SOLVED

An internal error occurred / can't connect anymore

Copper Contributor

We've been running WVD succesfully for a few months, but since this morning my users cannot login anymore. Not through the desktop and not through the webclient. The desktop client returns 'An internal error occurred' after logging in. The webclient has a cannot connect message (in Dutch). I've traced the connection failure via Powershell to below two errors. It seems my SID has changed somehow, but I cannot understand how:

 

ErrorSource : RDBroker
ErrorOperation : OrchestrateSessionHost
ErrorCode : -2146233088
ErrorCodeSymbolic : ConnectionFailedUserSIDInformationMismatch
ErrorMessage : OrchestrateAsync: SID value in the database is different than the value returned in the orchestration reply from the agent for user ≤PRIVATE≥ with Id PRIVATE. This scenario is not supported - we will not be able to redirect the user session.
ErrorInternal : False
ReportedBy : RDGateway
Time : 28-6-2019 12:42:44

ErrorSource : Client
ErrorOperation : ClientRDPConnect
ErrorCode : 2147965400
ErrorCodeSymbolic :
ErrorMessage : Your computer can't connect to the Remote Desktop Gateway server. Contact your network administrator for assistance.
ErrorInternal : True
ReportedBy : Client
Time : 28-6-2019 12:42:44

 

I've tried removing an RdsAppGroupUser and re adding it, but the same error remains.

 

46 Replies

@Roop_Kiran_Chevuri I sent you identifiable details about my user account and domain in a PM.

 

My setup is as follows On-Prem AD -> Ad Sync -> AAD -> Azure ADDS

I do have password write-back enabled.

I do NOT have multiple On-Prem AD instances.

I do have multiple stand-alone AAD (cloud-only) instances.

VM in question is domain-joined to my Azure ADDS instance and I have no problem authenticating into it with my domain credentials.

 

Thank you for looking into this.

@Roop_Kiran_Chevuri  I hope you look into this in a more general way, as we are many with the same problem... Our setup is exactly the same as @rhythmnewt , so please express your findings here for us all to see.. :)

@rhythmnewt Thanks for sharing this detail. Its very helpful to understand the setup. We have recently introduced a change where we need User SID's from VM and token to match before we allocate a session. There seems to be a case with AADDS where they may not always match. We are currently investigating how do we handle these scenarios. I will keep you posted on progress.

@Mtollex70 : Thanks for letting us know that you have similar setup and yes we will look into it in a general way.


@Mtollex70 wrote:

@Roop_Kiran_Chevuri  I hope you look into this in a more general way, as we are many with the same problem... Our setup is exactly the same as @rhythmnewt , so please express your findings here for us all to see.. :)


 

We have identified a bug when are in this setup. This is now documented here : https://techcommunity.microsoft.com/t5/Windows-Virtual-Desktop/Announcement-Connectivity-issues-from...  . We are actively working to fix this. 

Thanks for the update, I hope the fix comes soon!

@Roop_Kiran_ChevuriGlad to hear there is a fix underway. Can you provide us at least a rough ETA please. We are currently investigating moving some of our systems to WVD but right now our investigations and POCs have had to go on hold because of the broken resource templates and now this.

 

Can you also please comment as to when this service will be covered under full support and SLA if clients such as ourselves are looking to go to market,

 

Thanks in advance

 

Mark