if the ICA pass-through Client had pass through authentication enabled, Ssonsvr.exe was running in the user’s ICA session. When the user exited the application (specified under the Environment tab in User Account Properties), the ICA session could not be logged off; the administrator had to manually stop the Ssonsvr.exe process. The thread that caused the Ssonsvr.exe process to exit when the user logged off from the application was not being started.

Now the thread that causes the Ssonsvr.exe process to exit is started when the user logs off from the application.

From Hotfix XE103W2K030:

Ssoshell.exe,Ssobho.exe,Ssomho.exe

CTX103640 – Password Manager Agent remains active after a graceful logoff

CTX104115 – Password Agent 2.0 on MetaFrame XP Server causes roaming user profiles to not unload.

Resolution

The following registry key is valid on:

• XenApp 6.0
• XenApp 5.0
• Citrix Presentation Server 4.5
• Citrix Presentation Server 4.0
• MetaFrame Presentation Server 3.0
• MetaFrame XP Service Pack 2/Feature Release 2 or later
• MetaFrame 1.8 Service Pack 3 for Windows 2000 or later
• MetaFrame 1.8 for Terminal Server 4.0 with hotfixes ME183W030 and ME183T032 or later.

It is best to first determine if the application in question and its associate
d processes correctly exit on a windows workstation outside of a Terminal Services environment.

If they do not, then it is possible that this mechanism may not work or it may be necessary to contact the application manufacturer.

Add the process file name to the following registry key:

Caution! This fix requires you to edit the registry. Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Citrix cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk. Be sure to back up the registry before you edit it.

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlCitrixwfshellTWI

Value Name:LogoffCheckSysModules
Type:REG_SZ
String:MyAppName.exe

Note 1: Do not place the executable name of the main published application in this key, as this may result in failure to properly launch the published application. If the main executable for the specified published application is not exiting correctly, then there is some other problem.

Note 2: Do not place the executable name of a secondary process that has a visible window in this key. This mechanism is designed to exit secondary processes that do not have a visible window, as it is expected that if an application window is visible, then it is intended for the user to see it, and therefore close it themselves.

The application may not appear to present a visible window or a system tray icon in a seamless session. Run the application in a fixed window, perform the function within the application that spawns the secondary process and minimize the main application window. The spawned window will show in the background. An RDP initial application session configured on the RDP listener will show the same behavior. If a customer uses a logoff script, the logoff script could be used to check for the spawned process and terminate the process. Ideally, the application should close all child process that it spawns.

Note 3: Enter the list of executable names with a comma and NO spaces between them, for example:

App1.exe,app2.exe,app3.exe

This document applies to:

• MetaFrame 1.8
• MetaFrame Presentation Server 3.0 for Microsoft Windows 2000
• MetaFrame Presentation Server 3.0 for Microsoft Windows 2003
• MetaFrame XP 1.0 for Microsoft NT 4.0 Server Terminal Server Edition
• MetaFrame XP 1.0 for Microsoft Windows 2000
• MetaFrame XP 1.0 for Microsoft Windows 2003
• Presentation Server 4.0 for Microsoft Windows 2000
• Presentation Server 4.0 for Microsoft Windows 2003
• Presentation Server 4.0 x64 Edition
• Presentation Server 4.5 for Windows Server 2003
• Presentation Server 4.5 for Windows Server 2003 x64 Edition
• XenApp 5.0 for Windows Server 2003 x64
• XenApp 5.0 for Windows Server 2003 x86
• XenApp 5.0 for Windows Server 2008 x64
• XenApp 5.0 for Windows Server 2008 x86
• XenApp 6.0 for Windows Server 2008 R2

Source: CTX891671 – Graceful Logoff from a Published Application Renders the Session in Active State – Citrix Knowledge Center