Devolutions
internal error when connecting to windows server 2022 remote desktop host after update of msrdc
we use msrdpex to connect to windows server 2022 remote desktop hosts with msrdc client.
after update auf remote desktop app (msi) we cannot connect anymore.
"internal error occured" error code: 0x0
remote desktop app version was working before: RemoteDesktop_1.2.5713.0_x64 updated to versions not working anymore: RemoteDesktop_1.2.5910.0_x64, RemoteDesktop_1.2.6017.0_x64 msrdpex versions tried: MsRdpEx-2024.09.25.0-x64, MsRdpEx-2025.02.26.0-x64
any help? hopefully we are not alone with such a configuration.
screenshot (german)
Hi,
I have just updated MSRDC to 1.2.6017.0 and I can still connect just fine with msrdcex.exe to Windows Server 2022. Can you share a copy of your .RDP file, redacting the values for .RDP file options you don't want to share? I hope this isn't related to https://www.windowslatest.com/2025/03/13/windows-11-kb5053598-issues-install-fails-rdp-disconnects-bsods-windows-11-24h2/
I’ve checked a few things and have come to the conclusion that the certificate might be the issue. We’re using a certificate from a private Windows CA. There are also some minor differences compared to an RDP certificate that a normal Windows client automatically generates.
I’ll probably need to test which specific certificate property is causing this.
Does anyone know a debug switch for MSRDC that could help identify the problematic property more quickly?
Does anyone know a debug switch for MSRDC that could help identify the problematic property more quickly?
If there is such a thing, I would very much like to know!
If it's truly a certificate-related issue though, then enabling the CAPI2 logs in the Windows event viewer might help identify the problem. These are the same logs described here: https://awakecoding.com/posts/rdp-smartcard-logon-user-name-does-not-exist/#fixing-strict-kdc-validation
I’ve made some progress now.
The certificate doesn’t seem to be the issue.
It only occurs when you try to connect via the Connection Broker.
MSRDC connects to the Connection Broker and then receives a redirect to a Session Host. Somewhere here is where the problem lies. According to the firewall logs, the client doesn’t even attempt a connection to a Session Host.
(So far, we’re not using an RDS Gateway. Only the Connection Broker.)
Perhaps someone has an idea …
Interesting... can you try launching "vanilla" msrdc.exe directly with the "/SkipAvdSignatureChecks" command-line option on that same RDP file? It will bypass the signature check just like what we're doing in MsRdpEx, so in theory you should be able to test the same connection but without possible MsRdpEx interference.
same behavior
something has changed in newer MSRDC version which results in this problem.
Argh. Microsoft doesn't officially support non-AVD connections with MSRDC, so you can't even open a bug report. Even if you did... I could never find a place to report RDP bugs where it doesn't get ignored.
Here's what I suggest: collect MsRdpEx logs for a successful connection using an older version of MSRDC, then do the same for the failed connection with the newer version of MSRDC. Hopefully I can find a hint of what has changed and what breaks the connection by comparing the logs
Does not really help so far.
Maybe someone who uses newer version of MSRDC und Connection Broker can report if it's working.
@y4i4vkadc3 did you collect "success" and "failure" logs for comparison? I can take a look, you can send them to mamoreau [at] devolutions.net