Microsoft Windows Server - Defect ID: WI835347
Remote Desktop Connection fails when client uses Remote Procedure Call over HTTP

• No change history provided.

Impact: This might occur intermittently, and affect remote desktop connections across an organization Originating KB URL: https://support.microsoft.com/en-us/topic/5040430 Originating KB Release Date: 2024-07-09T10:00:00-07:00 Originating Build: 17763.6054 Resolved KB URL: https://support.microsoft.com/en-us/topic/5044277 Date Resolved: 2024-10-08T10:00:00-07:00 All Updates: ------------------------------------------------------ October 08, 2024 17:04 PM Windows Servers which have installed Windows security updates released July 9, 2024 (KB5040430 (https://support.microsoft.com/help/5040430)) might affect Remote Desktop Connectivity across an organization if legacy protocol (Remote Procedure Call over HTTP) is used in Remote Desktop Gateway. This can affect Remote Desktop (RD) Connectivity if the connection is going through an RD Gateway. Resulting from this, remote desktop connections might be interrupted. This issue might occur intermittently, such as repeating every 30 minutes. At this interval, logon sessions are lost and users will need to reconnect to the server. IT admins can track this as a termination of the TSGateway service which becomes unresponsive with exception code 0xc0000005. Windows System Event 1000 captures this with the message text similar to the following: Faulting application name: svchost.exe_TSGateway, version: 10.0.14393.5582, time stamp: Faulting module name: aaedge.dll, version: 10.0.14393.7155, time stamp: Exception code: 0xc0000005 Resolution: This issue was resolved by Windows updates released October 8, 2024 (KB5044277 (https://support.microsoft.com/help/5044277)), and later. We recommend you install the latest update for your device as it contains important improvements and issue resolutions, including this one. If you install an update released October 8, 2024 or later, you do not need to use a workaround for this issue. If you are using an update released before October 8, 2024, and are experiencing this issue, two options can be used to mitigate this issue: Important: This article contains information about how to modify the registry. Make sure that you back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, see How to back up and restore the registry in Windows (https://support.microsoft.com/topic/how-to-back-up-and-restore-the-registry-in-windows-855140ad-e318-2a13-2829-d428a2ab0692). Option 1) Disallow connections over pipe, and port \pipe\RpcProxy\3388 through the RD Gateway - This process will require the use of connection applications, such as firewall software. Consult the documentation for your connection and firewall software for guidance on disallowing and porting connections. Option 2) Edit the registry of client devices, by removing a key related to RDGClientTransport 1) Open the Windows Registry Editor. This can be accomplished by opening the Windows start menu and typing regedit. Select Registry Editor from the results. 2) Navigate to the following registry location: Computer\HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\RDGClientTransport This can be accomplished by entering this location in the path field located below the File menu, or by navigating using the left-side panel of the editor. Expand this path in the editor. 3) Observe the right-side panel which contains values associated with this key. Find the registry key titled ‘DWORD’ and double click to open it. 4) Set the ‘Value Data’ field to ‘0x0’. Affected platforms: - Client: None - Server: Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012 Click here (https://admin.microsoft.com/Adminportal/Home?#/windowsreleasehealth/:/wrhpreferences) to manage email notifications for Windows known issues ------------------------------------------------------ September 12, 2024 01:00 AM Note: This disclosure was mistakenly updated to Resolved status on September 10, 2024. A resolution for this issue is planned to be included in an update to be released in the coming weeks. We apologize for any inconvenience or confusion. _____ Windows Servers which have installed Windows security updates released July 9, 2024 (KB5040430 (https://support.microsoft.com/help/5040430)) might affect Remote Desktop Connectivity across an organization if legacy protocol (Remote Procedure Call over HTTP) is used in Remote Desktop Gateway. This can affect Remote Desktop (RD) Connectivity if the connection is going through an RD Gateway. Resulting from this, remote desktop connections might be interrupted. This issue might occur intermittently, such as repeating every 30 minutes. At this interval, logon sessions are lost and users will need to reconnect to the server. IT admins can track this as a termination of the TSGateway service which becomes unresponsive with exception code 0xc0000005. Windows System Event 1000 captures this with the message text similar to the following: Faulting application name: svchost.exe_TSGateway, version: 10.0.14393.5582, time stamp: Faulting module name: aaedge.dll, version: 10.0.14393.7155, time stamp: Exception code: 0xc0000005 Workaround: Two options can be used to mitigate this issue ahead of a future Microsoft update: Important: This article contains information about how to modify the registry. Make sure that you back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, see How to back up and restore the registry in Windows (https://support.microsoft.com/topic/how-to-back-up-and-restore-the-registry-in-windows-855140ad-e318-2a13-2829-d428a2ab0692). Option 1) Disallow connections over pipe, and port \pipe\RpcProxy\3388 through the RD Gateway - This process will require the use of connection applications, such as firewall software. Consult the documentation for your connection and firewall software for guidance on disallowing and porting connections. Option 2) Edit the registry of client devices, by removing a key related to RDGClientTransport 1) Open the Windows Registry Editor. This can be accomplished by opening the Windows start menu and typing regedit. Select Registry Editor from the results. 2) Navigate to the following registry location: Computer\HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\RDGClientTransport This can be accomplished by entering this location in the path field located below the File menu, or by navigating using the left-side panel of the editor. Expand this path in the editor. 3) Observe the right-side panel which contains values associated with this key. Find the registry key titled ‘DWORD’ and double click to open it. 4) Set the ‘Value Data’ field to ‘0x0’. Next steps: We are working on a resolution and will provide an update in an upcoming release. Affected platforms: - Client: None - Server: Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012 Click here (https://admin.microsoft.com/Adminportal/Home?#/windowsreleasehealth/:/wrhpreferences) to manage email notifications for Windows known issues ------------------------------------------------------ September 10, 2024 16:59 PM Windows Servers which have installed Windows security updates released July 9, 2024 ([ImpactstartKB]) might affect Remote Desktop Connectivity across an organization if legacy protocol (Remote Procedure Call over HTTP) is used in Remote Desktop Gateway. This can affect Remote Desktop (RD) Connectivity if the connection is going through an RD Gateway. Resulting from this, remote desktop connections might be interrupted. This issue might occur intermittently, such as repeating every 30 minutes. At this interval, logon sessions are lost and users will need to reconnect to the server. IT admins can track this as a termination of the TSGateway service which becomes unresponsive with exception code 0xc0000005. Windows System Event 1000 captures this with the message text similar to the following: Faulting application name: svchost.exe_TSGateway, version: 10.0.14393.5582, time stamp: Faulting module name: aaedge.dll, version: 10.0.14393.7155, time stamp: Exception code: 0xc0000005 Resolution: This issue was resolved by Windows updates released September 9, 2024 (KB5043050 (https://support.microsoft.com/help/5043050)), and later. We recommend you install the latest update for your device as it contains important improvements and issue resolutions, including this one. If you install an update released September 9, 2024 or later, you do not need to use a workaround for this issue. If you are using an update released before September 9, 2024, and are experiencing this issue, two options can be used to mitigate this issue: Important: This article contains information about how to modify the registry. Make sure that you back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, see How to back up and restore the registry in Windows (https://support.microsoft.com/topic/how-to-back-up-and-restore-the-registry-in-windows-855140ad-e318-2a13-2829-d428a2ab0692). Option 1) Disallow connections over pipe, and port \pipe\RpcProxy\3388 through the RD Gateway - This process will require the use of connection applications, such as firewall software. Consult the documentation for your connection and firewall software for guidance on disallowing and porting connections. Option 2) Edit the registry of client devices, by removing a key related to RDGClientTransport 1) Open the Windows Registry Editor. This can be accomplished by opening the Windows start menu and typing regedit. Select Registry Editor from the results. 2) Navigate to the following registry location: Computer\HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\RDGClientTransport This can be accomplished by entering this location in the path field located below the File menu, or by navigating using the left-side panel of the editor. Expand this path in the editor. 3) Observe the right-side panel which contains values associated with this key. Find the registry key titled ‘DWORD’ and double click to open it. 4) Set the ‘Value Data’ field to ‘0x0’. Affected platforms: - Client: None - Server: Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012 Click here (https://admin.microsoft.com/Adminportal/Home?#/windowsreleasehealth/:/wrhpreferences) to manage email notifications for Windows known issues ------------------------------------------------------ July 30, 2024 23:30 PM Windows Servers which have installed Windows security updates released July 9, 2024 ([ImpactstartKB]) might affect Remote Desktop Connectivity across an organization if legacy protocol (Remote Procedure Call over HTTP) is used in Remote Desktop Gateway. This can affect Remote Desktop (RD) Connectivity if the connection is going through an RD Gateway. Resulting from this, remote desktop connections might be interrupted. This issue might occur intermittently, such as repeating every 30 minutes. At this interval, logon sessions are lost and users will need to reconnect to the server. IT admins can track this as a termination of the TSGateway service which becomes unresponsive with exception code 0xc0000005. Windows System Event 1000 captures this with the message text similar to the following: Faulting application name: svchost.exe_TSGateway, version: 10.0.14393.5582, time stamp: Faulting module name: aaedge.dll, version: 10.0.14393.7155, time stamp: Exception code: 0xc0000005 Workaround: Two options can be used to mitigate this issue ahead of a future Microsoft update: Important: This article contains information about how to modify the registry. Make sure that you back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, see How to back up and restore the registry in Windows (https://support.microsoft.com/topic/how-to-back-up-and-restore-the-registry-in-windows-855140ad-e318-2a13-2829-d428a2ab0692). Disallow connections over pipe, and port \pipe\RpcProxy\3388 through the RD Gateway - This process will require the use of connection applications, such as firewall software. Consult the documentation for your connection and firewall software for guidance on disallowing and porting connections. Edit the registry of client devices, by removing a key related to RDGClientTransport 1) Open the Windows Registry Editor. This can be accomplished by opening the Windows start menu and typing regedit. Select Registry Editor from the results. 2) Navigate to the following registry location: Computer\HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\RDGClientTransport This can be accomplished by entering this location in the path field located below the File menu, or by navigating using the left-side panel of the editor. Expand this path in the editor. 3) Observe the right-side panel which contains values associated with this key. Find the registry key titled ‘DWORD’ and double click to open it. 4) Set the ‘Value Data’ field to ‘0x0’. Next steps: We are working on a resolution and will provide an update in an upcoming release. Affected platforms: - Client: None - Server: Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012 Click here (https://admin.microsoft.com/Adminportal/Home?#/windowsreleasehealth/:/wrhpreferences) to manage email notifications for Windows known issues ------------------------------------------------------ July 25, 2024 18:00 PM Windows Servers which have installed Windows security updates released July 9, 2024 ([ImpactstartKB]) might affect Remote Desktop Connectivity across an organization if legacy protocol (Remote Procedure Call over HTTP) is used in Remote Desktop Gateway. This can affect Remote Desktop (RD) Connectivity if the connection is going through an RD Gateway. Resulting from this, remote desktop connections might be interrupted. This issue might occur intermittently, such as repeating every 30 minutes. At this interval, logon sessions are lost and users will need to reconnect to the server. IT admins can track this as a termination of the TSGateway service which becomes unresponsive with exception code 0xc0000005. Windows System Event 1000 captures this with the message text similar to the following: Faulting application name: svchost.exe_TSGateway, version: 10.0.14393.5582, time stamp: Faulting module name: aaedge.dll, version: 10.0.14393.7155, time stamp: Exception code: 0xc0000005 Workaround: Two options can be used to mitigate this issue ahead of a future Microsoft update: Important: This article contains information about how to modify the registry. Make sure that you back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, see How to back up and restore the registry in Windows (https://support.microsoft.com/topic/how-to-back-up-and-restore-the-registry-in-windows-855140ad-e318-2a13-2829-d428a2ab0692). Disallow connections over pipe, and port \pipe\RpcProxy\3388 through the RD Gateway - This process will require the use of connection applications, such as firewall software. Consult the documentation for your connection and firewall software for guidance on disallowing and porting connections. Edit the registry of client devices, by removing a key related to RDGClientTransport 1) Open the Windows Registry Editor. This can be accomplished by opening the Windows start menu and typing regedit. Select Registry Editor from the results. 2) Navigate to the following registry location: HKCU\Software\Microsoft\Terminal Server Client\RDGClientTransport This can be accomplished by entering this location in the path field located below the File menu, or by navigating using the left-side panel of the editor. Expand this path in the editor. 3) Observe the right-side panel which contains values associated with this key. Find the registry key titled ‘DWORD’ and double click to open it. 4) Set the ‘Value Data’ field to ‘0x0’. Next steps: We are working on a resolution and will provide an update in an upcoming release. Affected platforms: - Client: None - Server: Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012 Click here (https://admin.microsoft.com/Adminportal/Home?#/windowsreleasehealth/:/wrhpreferences) to manage email notifications for Windows known issues