Hello everybody,
At a customer's site, there is a load-balanced 2008 R2 Terminal Server farm. The farm name is just tsfarm1, and there are round-robin DNS entries for that name pointing to all of the servers of the farm. The farm servers get created by cloning/sysprepping them via Virtual Machine Manager and a PowerShell script (that works for years at several customers without issues).
The problem here is, that users cannot connect to the farm *occasionally*, getting the error message "Because of a protocol error this session will be disconnected. Please try connecting to the remote computer again". The effect seems to occur if DNS round robin decides to send us to two of the five servers. However, we already had rebooted, and also recreated (freshly cloned) the whole server farm. So, each server should be identical, but some (not the same after each rollout of the farm) seem not to be.
I have taken a trace using Microsoft Message Analyzer 1.2, but I cannot see anything helpful with its RDP parser. There are only 4 conversations (connect, confirm, connect, confirm). As far as I could see, there is no error status returned from the server. Obviously, this cannot be the whole truth ;-)
How could I dig deeper into what actually happens when the connection failure appears?
Best Regards, Stefan Falk