RDS 2012 R2: Connection broker (or gateway) not working properly
I had the same problem but a different solution.
In group policy – configure FQDN for the RD Connection Broker. (you will also need to enable ‘join rd connection broker)
my working config as below. Local Computer Policy/Computer Configuration/Administrative Templates/Windows Components/Remote Desktop Services/Remote Desktop Session Host/RD Connection Broker/
Join RD Connection Broker – enabled
Configure RD Connection Broker farm name – not configured
Use Ip Adress redirection – not configured
Configure RD Connection Broker server name – enabled (put you FQDN here of the RD Connection Server or servers).
Use RD Connection Broker load balancing – not configured. (I have only one server)
I hope this maybe can help someone. :)
MojoDK
Updated on September 18, 2022Comments
-
MojoDK over 1 year
Here's my network...
(Link to network diagram: http://i.stack.imgur.com/F9gTF.png)
I have three RDSH servers - SVRDS1, SVRDS2 and SVRDS3. My Connection Broker is located on a separate box SVPDC1.
Problem:
If a user is logged into SVRDS2 and this server goes down, then he can't log on (via RdWeb) again before SVRDS2 is online again. I don't get why he's not redirected to SVRDS1 or SVRDS3? Isn't that the brokers job?
I see this error on the Broker:
Source: TerminalServices-SessionBroker Event ID:802 Error: RD Connection Broker failed to process the connection request for user mydomain\username. Error: Element not found.
Is it my Connection broker, that is causing me problems or is it the gateway?
-
Zoredache about 10 years@MojoDK, does the session broker reconnection your sessions locally, if you connect without the gateway at all?
-
MojoDK about 10 years@Zoredache I'm not excatly sure what you want me to do, but if I open RD on a client, type in the brokers name (SVPDC1) in the "Computer" and I don't use gateway, I get this error: "Connection denied because user account not authorized for remote login"
-
MojoDK about 10 yearsIf I log a user onto SVRDS2 and remotely shuts down SVRDS2 then the user of course is kicked. If the user opens a RD connection (without gateway) and enter SVRDS1, then he gets this error: "Remote logins are currently disabled"
-
Brad Bouchard about 10 yearsI think I said this on your first question about this but you really should separate the DC from any of this. It's not a good idea to have RD roles on the DC. Also, your Gateway and Broker should both be separate machines from the RDSH servers or other servers, which the Broker is (sort of, it's not on an RDSH server but it's on the DC which is not good), but the Gateway isn't; it shouldn't be combined with a server that already has the RDSH role. As far as the Broker though, have you set it up to tell it that the RDSH servers are part of a farm and used DNS round robin? Can you also...
-
Brad Bouchard about 10 years... elaborate more on the cloud to the firewall? I think it's just showing two NAT policies, but can you tell me exactly what's going on there? And, finally with your Gateway, are you having people connect from outside of your office using the Gateway?
-
MojoDK about 10 yearsThanks for the advice about the DC - currently I have no more servers, so I have to do with what I have - until my budget allows me to buy more.
-
MojoDK about 10 yearsHow do I tell the broker about the RDSH servers? I don't see an application or settings for the broker?
-
MojoDK about 10 yearsRegarding firewall ... I'm allowing all traffic from cloud (gateway.mycompany.com) on port 80 and port 443 to the gateway server and traffic all traffic from webaccess.mycompany.com on port 3391 and 443 to the rdweb server.
-
MojoDK about 10 yearsI've made an forward lookup zone in my DNS for gateway.mycompany.com with my local IP for the gateway server.
-
MojoDK about 10 yearsI don't have any NLB or Round Robin set up atm. Micrsoft wanted me to remove them - why I don't know.
-
MojoDK about 10 yearsCan my problems be related to the CB is located on the DC?
-
MojoDK about 10 yearsCan I put broker, webaccess and gateway on same server?
-
MojoDK about 10 years@BradBouchard - it seams like Connection Broker is allowed now on 2012 R2 ... tinyurl.com/kgvyjsf ???
-
MojoDK about 10 yearsOkay ... I might feel pretty stupid asking this question, since it might be the solution to my problem ... Do I have to install HA on the Broker eventhough I only have one Broker? I thought HA meant for having HA between the brokers and not the RDSH? If yes, then I will try install it tomorrow. :)
-
Brad Bouchard about 10 yearsIt does mean for having more than one Broker. Also, if you have removed Round Robin then your RDSH servers won't know that they are in a farm/cluster and won't be able to let another user connect without first having that config re-implemented. That's weird that MS would have you remove that.
-
Byron C. about 10 years@MojoDK also, I'm not sure how you setup your farm, but Server 2012 has a nifty wizard that walks you through it relatively painlessly.. thewolfblog.com/2014/02/08/…
-
MojoDK about 10 years@BradBouchard ... where in the wizard do I enter the Round Robin? Only place I see that is in the HA broker wizard. Please remember it's a Win2012R2 RDS solution. :) thx
-
Brad Bouchard about 10 yearsI remember that it is for 2012, and I am talking about the Broker HA Round Robin... see this... thewolfblog.com/2014/02/02/… and this ... thewolfblog.com/2014/02/08/…
-
MojoDK about 10 yearsI'm very confused here. Do I need to set up HA with a Round Robin name (I only got 1 Connection Broker) for the 3 RDSH to recognize they are in a farm? Do I need the HA for the CB to redirect me to another server when the one they are on fails? - or will the CB do this without HA configured? My problem is, that if a server fails, the users can't connect to another server - the CB isn't redirecting them ... do I need HA for this? Thx :)
-