We have a RDS server running Server 2012 Standard, with approx 40 thin clients that connect to it to run a legacy 32-bit line of business application.
Now, some of the thin clients receive an error when they connect "Remote Desktop disconnected because of a security error. The client cannot to the remote computer. verify you are logged on the network and try connecting again"
The serer also logs "A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10."
History:
The server was deployed around April 1, and the thin clients (all makes and models) have been connecting successfully since then.
When the server was deployed, it did not have a license server activated, nor were RDS cals installed. We were receiving the balloon error message "No Remote Desktop license server is specified..Remote Desktop Services will stop working in xx days if a license server is not specified...." This was expected.
On April 24, we went to the Server Manager->Remote Desktop Services and added the RD Licensing Role to the RDS server itself. We then installed 55 RDS cals via volume license.
Until Apr 27, I don't think any clients disconnected and reconnected. On April 27, when an thin client disconnected and reconnected, they received "Remote Desktop disconnected becuase of a security error. The client cannot to the remote computer. verify you are logged on the network and try connecting again"
Details:
Wyse C10LE WTOS, which uses Winterm O/S, WILL connect
HP T5520CE, which uses WinCE, WILL NOT connect
Wyse X150SE, which uses WinCE, WILL NOT connect
Wyse WT3125SE, which uses WinCE, WILL NOT connect
Windows 7 clients, Windows 8 clients, and a test Windows XP client WILL connect.
We don't use an RD Gateway server.
What we've tried:
On System Properties->Remote Tab, we have un-checked the "Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended)". Problem continues.
At Server Manager\Remote Desktop Services\Collections\[server]\Properties->Tasks->Edit Properties, we set the Security Layer to RDP Security Layer, instead of Negotiate (to try and remove TLS/SSL from the environment) Problem continued.
Now, some of the thin clients receive an error when they connect "Remote Desktop disconnected because of a security error. The client cannot to the remote computer. verify you are logged on the network and try connecting again"
The serer also logs "A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10."
History:
The server was deployed around April 1, and the thin clients (all makes and models) have been connecting successfully since then.
When the server was deployed, it did not have a license server activated, nor were RDS cals installed. We were receiving the balloon error message "No Remote Desktop license server is specified..Remote Desktop Services will stop working in xx days if a license server is not specified...." This was expected.
On April 24, we went to the Server Manager->Remote Desktop Services and added the RD Licensing Role to the RDS server itself. We then installed 55 RDS cals via volume license.
Until Apr 27, I don't think any clients disconnected and reconnected. On April 27, when an thin client disconnected and reconnected, they received "Remote Desktop disconnected becuase of a security error. The client cannot to the remote computer. verify you are logged on the network and try connecting again"
Details:
Wyse C10LE WTOS, which uses Winterm O/S, WILL connect
HP T5520CE, which uses WinCE, WILL NOT connect
Wyse X150SE, which uses WinCE, WILL NOT connect
Wyse WT3125SE, which uses WinCE, WILL NOT connect
Windows 7 clients, Windows 8 clients, and a test Windows XP client WILL connect.
We don't use an RD Gateway server.
What we've tried:
On System Properties->Remote Tab, we have un-checked the "Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended)". Problem continues.
At Server Manager\Remote Desktop Services\Collections\[server]\Properties->Tasks->Edit Properties, we set the Security Layer to RDP Security Layer, instead of Negotiate (to try and remove TLS/SSL from the environment) Problem continued.