RDS 2012 R2 some users are not able to logon after changed date and time on Connection Brokers


Due to a malconfigured NTP server of ntp.org, the date and time on all our servers and client was set to the date of tomorrow (1/1/2017 instead of 31/12/2016). We've manually changed the date back to the date of today on our Primary Domain Controller (PDC) and executed

w32mt /resync

in an elevated command prompt on all servers/clients. This caused the time to be displayed correctly again on all servers and clients.

Nevertheless, some users are reporting they can't logon to the Remote Desktop environment anymore. We're using 4 different RD Session Hosts but the problem is host independent. It doesn't make any difference if we're trying to connect externally through RD Gateway or internally, bypassing the RD Gateway and connecting directly to the RD Connection Brokers. Users receive the following error message:

Remote Desktop Connection could not find the destination computer. This can happen if the computer name is incorrect or the computer is not yet registered with Session Broker. Try connection again, or contact your network administrator.

On the Connection Brokers we're seeing the following event:

RD Connection Broker failed to process the connection request for user DOMAIN\username. Failed while checking for disconnected session. Error: Error code: 0xFFFFFFFF.

- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> - <System> <Provider Name="Microsoft-Windows-TerminalServices-SessionBroker" Guid={D1737620-6A25-4BEF-B07B-AAC3DF44EFC9}" /> <EventID>802</EventID> <Version>0</Version> <Level>2</Level> <Task>101</Task> <Opcode>11</Opcode> <Keywords>0x4000000000000000</Keywords> <TimeCreated SystemTime="2017-01-02T11:59:38.488422000Z" /> <EventRecordID>286</EventRecordID> <Correlation ActivityID="{F4204BB7-83C9-41CE-8A70-1014F5E60000}" /> <Execution ProcessID="2760" ThreadID="924" /> <Channel>Microsoft-Windows-TerminalServices-SessionBroker/Admin</Channel> <Computer>SRVBIO007.bio-racer.local</Computer> <Security UserID="S-1-5-20" /> </System> - <UserData> - <EventXML xmlns="Event_NS"> <param1>DOMAIN\username</param1> <param2>Error code: 0xFFFFFFFF.</param2> <param3>7</param3> </EventXML> </UserData> </Event>

When we check the Connection view which can be found in Server Manager > Remote Desktop Services > Collections > My Collection we're not seeing any disconnected sessions for the users reporting the problem.


1 Answer


I've used Microsoft SQL Server Management Studio to logon to the database hosting the High Availability settings of the Connection Brokers. The location of this database can be found using the Get-RDConnectionBrokerHighAvailability Powershell cmdlet (do not forget to provide the FQDN of a Connection Broker as a parameter).

Then I saw there were 3 records in the rds.UserConnection table which had a wrong LatestTimeStamp value (and we had 3 users complaining they couldn't logon). Just in case, I've created a backup of the table using BCP (BULK COPY PROGRAM) before I dropped it using the following query. After dropping the records, users we're able to succesfully connect again to the RDS farm.

USE your_database_name_here;
DELETE FROM [rds].[UserConnection];
answered on Server Fault Jan 2, 2017 by Jonathan Kortleven • edited Jul 30, 2018 by Jonathan Kortleven

User contributions licensed under CC BY-SA 3.0