SOLVED
Home

Windows Virtual Desktop - Your computer can't connect to Remote Desktop Gateway server

%3CLINGO-SUB%20id%3D%22lingo-sub-389954%22%20slang%3D%22en-US%22%3EWindows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-389954%22%20slang%3D%22en-US%22%3E%3CP%3EI%20have%20successfully%20deployed%20WVD%20to%20my%20MSDN%20tenant%20following%20the%20steps%201%20and%202%20in%26nbsp%3B%3CFONT%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-gb%2Fazure%2Fvirtual-desktop%2Ftenant-setup-azure-active-directory%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-gb%2Fazure%2Fvirtual-desktop%2Ftenant-setup-azure-active-directory%3C%2FA%3E%3C%2FFONT%3E%20and%26nbsp%3B%3CFONT%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-gb%2Fazure%2Fvirtual-desktop%2Fcreate-host-pools-azure-marketplace%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-gb%2Fazure%2Fvirtual-desktop%2Fcreate-host-pools-azure-marketplace%3C%2FA%3E%20-%20I%20stopped%20during%20Step%202%20at%20the%20optional%20components.%20%26nbsp%3B%20%3C%2FFONT%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CFONT%3EI%20have%20deployed%20a%20Windows%2010%20Multi%20User%20desktop%20and%20when%20I%20login%20with%20the%20user%20that%20I%20gave%20access%20to%20during%20the%20setup%20I%20see%20the%20Icon%20for%20my%20%22Session%20desktop%22%20but%20when%20I%20try%20to%20launch%20I%20get%20the%20following%20error%20message.%26nbsp%3B%20%22Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server.%26nbsp%3B%20Contact%20your%20network%20administrator%20for%20assistance.%22%3C%2FFONT%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-391196%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-391196%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F292853%22%20target%3D%22_blank%22%3E%40ray077%3C%2FA%3E%26nbsp%3BYes%2C%20confirmed%20need%20to%20install%20Azure%20AD%20Connect%20and%20sync%20users%20to%20AAD.%20Add%20that%20user%20with%26nbsp%3BAdd-RdsAppGroupUser%20and%20sign%20in%20with%20that%20user.%20Confirmed%20working.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-390994%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-390994%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F292853%22%20target%3D%22_blank%22%3E%40ray077%3C%2FA%3E%26nbsp%3B%3A%20Yes%2C%20confirming%20that%20the%20issue%20is%20that%20the%20user%20must%20exist%20both%20in%20Azure%20AD%20and%20the%20Windows%20Server%20(on-prem)%20AD%2C%20so%20this%20was%20an%20expected%20error.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-390788%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-390788%22%20slang%3D%22en-US%22%3EThanks%20for%20the%20info%2C%20can%20you%20confirm%20that%20the%20behaviour%20I%20was%20seeing%20with%20an%20Azure%20AD%20only%20account%20(User%20was%20not%20defined%20in%20the%20%22On-Premise%22%20AD%22)%20was%20expected.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-390263%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-390263%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F292853%22%20target%3D%22_blank%22%3E%40ray077%3C%2FA%3E%26nbsp%3B%3A%20Unfortunately%2C%20we%20don't%20have%20that%20true%20%22single%20sign-on%22%20just%20through%20Azure%20AD.%20This%20is%20primarily%20because%20Windows%20logon%20requires%20username%2Fpassword%20or%20smartcard%20still.%20We%20are%20finalizing%20our%20flow%20for%20single%20sign-on%20when%20federating%20your%20Azure%20AD%20to%20ADFS%2C%20so%20you%20would%20only%20ever%20get%20the%20Azure%20AD%20credential%20prompt%20(not%20a%20Windows%20credential%20prompt).%20We%20should%20have%20that%20document%20up%20later%20in%20the%20Preview.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThanks%20for%20all%20your%20testing!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-390141%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-390141%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F309010%22%20target%3D%22_blank%22%3E%40anthonyschneider365%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20think%20I%20may%20have%20worked%20out%20my%20problem%2C%20I%20have%20been%20testing%20with%20a%20user%20account%20I%20setup%20in%20Azure%20AD.%26nbsp%3B%20I%20have%20only%20just%20setup%20the%20tenant%20and%20AD%20domain%20to%20test%20WVD.%26nbsp%3B%20I%20have%20just%20tested%20with%20an%20account%20I%20had%20created%20on%20the%20AD%20Server%20(Still%20in%20Azure%20but%20with%20AD%20Connect%20installed%20to%20sync%20to%20AAD)%20and%20this%20has%20worked%20fine.%26nbsp%3B%20I%20have%20also%20created%20another%20AAD%20account%20and%20tried%20to%20connect%20to%20the%20desktop%20but%20this%20failed%20with%20the%20same%20error.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EInterestingly%20I%20am%20getting%20prompted%20to%20enter%20my%20credentials%20again%20upon%20connection%2C%20not%20sure%20if%20I%20have%20missed%20something%20with%20the%20SSO%20settings%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-390059%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-390059%22%20slang%3D%22en-US%22%3EJust%20run%20the%20log%2C%20I%20think%20this%20is%20the%20entry%20that%20relates%20to%20the%20connection%20failure%2C%20but%20it%20doesn't%20mean%20much%20to%20me%20I%20am%20afraid.%20(I%20have%20changed%20the%20username%20and%20domain%20name%20btw)%3CBR%20%2F%3EActivityId%20%3A%2084bbffaa-7304-4c9e-8905-0d7e7f4a0000%3CBR%20%2F%3EActivityType%20%3A%20Connection%3CBR%20%2F%3EStartTime%20%3A%2028%2F03%2F2019%2011%3A57%3A52%3CBR%20%2F%3EEndTime%20%3A%2028%2F03%2F2019%2011%3A59%3A11%3CBR%20%2F%3EUserName%20%3A%20user%40myworkplace.org.uk%3CBR%20%2F%3ERoleInstances%20%3A%20rdwebclient%3Bmrs-eus2r1c002-rdbroker-prod-staging%3A%3ARD0003FF45DF76%3Bmrs-eus2r1c002-rdgateway-prod-stag%3CBR%20%2F%3Eing%3A%3ARD0003FF45E716%3B%E2%89%A4vmWVDMW-0.myworkplace.org.uk%E2%89%A5%3Bmrs-eus2r1c001-rdbroker-prod%3A%3ARD0004FFA4B301%3CBR%20%2F%3EOutcome%20%3A%20Failure%3CBR%20%2F%3EStatus%20%3A%20Completed%3CBR%20%2F%3EDetails%20%3A%20%7B%5BClientOS%2C%20Win32%20Edge%2018.17763%5D%2C%20%5BClientVersion%2C%201.0.13-wvd%5D%2C%20%5BClientType%2C%20HTML%5D%2C%3CBR%20%2F%3E%5BPredecessorConnectionId%2C%20%5D...%7D%3CBR%20%2F%3ELastHeartbeatTime%20%3A%2028%2F03%2F2019%2012%3A00%3A39%3CBR%20%2F%3ECheckpoints%20%3A%20%7BLoadBalancedNewConnection%2C%20RdpStackDisconnect%7D%3CBR%20%2F%3EErrors%20%3A%20%7BMicrosoft.RDInfra.Diagnostics.Common.DiagnosticsErrorInfo%2C%3CBR%20%2F%3EMicrosoft.RDInfra.Diagnostics.Common.DiagnosticsErrorInfo%7D%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-390040%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-390040%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F292853%22%20target%3D%22_blank%22%3E%40ray077%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOk%20-%20that's%20good.%26nbsp%3B%20Have%20you%20taken%20a%20look%20at%20what's%20being%20reported%20in%20the%20Diagnostic%20Activities%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EGet-RdsDiagnosticActivities%20-TenantName%20%22%2Ctenant.%22%20-Detailed%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fvirtual-desktop%2Fdiagnostics-role-service%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fvirtual-desktop%2Fdiagnostics-role-service%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-390006%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-390006%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F309010%22%20target%3D%22_blank%22%3E%40anthonyschneider365%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EYes%20showing%20as%20Available%20-%20see%20output%20below.%26nbsp%3B%20I%20have%20also%20tested%20from%20another%20laptop%20with%20the%20same%20result.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CFONT%3ESessionHostName%20%3A%20vmWVDMW-0.domainname.org.uk%3CBR%20%2F%3ETenantName%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3A%20MyWorkplace%3CBR%20%2F%3ETenantGroupName%20%3A%20Default%20Tenant%20Group%3CBR%20%2F%3EHostPoolName%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3A%20My%20Workplace%20HP1%3CBR%20%2F%3EAllowNewSession%20%3A%20True%3CBR%20%2F%3ESessions%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3A%200%3CBR%20%2F%3ELastHeartBeat%26nbsp%3B%26nbsp%3B%20%3A%2028%2F03%2F2019%2011%3A52%3A08%3CBR%20%2F%3EAgentVersion%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3A%201.0.1.8%3CBR%20%2F%3EAssignedUser%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3A%3CBR%20%2F%3EStatus%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3A%20Available%3CBR%20%2F%3EStatusTimestamp%20%3A%2028%2F03%2F2019%2011%3A52%3A08%3C%2FFONT%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CFONT%3ECheers%3C%2FFONT%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-389998%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-389998%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F292853%22%20target%3D%22_blank%22%3E%40ray077%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20your%20SessionHost%20marked%20as%20available%3F%26nbsp%3B%20You%20can%20check%20using%20the%20following%20PowerShell%20command%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EGet-RdsSessionHost%20-TenantName%20%22%5Byour_tennat_name%5D%22%20-HostPoolName%20%22%5Byour_hostpool_name%5D%22%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-389978%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-389978%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F309010%22%20target%3D%22_blank%22%3E%40anthonyschneider365%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThat%20is%20good%20to%20know%2C%20but%20no%20I%20have%20do%20not%20have%20a%20proxy%20configured%20I%20am%20connected%20direct%20to%20my%20home%20broadband%20and%20not%20connected%20to%20my%20company%20VPN%20either.%3C%2FP%3E%3CP%3E%3CBR%20%2F%3ECheers%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-389974%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-389974%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F292853%22%20target%3D%22_blank%22%3E%40ray077%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAre%20you%20using%20a%20proxy%20server%3F%26nbsp%3B%20If%20so%2C%20WVD%20doesn't%20yet%20support%20a%20proxy%20configuration.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-412199%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-412199%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F305776%22%20target%3D%22_blank%22%3E%40christianmontoya%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20am%20experiencing%26nbsp%3Bthe%20same%20issue%20and%20the%20users%20are%20sync%20from%20my%20On-premise%20AD%20with%20AD%20connect.%3CBR%20%2F%3EThis%20worked%20initially%20and%20then%20stop%20working%20for%20the%20same%20users%20is%20no%20longer%20working.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAny%20ideas%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-421548%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-421548%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F316753%22%20target%3D%22_blank%22%3E%40hdsit%3C%2FA%3E%20%3A%20Can%20you%20run%20the%20diagnostics%20command%20here%20to%20get%20the%20errors%20for%20the%20connection%3A%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fazure%2Fvirtual-desktop%2Fdiagnostics-role-service%23filter-diagnostic-activities-by-activity-type%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fazure%2Fvirtual-desktop%2Fdiagnostics-role-service%23filter-diagnostic-activities-by-activity-type%3C%2FA%3E%20%3F%20You%20may%20also%20want%20to%20run%20it%20with%20the%26nbsp%3B%3CEM%3E-Detailed%3C%2FEM%3E%20parameter%2C%20then%20you%20can%20see%20the%20Errors%20for%20the%20activity.%20That%20should%20be%20a%20good%20start.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-467703%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-467703%22%20slang%3D%22en-US%22%3E%3CP%3EDid%20you%20guys%20have%20to%20install%20anymore%20options%20in%20powershell%20to%20get%20the%20RdsSessionHost%20command%20to%20work%3F%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F309010%22%20target%3D%22_blank%22%3E%40anthonyschneider365%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-690092%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-690092%22%20slang%3D%22en-US%22%3E%3CP%3EI'm%20now%20seeing%20this%20same%20issue%20with%20a%20test%20account%20I%20created%20in%20Azure%20AD.%20We%20have%20Azure%20AD%20Domain%20Services%20set-up%2C%20and%20I%20am%20able%20to%20log-in%20from%20my%20own%20account.%20One%20of%20our%20employees%20is%20also%20able%20to%20log-in%20fine%2C%20but%20the%20test%20account%20I%20created%20is%20not.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20test%20account%20has%20been%20added%20to%20the%20app%20group%2C%20and%20I'm%20able%20to%20log-in%20with%20that%20test%20user%20to%20the%20%22Remote%20Desktop%22%20application%20for%20Windows.%20But%20every%20time%20I%20try%20to%20connect%2C%20I%20keep%20getting%20the%20%22Your%20computer%20can't%20connect%20to%20the%20Remote%20Desktop%20Gateway%20server%22%20message.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHere's%20the%20detailed%20output%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CPRE%3EActivityId%20%3A%20985a50ab-9cfc-4b24-a4fa-1526673c0000%3CBR%20%2F%3EActivityType%20%3A%20Connection%3CBR%20%2F%3EStartTime%20%3A%206%2F13%2F2019%208%3A32%3A26%20AM%3CBR%20%2F%3EEndTime%20%3A%206%2F13%2F2019%208%3A32%3A39%20AM%3CBR%20%2F%3EUserName%20%3A%20test.user%40REDACTED.com%3CBR%20%2F%3ERoleInstances%20%3A%20GP-WIN10-52325B%3Bmrs-eus2r1c002-rdgateway-prod-staging%3A%3ARD0003FF81D9F2%3Bmrs-eus2r1c001-rdbroker-prod-%3CBR%20%2F%3Estaging%3A%3ARD2818780AFB61%3B%3CINV-VDI-0.CLOUD.REDACTED.COM%3E%3Bmrs-cusr1c002-rdbroker-prod-staging%3A%3ARD0003F%3CBR%20%2F%3EF648FBF%3CBR%20%2F%3EOutcome%20%3A%20Failure%3CBR%20%2F%3EStatus%20%3A%20Completed%3CBR%20%2F%3EDetails%20%3A%20%7B%5BClientOS%2C%20WINDOWS%2010.0.17763%5D%2C%20%5BClientVersion%2C%201.2.155.18898%5D%2C%20%5BClientType%2C%20MSRDC%5D%2C%3CBR%20%2F%3E%5BPredecessorConnectionId%2C%20%5D...%7D%3CBR%20%2F%3ELastHeartbeatTime%20%3A%206%2F13%2F2019%208%3A34%3A10%20AM%3CBR%20%2F%3ECheckpoints%20%3A%20%7BTransportConnected%2C%20RdpStackDisconnect%2C%20RdpStackDisconnect%2C%20LoadBalancedNewConnection%7D%3CBR%20%2F%3EErrors%20%3A%20%7BMicrosoft.RDInfra.Diagnostics.Common.DiagnosticsErrorInfo%2C%3CBR%20%2F%3EMicrosoft.RDInfra.Diagnostics.Common.DiagnosticsErrorInfo%2C%3CBR%20%2F%3EMicrosoft.RDInfra.Diagnostics.Common.DiagnosticsErrorInfo%7D%3C%2FINV-VDI-0.CLOUD.REDACTED.COM%3E%3C%2FPRE%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-795302%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-795302%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F359655%22%20target%3D%22_blank%22%3E%40GuyPaddock%3C%2FA%3E%26nbsp%3BDid%20you%20get%20anywhere%20with%20this%3F%20I%20have%20setup%20a%20host%20pool%20and%20when%20i%20try%20to%20connect%20to%20the%20remote%20desktop%20i%20see%20%22opening%20remote%20port%22%20then%20%22%3CSPAN%3EWe%20couldn't%20connect%20to%20the%20gateway%20because%20of%20an%20error.%20If%20this%20keeps%20happening%2C%20ask%20your%20admin%20or%20tech%20support%20for%20help.%22%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EI%20see%20the%20same%20error%20as%20you%20did%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EActivityId%20%3A%20893b0a57-6f19-4e15-90b4-1950fabb0000%3CBR%20%2F%3EActivityType%20%3A%20Connection%3CBR%20%2F%3EStartTime%20%3A%2008%2F08%2F2019%2014%3A31%3A50%3CBR%20%2F%3EEndTime%20%3A%2008%2F08%2F2019%2014%3A31%3A54%3CBR%20%2F%3ERoleInstances%20%3A%20rdwebclient%3Bmrs-eus2r1c002-rdgateway-prod-staging%3A%3ARD0003FF459018%3Bmrs-eus2r1c002-rdbroker-prod-staging%3A%3ARD0003FF45E902%3B%E2%89%A4dtwvd-0.DTWVD.local%E2%89%A5%3CBR%20%2F%3EOutcome%20%3A%20Failure%3CBR%20%2F%3EStatus%20%3A%20Completed%3CBR%20%2F%3EDetails%20%3A%20%7B%5BClientOS%2C%20Win32%20Chrome%2075.0.3770.142%5D%2C%20%5BClientVersion%2C%201.0.18.5%5D%2C%20%5BClientType%2C%20HTML%5D%2C%20%5BPredecessorConnectionId%2C%20%5D...%7D%3CBR%20%2F%3ELastHeartbeatTime%20%3A%2008%2F08%2F2019%2014%3A31%3A55%3CBR%20%2F%3ECheckpoints%20%3A%20%7BLoadBalancedNewConnection%2C%20TransportConnecting%2C%20TransportConnected%7D%3CBR%20%2F%3EErrors%20%3A%20%7BMicrosoft.RDInfra.Diagnostics.Common.DiagnosticsErrorInfo%7D%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-795411%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-795411%22%20slang%3D%22en-US%22%3ESame%20here.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-795427%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-795427%22%20slang%3D%22en-US%22%3EYes%3B%20apologies%20for%20not%20updating%20with%20a%20follow-up.%20It%20turned%20out%20that%20we%20had%20a%20role%20that%20only%20users%20in%20our%20%22employees%22%20group%20sync%20with%20AADDS.%20The%20test%20account%20wasn't%20in%20that%20group%20so%20they%20couldn't%20authenticate%20with%20the%20machine%20even%20though%20I%20had%20granted%20the%20account%20access%20to%20Azure%20VDI.%20I%20added%20the%20user%20to%20the%20employees%20group%2C%20changed%20the%20account%20password%2C%20waited%20about%205%20mins%20to%20ensure%20the%20account%20synced%2C%20and%20got%20in.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-795431%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-795431%22%20slang%3D%22en-US%22%3EThanks%20for%20getting%20back%20so%20quick%2C%20ill%20take%20a%20look%20into%20this%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-795439%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-795439%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F359655%22%20target%3D%22_blank%22%3E%40GuyPaddock%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHere's%20a%20curious%20thing%20about%20that.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI'm%20a%20Global%20Admin%20and%20Owner%20of%20the%20subscription.%20I%20was%20able%20to%20access%20the%20first%20VM%20via%20the%20web%20and%20new%20RDP%20client%20subscription.%20The%20subsequent%204%20VMs%20cannot%20be%20accessed%20by%20me%20and%20the%20last%202%20do%20not%20show%20up%20when%20I%20run%20the%20Get-RDSSessionHost%20command.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIf%20I%20use%20the%20old%20traditional%20RDP%20client%20I%20can%20access%20the%20VMs.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-795444%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-795444%22%20slang%3D%22en-US%22%3E%3CP%3EI%20got%20everything%20working%20for%20us%20a%20few%20weeks%20back%20I%20setup%20as%20much%20as%20I%20could%20in%20advance%20in%20Powershell%20and%20made%20sure%20AZ%20domain%20services%20was%20running%20well%20and%20everything%20now%20works%20as%20intended.%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F359655%22%20target%3D%22_blank%22%3E%40GuyPaddock%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-795462%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-795462%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F322816%22%20target%3D%22_blank%22%3E%40tommy_barnes%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOkay%2C%20we%20don't%20have%20AZ%20Domain%20Services%20configured.%20I%20noticed%20that%20the%20last%204%20VMs%20I%20created%20don't%20show%20up%20in%20Azure%20AD%20under%20devices.%20I%20was%20talking%20to%20my%20lead%20Sys%20Admin%20about%20setting%20up%20AZ%20Domain%20Services%20and%20he%20said%20it's%20not%20needed%20because%20we%20have%20that%20role%20enabled%20on%20the%20DCs%20that%20are%20hosted%20in%20Azure.%20I%20think%20we%20do%20need%20to%20have%20that%20configured.%26nbsp%3B%3C%2FP%3E%3CP%3EWhat%20are%20your%20thoughts%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-860764%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-860764%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F389265%22%20target%3D%22_blank%22%3E%40whitelines%3C%2FA%3E%26nbsp%3BI%20have%20the%20same%20issue.%20A%20user%20account%20source%20from%20on-premises%20AD%20synchronised%20to%20Azure%20AD%20can%20not%20connect.%20The%20account%20can%20login%20to%20the%20VM%20locally.%20But%20if%20we%20try%20via%20the%20Web%20Client%20the%20%22Open%20connection%22%20fails.%20This%20is%20a%20sample%20error%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CPRE%20class%3D%22lia-code-sample%20language-markup%22%3E%3CCODE%3EPS%20C%3A%5CUsers%5Cjoakim.westin%26gt%3B%20Get-RdsDiagnosticActivities%20-ActivityId%20221789b4-3a84-4384-a25d-7040583f0000%0A%0A%0AActivityId%20%20%20%20%20%20%20%20%3A%20221789b4-3a84-4384-a25d-7040583f0000%0AActivityType%20%20%20%20%20%20%3A%20Connection%0AStartTime%20%20%20%20%20%20%20%20%20%3A%202019-09-18%2009%3A24%3A17%0AEndTime%20%20%20%20%20%20%20%20%20%20%20%3A%202019-09-18%2009%3A24%3A23%0AUserName%20%20%20%20%20%20%20%20%20%20%3A%20joakim.westin%40x5music.com%0ARoleInstances%20%20%20%20%20%3A%20rdwebclient%3Bmrs-eus2r1c002-rdgateway-prod%3A%3ARD0003FFF895CE%3Bmrs-eus2r1c002-rdbroker-prod%3A%3ARD0003FF45DB51%3B%E2%89%A4xsh-0.x5music.com%E2%89%A5%0AOutcome%20%20%20%20%20%20%20%20%20%20%20%3A%20Failure%0AStatus%20%20%20%20%20%20%20%20%20%20%20%20%3A%20Completed%0ADetails%20%20%20%20%20%20%20%20%20%20%20%3A%0ALastHeartbeatTime%20%3A%202019-09-18%2009%3A25%3A54%0ACheckpoints%20%20%20%20%20%20%20%3A%0AErrors%20%20%20%20%20%20%20%20%20%20%20%20%3A%3C%2FCODE%3E%3C%2FPRE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ewhat%20I%20see%20in%20the%20detailed%20logs%20is%20that%20the%20users%20SID%20is%20not%20the%20same%20as%20expected.%26nbsp%3B%3C%2FP%3E%3CPRE%20class%3D%22lia-code-sample%20language-markup%22%3E%3CCODE%3EPS%20C%3A%5CUsers%5Cjoakim.westin%26gt%3B%20(Get-RdsDiagnosticActivities%20-ActivityId%20221789b4-3a84-4384-a25d-7040583f0000%20-Detailed).Errors%0A%0A%0AErrorSource%20%20%20%20%20%20%20%3A%20RDBroker%0AErrorOperation%20%20%20%20%3A%20OrchestrateSessionHost%0AErrorCode%20%20%20%20%20%20%20%20%20%3A%20-2146233088%0AErrorCodeSymbolic%20%3A%20ConnectionFailedUserSIDInformationMismatch%0AErrorMessage%20%20%20%20%20%20%3A%20User%20joakim.westin%40x5music.com%3A%20SID%20information%20in%20the%20database%20'S-1-5-21-266129286-189420813-3044514089-5660'%20does%20not%20match%20S%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20ID%20information%20returned%20by%20agent%20'S-1-5-21-1829173068-3133025792-290102247-1262'%20in%20the%20orchestration%20reply..%20This%20scenario%20is%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20not%20supported%20-%20we%20will%20not%20be%20able%20to%20redirect%20the%20user%20session.%0AErrorInternal%20%20%20%20%20%3A%20False%0AReportedBy%20%20%20%20%20%20%20%20%3A%20RDGateway%0ATime%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3A%202019-09-18%2009%3A24%3A22%3C%2FCODE%3E%3C%2FPRE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESo%20the%20question%20then%20becomes%3A%20What%20could%20be%20causing%20this%3F%20We%20have%20a%20local%20AD%20that%20is%20synchronizing%20to%20Azure%20AD.%20And%20we%20also%20have%20Azure%20AD%20Domain%20Services....%20Anyone%20have%20any%20ideas%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-994328%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-994328%22%20slang%3D%22en-US%22%3E%3CP%3Ehi%2C%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F292853%22%20target%3D%22_blank%22%3E%40ray077%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3BYou%20mentioned%20that%20WVD%20is%20not%20supported%20Proxy%20configurations%20yet.%3C%2FP%3E%3CP%3EDo%20you%20have%20any%20information%20about%20now%3F%20Is%20there%20any%20improvement%20%3F%3C%2FP%3E%3CP%3EI%20have%20a%20customer%20who%20are%20going%20to%26nbsp%3B%20start%20WVD%20PoC%20next%20month.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1012508%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1012508%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F193358%22%20target%3D%22_blank%22%3E%40Joakim%20Westin%3C%2FA%3E%26nbsp%3BI%20spent%20some%20time%20on%20this%20a%20couple%20weeks%20ago%20and%20wrote%20a%20blog%20post%20about%20it.%26nbsp%3B%20Basically%2C%20per%20MS%20documentation%2C%20only%20Azure%20AD%20sourced%20users%20are%20supported%20if%20the%20Session%20Host%20is%20Azure%20AD%20Domain%20Services%20joined.%26nbsp%3B%20If%20users%20are%20sourced%20from%20Windows%20AD%2C%20the%20Session%20Host%20must%20be%20Windows%20AD%20joined.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fwww.ciraltos.com%2Fwindows-virtual-server-and-active-directory-requirements-and-azure-files-while-im-at-it%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.ciraltos.com%2Fwindows-virtual-server-and-active-directory-requirements-and-azure-files-while-im-at-it%2F%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1012512%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1012512%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F78468%22%20target%3D%22_blank%22%3E%40Travis%20Roberts%3C%2FA%3E%26nbsp%3B%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F193358%22%20target%3D%22_blank%22%3E%40Joakim%20Westin%3C%2FA%3E%26nbsp%3B%3A%20As%20an%20update%2C%20we%20now%20support%20Azure%20AD%20Domain%20Services%20with%20users%20sourced%20from%20either%26nbsp%3B%3CSTRONG%3EWindows%20Server%20AD%3C%2FSTRONG%3E%20(hybrid)%20or%26nbsp%3B%3CSTRONG%3EAzure%20Active%20Directory%3C%2FSTRONG%3E%26nbsp%3B(cloud).%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1012519%22%20slang%3D%22en-US%22%3ERe%3A%20Windows%20Virtual%20Desktop%20-%20Your%20computer%20can't%20connect%20to%20Remote%20Desktop%20Gateway%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1012519%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F305776%22%20target%3D%22_blank%22%3E%40christianmontoya%3C%2FA%3E%26nbsp%3BThat's%20great%20news.%26nbsp%3B%20It%20also%20means%20I%20need%20to%20make%20some%20updates.%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
ray077
Occasional Contributor

I have successfully deployed WVD to my MSDN tenant following the steps 1 and 2 in https://docs.microsoft.com/en-gb/azure/virtual-desktop/tenant-setup-azure-active-directory and https://docs.microsoft.com/en-gb/azure/virtual-desktop/create-host-pools-azure-marketplace - I stopped during Step 2 at the optional components.  

 

I have deployed a Windows 10 Multi User desktop and when I login with the user that I gave access to during the setup I see the Icon for my "Session desktop" but when I try to launch I get the following error message.  "Your computer can't connect to Remote Desktop Gateway server.  Contact your network administrator for assistance."

27 Replies

@ray077 

 

Are you using a proxy server?  If so, WVD doesn't yet support a proxy configuration.

Hi @anthonyschneider365 

 

That is good to know, but no I have do not have a proxy configured I am connected direct to my home broadband and not connected to my company VPN either.


Cheers

@ray077 

 

Is your SessionHost marked as available?  You can check using the following PowerShell command:

 

Get-RdsSessionHost -TenantName "[your_tennat_name]" -HostPoolName "[your_hostpool_name]"

Hi @anthonyschneider365 

 

Yes showing as Available - see output below.  I have also tested from another laptop with the same result.

 

SessionHostName : vmWVDMW-0.domainname.org.uk
TenantName      : MyWorkplace
TenantGroupName : Default Tenant Group
HostPoolName    : My Workplace HP1
AllowNewSession : True
Sessions        : 0
LastHeartBeat   : 28/03/2019 11:52:08
AgentVersion    : 1.0.1.8
AssignedUser    :
Status          : Available
StatusTimestamp : 28/03/2019 11:52:08

 

Cheers

@ray077 

 

Ok - that's good.  Have you taken a look at what's being reported in the Diagnostic Activities?

 

Get-RdsDiagnosticActivities -TenantName ",tenant." -Detailed

 

https://docs.microsoft.com/en-us/azure/virtual-desktop/diagnostics-role-service

Just run the log, I think this is the entry that relates to the connection failure, but it doesn't mean much to me I am afraid. (I have changed the username and domain name btw)
ActivityId : 84bbffaa-7304-4c9e-8905-0d7e7f4a0000
ActivityType : Connection
StartTime : 28/03/2019 11:57:52
EndTime : 28/03/2019 11:59:11
UserName : user@myworkplace.org.uk
RoleInstances : rdwebclient;mrs-eus2r1c002-rdbroker-prod-staging::RD0003FF45DF76;mrs-eus2r1c002-rdgateway-prod-stag
ing::RD0003FF45E716;≤vmWVDMW-0.myworkplace.org.uk≥;mrs-eus2r1c001-rdbroker-prod::RD0004FFA4B301
Outcome : Failure
Status : Completed
Details : {[ClientOS, Win32 Edge 18.17763], [ClientVersion, 1.0.13-wvd], [ClientType, HTML],
[PredecessorConnectionId, ]...}
LastHeartbeatTime : 28/03/2019 12:00:39
Checkpoints : {LoadBalancedNewConnection, RdpStackDisconnect}
Errors : {Microsoft.RDInfra.Diagnostics.Common.DiagnosticsErrorInfo,
Microsoft.RDInfra.Diagnostics.Common.DiagnosticsErrorInfo}
Solution

@anthonyschneider365 

I think I may have worked out my problem, I have been testing with a user account I setup in Azure AD.  I have only just setup the tenant and AD domain to test WVD.  I have just tested with an account I had created on the AD Server (Still in Azure but with AD Connect installed to sync to AAD) and this has worked fine.  I have also created another AAD account and tried to connect to the desktop but this failed with the same error.

 

Interestingly I am getting prompted to enter my credentials again upon connection, not sure if I have missed something with the SSO settings?

@ray077 : Unfortunately, we don't have that true "single sign-on" just through Azure AD. This is primarily because Windows logon requires username/password or smartcard still. We are finalizing our flow for single sign-on when federating your Azure AD to ADFS, so you would only ever get the Azure AD credential prompt (not a Windows credential prompt). We should have that document up later in the Preview.

 

Thanks for all your testing!

Thanks for the info, can you confirm that the behaviour I was seeing with an Azure AD only account (User was not defined in the "On-Premise" AD") was expected.

@ray077 : Yes, confirming that the issue is that the user must exist both in Azure AD and the Windows Server (on-prem) AD, so this was an expected error.

@ray077 Yes, confirmed need to install Azure AD Connect and sync users to AAD. Add that user with Add-RdsAppGroupUser and sign in with that user. Confirmed working.

@christianmontoya 

 

I am experiencing the same issue and the users are sync from my On-premise AD with AD connect.
This worked initially and then stop working for the same users is no longer working.

 

Any ideas?

@hdsit : Can you run the diagnostics command here to get the errors for the connection: https://docs.microsoft.com/azure/virtual-desktop/diagnostics-role-service#filter-diagnostic-activiti... ? You may also want to run it with the -Detailed parameter, then you can see the Errors for the activity. That should be a good start.

Did you guys have to install anymore options in powershell to get the RdsSessionHost command to work? @anthonyschneider365 

I'm now seeing this same issue with a test account I created in Azure AD. We have Azure AD Domain Services set-up, and I am able to log-in from my own account. One of our employees is also able to log-in fine, but the test account I created is not.

 

The test account has been added to the app group, and I'm able to log-in with that test user to the "Remote Desktop" application for Windows. But every time I try to connect, I keep getting the "Your computer can't connect to the Remote Desktop Gateway server" message. 

 

Here's the detailed output:

 

ActivityId : 985a50ab-9cfc-4b24-a4fa-1526673c0000
ActivityType : Connection
StartTime : 6/13/2019 8:32:26 AM
EndTime : 6/13/2019 8:32:39 AM
UserName : test.user@REDACTED.com
RoleInstances : GP-WIN10-52325B;mrs-eus2r1c002-rdgateway-prod-staging::RD0003FF81D9F2;mrs-eus2r1c001-rdbroker-prod-
staging::RD2818780AFB61;<inv-vdi-0.cloud.REDACTED.com>;mrs-cusr1c002-rdbroker-prod-staging::RD0003F
F648FBF
Outcome : Failure
Status : Completed
Details : {[ClientOS, WINDOWS 10.0.17763], [ClientVersion, 1.2.155.18898], [ClientType, MSRDC],
[PredecessorConnectionId, ]...}
LastHeartbeatTime : 6/13/2019 8:34:10 AM
Checkpoints : {TransportConnected, RdpStackDisconnect, RdpStackDisconnect, LoadBalancedNewConnection}
Errors : {Microsoft.RDInfra.Diagnostics.Common.DiagnosticsErrorInfo,
Microsoft.RDInfra.Diagnostics.Common.DiagnosticsErrorInfo,
Microsoft.RDInfra.Diagnostics.Common.DiagnosticsErrorInfo}

@GuyPaddock Did you get anywhere with this? I have setup a host pool and when i try to connect to the remote desktop i see "opening remote port" then "We couldn't connect to the gateway because of an error. If this keeps happening, ask your admin or tech support for help."

 

I see the same error as you did

 

ActivityId : 893b0a57-6f19-4e15-90b4-1950fabb0000
ActivityType : Connection
StartTime : 08/08/2019 14:31:50
EndTime : 08/08/2019 14:31:54
RoleInstances : rdwebclient;mrs-eus2r1c002-rdgateway-prod-staging::RD0003FF459018;mrs-eus2r1c002-rdbroker-prod-staging::RD0003FF45E902;≤dtwvd-0.DTWVD.local≥
Outcome : Failure
Status : Completed
Details : {[ClientOS, Win32 Chrome 75.0.3770.142], [ClientVersion, 1.0.18.5], [ClientType, HTML], [PredecessorConnectionId, ]...}
LastHeartbeatTime : 08/08/2019 14:31:55
Checkpoints : {LoadBalancedNewConnection, TransportConnecting, TransportConnected}
Errors : {Microsoft.RDInfra.Diagnostics.Common.DiagnosticsErrorInfo}

 

Yes; apologies for not updating with a follow-up. It turned out that we had a role that only users in our "employees" group sync with AADDS. The test account wasn't in that group so they couldn't authenticate with the machine even though I had granted the account access to Azure VDI. I added the user to the employees group, changed the account password, waited about 5 mins to ensure the account synced, and got in.
Thanks for getting back so quick, ill take a look into this

@GuyPaddock 

 

Here's a curious thing about that.

 

I'm a Global Admin and Owner of the subscription. I was able to access the first VM via the web and new RDP client subscription. The subsequent 4 VMs cannot be accessed by me and the last 2 do not show up when I run the Get-RDSSessionHost command.

 

If I use the old traditional RDP client I can access the VMs.

I got everything working for us a few weeks back I setup as much as I could in advance in Powershell and made sure AZ domain services was running well and everything now works as intended. @GuyPaddock 

@tommy_barnes 

 

Okay, we don't have AZ Domain Services configured. I noticed that the last 4 VMs I created don't show up in Azure AD under devices. I was talking to my lead Sys Admin about setting up AZ Domain Services and he said it's not needed because we have that role enabled on the DCs that are hosted in Azure. I think we do need to have that configured. 

What are your thoughts?

 

@whitelines I have the same issue. A user account source from on-premises AD synchronised to Azure AD can not connect. The account can login to the VM locally. But if we try via the Web Client the "Open connection" fails. This is a sample error:

 

 

PS C:\Users\joakim.westin> Get-RdsDiagnosticActivities -ActivityId 221789b4-3a84-4384-a25d-7040583f0000


ActivityId        : 221789b4-3a84-4384-a25d-7040583f0000
ActivityType      : Connection
StartTime         : 2019-09-18 09:24:17
EndTime           : 2019-09-18 09:24:23
UserName          : joakim.westin@x5music.com
RoleInstances     : rdwebclient;mrs-eus2r1c002-rdgateway-prod::RD0003FFF895CE;mrs-eus2r1c002-rdbroker-prod::RD0003FF45DB51;≤xsh-0.x5music.com≥
Outcome           : Failure
Status            : Completed
Details           :
LastHeartbeatTime : 2019-09-18 09:25:54
Checkpoints       :
Errors            :

 

 

what I see in the detailed logs is that the users SID is not the same as expected. 

PS C:\Users\joakim.westin> (Get-RdsDiagnosticActivities -ActivityId 221789b4-3a84-4384-a25d-7040583f0000 -Detailed).Errors


ErrorSource       : RDBroker
ErrorOperation    : OrchestrateSessionHost
ErrorCode         : -2146233088
ErrorCodeSymbolic : ConnectionFailedUserSIDInformationMismatch
ErrorMessage      : User joakim.westin@x5music.com: SID information in the database 'S-1-5-21-266129286-189420813-3044514089-5660' does not match S
                    ID information returned by agent 'S-1-5-21-1829173068-3133025792-290102247-1262' in the orchestration reply.. This scenario is
                    not supported - we will not be able to redirect the user session.
ErrorInternal     : False
ReportedBy        : RDGateway
Time              : 2019-09-18 09:24:22

 

So the question then becomes: What could be causing this? We have a local AD that is synchronizing to Azure AD. And we also have Azure AD Domain Services.... Anyone have any ideas?

 

hi, @ray077

 

 You mentioned that WVD is not supported Proxy configurations yet.

Do you have any information about now? Is there any improvement ?

I have a customer who are going to  start WVD PoC next month.

 

 

@Joakim Westin I spent some time on this a couple weeks ago and wrote a blog post about it.  Basically, per MS documentation, only Azure AD sourced users are supported if the Session Host is Azure AD Domain Services joined.  If users are sourced from Windows AD, the Session Host must be Windows AD joined.

 

https://www.ciraltos.com/windows-virtual-server-and-active-directory-requirements-and-azure-files-wh...

@Travis Roberts  @Joakim Westin : As an update, we now support Azure AD Domain Services with users sourced from either Windows Server AD (hybrid) or Azure Active Directory (cloud).

@christianmontoya That's great news.  It also means I need to make some updates.  

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
35 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
29 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
9 Replies