I had the weirdest error recently when rolling out a remote app to a new customer. It was a Windows 7 machine that had the latest RDP updates installed.
When launching the thin app, the following error occurred on the client end:
Disconnected from remote computer
This stumped me for some time. It looked like some sort of authentication error. There is a Microsoft article on this, which applies to the RDP Gateway. I don’t think you should be applying a wholesale fix like this to a RDP Gateway, let alone on multi tenancy infrastructure.
I looked at the event log on the Remote Desktop Gateway server which was running Server 2012. I saw the following event log.
This confirmed to me that this was some sort of authentication error.
Looking at the local security options on the computer, I found the following:
Now, on a normal domain, this would not be set. You need to set this to the following:
Set to NTLM v2 for server 2012 connections.
Hey thanks for the great article. I too am running into issues with this.
I have server 2012 RDGateway running and my win7 machines (running RDP version 7.1) connect just fine to the RemoteApps. But any of my Win8 machines (running RDP version 8.1) says:
“Remote Desktop can’t find the computer “my.servername.here”. This might mean that “my.servername.here” does not belong to the specified network. Verify the computer name and domain that you are trying to connect to.”
I have tried applying your policy but no dice. Do you know what else might be causing something like this?
Thanks for the help!
Check the event log on the RDP Gateway. There should be something in there. If you can paste that back here I can help.
Hi there!
Thanks for the prompt response. Here is the gateway log(s) for my test user. These 3 logs consist of a single log on event:
__________________________________________________________________________
Log Name: Microsoft-Windows-TerminalServices-Gateway/Operational
Source: Microsoft-Windows-TerminalServices-Gateway
Date: 10/31/2014 2:40:05 AM
Event ID: 200
Task Category: (2)
Level: Information
Keywords: Audit Success,(16777216)
User: NETWORK SERVICE
Computer: SERVER-5.SAAS.local
Description:
The user “SAASteTest01”, on client computer “omitted external client IP”, met connection authorization policy requirements and was therefore authorized to access the RD Gateway server. The authentication method used was: “NTLM” and connection protocol used: “HTTP”.
Event Xml:
200
0
4
2
30
0x4020000001000000
487
Microsoft-Windows-TerminalServices-Gateway/Operational
SERVER-5.SAAS.local
SAASteTest01
omitted external IP
NTLM
HTTP
0
__________________________________________________________________________
Log Name: Microsoft-Windows-TerminalServices-Gateway/Operational
Source: Microsoft-Windows-TerminalServices-Gateway
Date: 10/31/2014 2:40:05 AM
Event ID: 300
Task Category: (5)
Level: Information
Keywords: Audit Success,(16777216)
User: NETWORK SERVICE
Computer: SERVER-5.SAAS.local
Description:
The user “SAASteTest01”, on client computer “omitted external client IP”, met resource authorization policy requirements and was therefore authorized to connect to resource “online.omitted.com”.
Event Xml:
300
0
4
5
30
0x4020000001000000
488
Microsoft-Windows-TerminalServices-Gateway/Operational
SERVER-5.SAAS.local
SAASteTest01
omitted external IP
online.omitted.com
0
__________________________________________________________________________
Log Name: Microsoft-Windows-TerminalServices-Gateway/Operational
Source: Microsoft-Windows-TerminalServices-Gateway
Date: 10/31/2014 2:40:26 AM
Event ID: 304
Task Category: (3)
Level: Warning
Keywords: (16777216)
User: NETWORK SERVICE
Computer: SERVER-5.SAAS.local
Description:
The user “SAASteTest01”, on client computer “omitted external client IP”, met connection authorization policy and resource authorization policy requirements, but could not connect to resource “online.omitted.com”. Connection protocol used: “HTTP”. The following error occurred: “23005”.
Event Xml:
304
0
3
3
44
0x4000000001000000
489
Microsoft-Windows-TerminalServices-Gateway/Operational
SERVER-5.SAAS.local
SAASteTest01
omitted external IP
online.omitted.com
HTTP
23005
So what will happen is I’ll get through RDWeb log in jsut fine and it will display my remote apps, but once one is selected, I get said error. Only for RDP 8.0 & 8.1 too…
Thanks again for the help!
Hey Thanks for your help!
Here are the 3 log files from the Gateway that occur upon login with my test user, Actual domains and IPs have been omitted.
Log Name: Microsoft-Windows-TerminalServices-Gateway/Operational
Source: Microsoft-Windows-TerminalServices-Gateway
Date: 10/31/2014 2:40:05 AM
Event ID: 200
Task Category: (2)
Level: Information
Keywords: Audit Success,(16777216)
User: NETWORK SERVICE
Computer: SERVER-5.SAAS.local
Description:
The user “SAASteTest01”, on client computer “client external IP omitted”, met connection authorization policy requirements and was therefore authorized to access the RD Gateway server. The authentication method used was: “NTLM” and connection protocol used: “HTTP”
Log Name: Microsoft-Windows-TerminalServices-Gateway/Operational
Source: Microsoft-Windows-TerminalServices-Gateway
Date: 10/31/2014 2:40:05 AM
Event ID: 300
Task Category: (5)
Level: Information
Keywords: Audit Success,(16777216)
User: NETWORK SERVICE
Computer: SERVER-5.SAAS.local
Description:
The user “SAASteTest01”, on client computer “client external IP omitted”, met resource authorization policy requirements and was therefore authorized to connect to resource “online.omitted.com”.
Log Name: Microsoft-Windows-TerminalServices-Gateway/Operational
Source: Microsoft-Windows-TerminalServices-Gateway
Date: 10/31/2014 2:40:26 AM
Event ID: 304
Task Category: (3)
Level: Warning
Keywords: (16777216)
User: NETWORK SERVICE
Computer: SERVER-5.SAAS.local
Description:
The user “SAASteTest01”, on client computer “client external IP omitted”, met connection authorization policy and resource authorization policy requirements, but could not connect to resource “online.omitted.com”. Connection protocol used: “HTTP”. The following error occurred: “23005”.
Did you manage to fix this, if not, what is the policy you are using now?
Hey thanks for the great article. I too am running into issues with this.
I have server 2012 RDGateway running and my win7 machines (running RDP version 7.1) connect just fine to the RemoteApps. But any of my Win8 machines (running RDP version 8.1) says:
“Remote Desktop can’t find the computer “my.servername.here”. This might mean that “my.servername.here” does not belong to the specified network. Verify the computer name and domain that you are trying to connect to.”
I have tried applying your policy but no dice. Do you know what else might be causing something like this?
Thanks for the help!
Check the event log on the RDP Gateway. There should be something in there. If you can paste that back here I can help.
Hi there!
Thanks for the prompt response. Here is the gateway log(s) for my test user. These 3 logs consist of a single log on event:
__________________________________________________________________________
Log Name: Microsoft-Windows-TerminalServices-Gateway/Operational
Source: Microsoft-Windows-TerminalServices-Gateway
Date: 10/31/2014 2:40:05 AM
Event ID: 200
Task Category: (2)
Level: Information
Keywords: Audit Success,(16777216)
User: NETWORK SERVICE
Computer: SERVER-5.SAAS.local
Description:
The user “SAASteTest01”, on client computer “omitted external client IP”, met connection authorization policy requirements and was therefore authorized to access the RD Gateway server. The authentication method used was: “NTLM” and connection protocol used: “HTTP”.
Event Xml:
200
0
4
2
30
0x4020000001000000
487
Microsoft-Windows-TerminalServices-Gateway/Operational
SERVER-5.SAAS.local
SAASteTest01
omitted external IP
NTLM
HTTP
0
__________________________________________________________________________
Log Name: Microsoft-Windows-TerminalServices-Gateway/Operational
Source: Microsoft-Windows-TerminalServices-Gateway
Date: 10/31/2014 2:40:05 AM
Event ID: 300
Task Category: (5)
Level: Information
Keywords: Audit Success,(16777216)
User: NETWORK SERVICE
Computer: SERVER-5.SAAS.local
Description:
The user “SAASteTest01”, on client computer “omitted external client IP”, met resource authorization policy requirements and was therefore authorized to connect to resource “online.omitted.com”.
Event Xml:
300
0
4
5
30
0x4020000001000000
488
Microsoft-Windows-TerminalServices-Gateway/Operational
SERVER-5.SAAS.local
SAASteTest01
omitted external IP
online.omitted.com
0
__________________________________________________________________________
Log Name: Microsoft-Windows-TerminalServices-Gateway/Operational
Source: Microsoft-Windows-TerminalServices-Gateway
Date: 10/31/2014 2:40:26 AM
Event ID: 304
Task Category: (3)
Level: Warning
Keywords: (16777216)
User: NETWORK SERVICE
Computer: SERVER-5.SAAS.local
Description:
The user “SAASteTest01”, on client computer “omitted external client IP”, met connection authorization policy and resource authorization policy requirements, but could not connect to resource “online.omitted.com”. Connection protocol used: “HTTP”. The following error occurred: “23005”.
Event Xml:
304
0
3
3
44
0x4000000001000000
489
Microsoft-Windows-TerminalServices-Gateway/Operational
SERVER-5.SAAS.local
SAASteTest01
omitted external IP
online.omitted.com
HTTP
23005
So what will happen is I’ll get through RDWeb log in jsut fine and it will display my remote apps, but once one is selected, I get said error. Only for RDP 8.0 & 8.1 too…
Thanks again for the help!
Hey Thanks for your help!
Here are the 3 log files from the Gateway that occur upon login with my test user, Actual domains and IPs have been omitted.
Log Name: Microsoft-Windows-TerminalServices-Gateway/Operational
Source: Microsoft-Windows-TerminalServices-Gateway
Date: 10/31/2014 2:40:05 AM
Event ID: 200
Task Category: (2)
Level: Information
Keywords: Audit Success,(16777216)
User: NETWORK SERVICE
Computer: SERVER-5.SAAS.local
Description:
The user “SAASteTest01”, on client computer “client external IP omitted”, met connection authorization policy requirements and was therefore authorized to access the RD Gateway server. The authentication method used was: “NTLM” and connection protocol used: “HTTP”
Log Name: Microsoft-Windows-TerminalServices-Gateway/Operational
Source: Microsoft-Windows-TerminalServices-Gateway
Date: 10/31/2014 2:40:05 AM
Event ID: 300
Task Category: (5)
Level: Information
Keywords: Audit Success,(16777216)
User: NETWORK SERVICE
Computer: SERVER-5.SAAS.local
Description:
The user “SAASteTest01”, on client computer “client external IP omitted”, met resource authorization policy requirements and was therefore authorized to connect to resource “online.omitted.com”.
Log Name: Microsoft-Windows-TerminalServices-Gateway/Operational
Source: Microsoft-Windows-TerminalServices-Gateway
Date: 10/31/2014 2:40:26 AM
Event ID: 304
Task Category: (3)
Level: Warning
Keywords: (16777216)
User: NETWORK SERVICE
Computer: SERVER-5.SAAS.local
Description:
The user “SAASteTest01”, on client computer “client external IP omitted”, met connection authorization policy and resource authorization policy requirements, but could not connect to resource “online.omitted.com”. Connection protocol used: “HTTP”. The following error occurred: “23005”.
Did you manage to fix this, if not, what is the policy you are using now?
Hello,
Any luck with fixing that error Mike? Getting exactly the same error with my setup. I have a web/gateway server and connection broker in the same subnet and a session host server in another subnet, and get this error. RemoteApps display fine, and I can login to the GW fine.
When I put a session host in the same subnet as the gw and cb everything works as expected. I have confirmed firewall rules between both subnets and opened everything for testing purposes. Anything else I can try?
Hi,
can you fix the image not loading?