I was working on a Citrix Presentation server 4.5 server recently and after a blue screen and a reboot users were unable to connect to the server for published apps anymore. Resource manager showed the server had maximum load.
Event viewer show errors on 4 files:
Event log error was CitrixHealthMon event id 4004
The file C:\Program Files\Citrix\HealthMon\Tests\Citrix\RequestTicket.exe does not have the correct permissions. In SDDL, the expected ACL was O:BAD:AI(A;ID;0x1200a9;;;LS)(A;ID;FA;;;BA). The actual ACL was O:BAD:PAI(A;;FA;;;LS)(A;;FR;;;NS)(A;;FA;;;BA). For reference, the files placed in the test folder should have inheritable permissions turned on which will result in the file have full control access for the Administrators group, Read and Execute access for the Local Service user account, and the owner will be the Administrators group.
I checked the permissions on the file in question and they were completely correct.
However after some searching and experimenting I found a solution
Open a command prompt and navigate to
Run these commands
icacls citrix /remove “NT AUTHORITY\LOCAL SERVICE”
icacls citrix /remove “BUILTIN\Administrators”
cacls citrix /G “NT AUTHORITY\LOCAL SERVICE”:R (answer Y to prompt)
cacls citrix /E /G “BUILTIN\Administrators”:F
After this restart the Citrix Health Monitoring and Recovery and check the eventlog. The problem should now be resolved.