Good Afternoon,
I have a new RDWeb farm built off Server 2016. Architecture consists of:
1 Gateway Server - GW01 - Running RD Gateway and RD Web Access roles.
1 Connection Broker - CB01
1 Session Host - SH01
1 Licensing Server - LIC01
1 Active Directory Controller - AD01 - Domain: domain.contoso.com
I am only publishing applications through a Session Host, I am not using any RD Virtualization Hosts.
I have created another DNS zone (split brain) in my internal DNS to give all my servers a .example.com DNS entry (Eg: CB01.example.com). This DNS name resolves without issue internally, but not externally.
RD Web URL: mystuff.example.com
I have it deployed and it seems to function properly. I have a legitimate certificate installed for the *.example.com on all the Role Services.
I have used this script to change the published FQDN to avoid certificate mismatch errors:
Change-published-FQDN (Powershell script. I can't link cause my account is too new)
What is odd about this tool, is I have to set the published name to the connection broker server. Eg: cb01.example.com. If I try to set it to mystuff.example.com, I get an error and no logins work when clicking the published application.
When users log in, they get the RD Web page. They can log into that and see the published application. When they click the published application, intermittently it will get stuck at "Loading Virtual Machine" at which point the user either needs to reboot, or kill their Remote Desktop process. Other times, it will work properly and the application will load as expected. The intermittent issue happens perhaps 25% of the time.
I am a bit stumped. I don't see any log entries that have helped me get past this issue. I think my problem lies with the Change Published FQDN tool, but I am honestly guessing at this point.
Are there any logs I should be looking at when this issue happens? Any idea what problem I am having?