Forum Discussion
Login failure from tssdis.exe on RDS server
Hi,
We're in the middle of deploying NTLM blocking on our network, and this is very similar to an issue we encountered with the tssdis service during this process.
Brokers use kerberos correctly when first started, but would randomly switch to NTLM fallback about once a month, after which the service needed restarting.
It turned out that these correlate perfectly with the Connection Broker server *changing it's machine account password in AD*.
We've had some success with a scheduled task triggered off NetLogon event ID 5823 (the machine account password) which restarts the tssdis service.
Hi, i've been struggelling with this issue for months. Can you describe in a liitle more in depth what you are doing to "(re)start" the hanging tssdis service or to prevent it from hanging.
Thank you.
Hi,
Would there be any updates on this issue?
@mjdavison Thomas_001 MJGenesisIn our scenario, the issue was resolved by creating a scheduled task on the connection broker to restart the tssdis service, with a trigger on NETLOGON event ID 5823. (Begin the task: On an Event). This causes the connection broker service to restart whenever the machine account password was changed. We used a delay of one minute on the task so that the password change had been replicated to all DCs in the site prior to restarting the connection broker service.
This has resolved the issues we were having.
