Curious if you ever got this resolved. I am wondering if it's due to machines running WHFB (with cloud kerberos) which is causing the connections to close/fail.
Problems to connect Terminal Server - RemoteApp after join a 3rd DC
I have troubles connecting to Terminal Server with RemoteApp.
There are 2 DC (Win2008R2 STD) and 1 TS-RemoteApp Server (Win2019 STD). Clients Win11 Pro. Domain Functional Level Windows 2008 (not 2008R2) – All has being working great for years so far….
I added 1 DC (Win2022 STD) at morning and at evening clients beginning to fail connecting to RemoteApp and RemoteDesktop.
RDP client says password is wrong. Restarting or deleting saved credential hasn’t solved it.
I am suspecting that is something related to SSL or RDP security… but I haven’t changed the settings. In fact, if I shutdown the new DC (Win2022 STD) the trouble is gone.
Here are the logs (Sorry, some are in Spanish)…
At TS-RemoteApp Server (Win2019 STD):
Nombre de registro:Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational
Origen: Microsoft-Windows-RemoteDesktopServices-RdpCoreTS
Fecha: 09/11/2023 16:24:12
Id. del evento:226
Categoría de la tarea:Módulo RemoteFX
Nivel: Advertencia
Palabras clave:
Usuario: Servicio de red
Equipo: my-server
Descripción:
RDP_TCP: error al realizar la transición de StateUnknown en respuesta a Event_Disconnect (código del error 0x80070040).
XML de evento:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-RemoteDesktopServices-RdpCoreTS" Guid="{1139c61b-b549-4251-8ed3-27250a1edec8}" />
<EventID>226</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>4</Task>
<Opcode>19</Opcode>
<Keywords>0x4000000000000000</Keywords>
<TimeCreated SystemTime="2023-11-09T16:24:12.914820800Z" />
<EventRecordID>2274647</EventRecordID>
<Correlation ActivityID="{f420ee1b-2600-427b-9c44-d709f4cc0000}" />
<Execution ProcessID="96" ThreadID="11440" />
<Channel>Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational</Channel>
<Computer> my-server </Computer>
<Security UserID="S-1-5-20" />
</System>
<EventData>
<Data Name="StateTransition">RDP_TCP</Data>
<Data Name="PreviousState">23</Data>
<Data Name="PreviousStateName">StateUnknown</Data>
<Data Name="NewState">21</Data>
<Data Name="NewStateName">StateDisconnected</Data>
<Data Name="Event">43</Data>
<Data Name="EventName">Event_Disconnect</Data>
<Data Name="ErrorCode">0x80070040</Data>
</EventData>
</Event>
Clients Win11 Pro:
Log Name: Microsoft-Windows-RemoteApp and Desktop Connections/Operational
Source: Microsoft-Windows-RemoteApp and Desktop Connections
Date: 09/11/2023 16:24:42
Event ID: 1041
Task Category: Connection
Level: Warning
Keywords:
User: MyDomain\test
Computer: my_computer_client
Description:
Remote application (Acceder a MyRemotaAPP) is launched on RemoteApp and Desktop connection (my TS-RemoteAPP server) but no stored credentials are used for single sign on. (Reason - RemoteApp and Desktop connection does not exist)
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-RemoteApp and Desktop Connections" Guid="{1b8b402d-78dc-46fb-bf71-46e64aedf165}" />
<EventID>1041</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>102</Task>
<Opcode>0</Opcode>
<Keywords>0x2000000000000000</Keywords>
<TimeCreated SystemTime="2023-11-09T15:24:42.8982956Z" />
<EventRecordID>13</EventRecordID>
<Correlation />
<Execution ProcessID="4716" ThreadID="8860" />
<Channel>Microsoft-Windows-RemoteApp and Desktop Connections/Operational</Channel>
<Computer> my_computer_client </Computer>
<Security UserID="My_SID" />
</System>
<UserData>
<EventXML xmlns="Event_NS">
<RemoteAppName>Acceder a MyRemotaAPP </RemoteAppName>
<ConnectionName> my TS-RemoteAPP server </ConnectionName>
<Reason>RemoteApp and Desktop connection does not exist</Reason>
</EventXML>
</UserData>
</Event>
Log Name: Microsoft-Windows-TerminalServices-RDPClient/Operational
Source: Microsoft-Windows-TerminalServices-ClientActiveXCore
Date: 09/11/2023 16:24:49
Event ID: 226
Task Category: RDP State Transition
Level: Warning
Keywords:
User: MyDomain\test
Computer: my_computer_client
Description:
RDPClient_SSL: An error was encountered when transitioning from TsSslStateHandshakeInProgress to TsSslStateDisconnecting in response to TsSslEventHandshakeContinueFailed (error code 0x80004005).
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-TerminalServices-ClientActiveXCore" Guid="{28aa95bb-d444-4719-a36f-40462168127e}" />
<EventID>226</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>104</Task>
<Opcode>19</Opcode>
<Keywords>0x4000000000000000</Keywords>
<TimeCreated SystemTime="2023-11-09T15:24:49.5400668Z" />
<EventRecordID>139</EventRecordID>
<Correlation ActivityID="{2fce8265-90dc-48fc-ad73-4c9f95660000}" />
<Execution ProcessID="10484" ThreadID="1364" />
<Channel>Microsoft-Windows-TerminalServices-RDPClient/Operational</Channel>
<Computer> my_computer_client </Computer>
<Security UserID=" My_SID " />
</System>
<EventData>
<Data Name="StateTransitionName">RDPClient_SSL</Data>
<Data Name="PreviousState">3</Data>
<Data Name="PreviousStateName">TsSslStateHandshakeInProgress</Data>
<Data Name="NewState">10</Data>
<Data Name="NewStateName">TsSslStateDisconnecting</Data>
<Data Name="Event">8</Data>
<Data Name="EventName">TsSslEventHandshakeContinueFailed</Data>
<Data Name="Error Code">2147500037</Data>
</EventData>
</Event>
Error at RemoteAPP client:
On DC’s I haven’t could found any relevant log. Not either googling the logs…
Do you have any clue?
Cheers!