The Remote Desktop Gateway mysterious case of Error 0

Let’s face it , most Active Directory Domains were created a long long time ago. And while most of these are now migrated to newer versions , Group Policies sometimes were left as is. These Group Policy objects are what I like to call “Lingering GPO Settings” 🙂

This case was both simple and complicated , a client had a brand new installation of Windows Server 2012 R2 Remote Desktop Services and various clients connecting to it. Some of those clients were unable to connect to the gateway for no obvious reason. Only a couple of warnings logged on the Microsoft-Windows-TerminalServices-RDPClient/Operationall logs:

  • RDPClient_Gateway: An error was encountered when transitioning from AAStateCreatingOutChannel to AAStateError in response to 3 (error code 0x800703E5).
  • RDPClient_Gateway: An error was encountered when transitioning from AAStateInitializingTunnel to AAStateError in response to 6 (error code 0x800703E5).

The problem laid within a Group Policy setting that was configured quite some time ago. This policy forced the client to use “Send LM & NTLM Responses” on Computer Configuration->Windows Settings->Security Settings->Security Options->Network Security:  LAN Manager Authentication Level. Changing that to “Send NTLMv2 response only” immediately enabled those clients to connect.

So while sometimes an error may seem Remote Desktop related make sure you check all of the underlying technology to ensure security protocol compliance and proper operation.

Merging VHD

Last night I had to troubleshoot a low free space alert on a cluster. While everything looked normal and no Checkpoints or backups of Virtual Machines were on the Clustered Shared Volume a problem with the backup software flew under the radar and created a massive problem! There was an offending VM that was backed up normally and no checkpoints existed but it’s VHD files were differencing disks. A situation most of the IT Pro’s out there are familiar with.

So how do you rectify this? This VM had grown to a TB of data and while no checkpoints existed it had over 300 differencing VHD files. Restoring such a VM would take hours so that’s not a great option. Well I first started with copying over the XML configuration files of the virtual machine and importing this VM again with NO-VHD drives on it. So far so good we have a working VM with the same GUID and the same network adapters but with no drives.

{Powershell} to the rescue!

Powershell is capable of doing amazing things so I wrote this little script that actually gets each drive and then merges all of the VHD files into the parent so that you can attach it again on the virtual machine. Enjoy!