When the Citrix User Profile Manager service is running on the server, if the users do not have a local profile on the machine or a roaming profile in the domain, the following error message is displayed when browsing the local drives.

“explorer.exe
windows cannot access the specified device, path or file . You may not have the appropriate permissions to access this item”

In addition,

• An Access denied error message appears when running gpresult /r for logged in user.

• Access denied error message appears when browsing local drives.

• The Network adapter is shown as not connect.

• It seems that the user environment was just partially loaded.

• If you stop the UPM service on the XenDesktop virtual machine, you do not get the error message.

• If users have a local or roaming profile, there is no issue and UPM performs as expected.

• If users do not have a local or roaming profile and the UPM service is stopped, then they do not experience any errors.

• If users do not have a roaming or local profile and the UPM service is RUNNING, they get an error.

• Doing a procmon trace reveals that this is a permissions issue with HKCU\Software\Classes (or HKU\SID_Classes) where users do not have rights to their own hive.

• This hive is copied from the default user profile, specifically the usrclass.dat file that resides in C:\Users\Default\Appdata\local\microsoft\windows directory.

You can resolve this issue by deleting usrclass.dat from the Default user profile.

When this is deleted, the profile manager works without any issue, as mentioned in the following list:

• User does not have local or roaming profile and UPM service running. Roaming profile created user does not experience any errors.

• User has a local profile, UPM service running, local moves to UPM Roaming and user does not experience any errors.

• User has a roaming profile, UPM service running, roaming is converted to UPM Roaming, and user does not experience any errors.

CTX124954 - Some Settings Are Not Retained with Citrix Profile Manager