SOLVED

An internal error occurred / can't connect anymore

Copper Contributor

We've been running WVD succesfully for a few months, but since this morning my users cannot login anymore. Not through the desktop and not through the webclient. The desktop client returns 'An internal error occurred' after logging in. The webclient has a cannot connect message (in Dutch). I've traced the connection failure via Powershell to below two errors. It seems my SID has changed somehow, but I cannot understand how:

 

ErrorSource : RDBroker
ErrorOperation : OrchestrateSessionHost
ErrorCode : -2146233088
ErrorCodeSymbolic : ConnectionFailedUserSIDInformationMismatch
ErrorMessage : OrchestrateAsync: SID value in the database is different than the value returned in the orchestration reply from the agent for user ≤PRIVATE≥ with Id PRIVATE. This scenario is not supported - we will not be able to redirect the user session.
ErrorInternal : False
ReportedBy : RDGateway
Time : 28-6-2019 12:42:44

ErrorSource : Client
ErrorOperation : ClientRDPConnect
ErrorCode : 2147965400
ErrorCodeSymbolic :
ErrorMessage : Your computer can't connect to the Remote Desktop Gateway server. Contact your network administrator for assistance.
ErrorInternal : True
ReportedBy : Client
Time : 28-6-2019 12:42:44

 

I've tried removing an RdsAppGroupUser and re adding it, but the same error remains.

 

46 Replies

@gdglee We've exactly this same issue, we tried to open a case, but it's not supported for preview services :(

@P_haem good to know we're not the only ones.

It's seem's to be cause by the agent upgrade (yesterday around 10PM for us) : New agent version : 1.0.833.4

@P_haem So were you able to resolve?

We are also experiencing this issue.@gdglee 

@gdglee - Same thing on this end. Started happening around 2-3p EST on Friday 06/28. This host pool was perfectly fine prior to this. 

We're having this issue as well. I can RDP into my WDV VMs, but trying to run published apps (browser or RDP shortcut) fail with a connection error.

Same here. This seems to be a widespread problem. For us started last week on Thursday.

@gdglee: thank you for reporting this.  We have introduced additional security checks when resolving user identities. In some environments this leads to restricted connectivity due to legacy set-ups. We are reviewing the issue and will update once a solution is available.

 

Please ensure that you follow as well the following best practice:

- Have a validation host pool set-up to escalate issues before they hit the majority of your users. 

- Set-up service alerts to receive health advisories and notification for your subscription.

@gdglee 

Same here.

For us started last week on Friday.

@Eva Seydl Thank you for your answer! Do you have any resolution date ? And is there any way to to go back to the previous version ?

@Eva Seydl 

We are also having the same issue, Raised ticket to MS Support team, they said "We cannot not provide support for Windows Virtual Desktop because it’s in preview so unfortunately we cannot answer your questions, or assist with issues you are experiencing."

Also, i have received Service alert from Microsoft "Windows Virtual Desktop - East US 2 - Exploring Mitigation" But there is no ETA As of now.

@Eva Seydl - so what do you suggest we do with host pools that are experiencing this issue in the meantime? We have a high visibility POC at a very large client that this is interrupting. Telling them their host pool is ruined  and needs to be redployed won't go over so well. 

 

Will redeploying even fix this, without intervention on your side? 

 

Additionally, can you provide some more detail on what these security checks are? Any details on what leads to this condition from a "legacy setup" perspective? 

@Eva Seydl we're having the same issue as well on both existing host pools that were working properly and on a newly deployed host pool. 

@Eva Seydl-  Would you do me a favor? We have redeployed 3 times to fix this, but didn't fix.....

@Raja R 

Please set-up a validation pool as we have a fix deployed to the validation pools. Learn here how to set those up: https://docs.microsoft.com/en-us/azure/virtual-desktop/create-validation-host-pool

 

We recommend to make use of Azure Service Health Alerts where you will be notified when the fix is available for production: https://docs.microsoft.com/en-us/azure/virtual-desktop/set-up-service-alerts 

best response confirmed by Eva Seydl (Microsoft)
Solution
Please set-up a validation pool as we have a fix deployed to the validation pools. Learn here how to set those up: https://docs.microsoft.com/en-us/azure/virtual-desktop/create-validation-host-pool We recommend to make use of Azure Service Health Alerts where you will be notified when the fix is available for production: https://docs.microsoft.com/en-us/azure/virtual-desktop/set-up-service-alerts

Hi @Eva Seydl that is good to know. I changed my hostpool to a validationenvironment. The agent is upgraded: AgentVersion : 1.0.833.5

Unfortunately I see the same behaviour still. Not able to connect, same error.

@Eva Seydl Unfortunately we cannot deploy to Validation ring because the machine fails to join the domain. We are using the same script as to deploy to prod ring (which has no issues to join the domain) with the only difference being the 

-ValidationEnv $True flag on the new-rdshostpool command.

 

15:10:25 - Resource Microsoft.Compute/virtualMachines/extensions 'rmrvwval4-0/joindomain' failed with message '{
"status": "Failed",
"error": {
"code": "ResourceDeploymentFailure",
"message": "The resource operation completed with terminal provisioning state 'Failed'.",
"details": [
{
"code": "VMExtensionProvisioningError",
"message": "VM has reported a failure when processing extension 'joindomain'. Error message: \"Exception(s) occured while joining Domain '{sanitized}.com'\"."
}
]
}
}'

1 best response

Accepted Solutions
best response confirmed by Eva Seydl (Microsoft)
Solution
Please set-up a validation pool as we have a fix deployed to the validation pools. Learn here how to set those up: https://docs.microsoft.com/en-us/azure/virtual-desktop/create-validation-host-pool We recommend to make use of Azure Service Health Alerts where you will be notified when the fix is available for production: https://docs.microsoft.com/en-us/azure/virtual-desktop/set-up-service-alerts

View solution in original post