SOLVED

not able to connect to WVD from win64 client (latest)

Copper Contributor

Hi everyone

Just finished my first WVD test-deployment based on ADDS. Everything is running fine except connections from windows x64 based devices. HTML5 web client and IOS Remote Desktop App work without issues. Installed Client version 1.2.1026.0 using URL https://rdweb.wvd.microsoft.com/api/arm/feeddiscovery.

Login is accepted and Workspace is visible. But when I try to connect to a published SessionDesktop the connection fails with a generic "Remote Desktop can't connect to the remote computer for one of these reasons..." (Error code 0x204).

I have and showcase tomorrow with the customer - any hints? Thanks!

10 Replies

@benjaminfrei Hi, it maybe a firewall/antivirus issue??? Try temporarily disabling your windows firewall or any antivirus/malware software you have on the windows device.

 

Also do you have another windows device you can test from??

@Neil McLoughlin Good morning! I tested the connection on three different devices and also disabled security modules like webfilter. all of them have managed bitdefender installer. I will do another test with disabled/uninstalled bitdefender and let you know. So my interpretation is correct that no pinholes on the azure side is required because all the traffic flows between the client - the azure frontdoor and then internally to the vm's via 443/tcp?

@Neil McLoughlin question: my ADDS setup (cloud only tennant, no on-prem AD) was build with the same top-leveld-domain as the public tenant has (split brain dns). In my understanding this should not be a problem, also when using azure connected enddevices. do you agree or could that be an issue? (nameresolution fails)

@benjaminfrei If it was a name resolution problem the web client and the IOS would fail also. Has to be something local on the windows device which is blocking the connection

@Neil McLoughlin Strange thing! Tested on two other clients joined to a (separate) On-Premise AD (previous tests were all conducted on Azure-joined Clients). Same security features in place (Webfilter and Bitdefender AV) and it works! So must be kind of name resolution issue but I^m a little bit confused because according the flow diagrams name resolution also for the target VM (session host) is done azure internally?

@benjaminfrei Here is how it works - http://xenithit.blogspot.com/2020/05/active-directory-topologies-support-for.html  Make sure your Azure VMs have connectivity to your Domain controllers

 

" The WVD agent asks the Domain Controller to do a reverse lookup on the users on-prem SID. If this matches then the user object is added to the local Remote Desktop Users group and access is granted onto the Session Host."

@Neil McLoughlin It seems that the issue occurs on azure-joined machines only.  AD or WORKGROUP machines are not affected. I setup another tenant using AzureAD domain equal ADDS Domain. Same issues also when trying to connect on a machine connected to tenant A but using a Remote Desktop connection to tenant B! Can someone clarify this?

@Neil McLoughlin Azure VMS have full connectivity to the DC (ADDS based). The problem seems to be more like name resolution based. Not the credentials are the problem! Anyone else any idea? Very appreciated!

best response confirmed by benjaminfrei (Copper Contributor)

is this issue resolved? I have the same issue now@Neil McLoughlin 

1 best response

Accepted Solutions
best response confirmed by benjaminfrei (Copper Contributor)