I ran into an issue recently where Thin Clients were connecting to a Server 2008 R2 RDS Farm. The RDS Farm had three Sessions Hosts and one Connection Broker. DNS was providing round–robin and the Connection Broker was providing load balancing.
The issue we were facing was that the Thin Clients were experiencing a double logon. When they connected they would logon, and immediately after they hit enter, they were given a second logon. It almost seemed like it was rejecting their password. But it wasn’t. They would retype their credentials and get in and continue on.
This didn’t always happen and what we observed was the following.
- If DNS returned RDS1 and the Connection Broker load balanced the user’s session to the same server that first responded then the client only received one logon prompt.
- If DNS returned RDS2 and the Connection Broker determined the least load was on RDS3 and sent the user’s session over there, this is when the second logon prompt would occur.
After some troubleshooting I determined the issue was not with the server at all but with the client itself. I had read a lot of articles that talked about changing settings on the Session Hosts and upgrading the RDP clients to the latest version, or, even running hotfixes that would enable NLA. Both none of these items worked. The only machines we knew that never had problems were Windows 7 PCs. Our Thin Clients were all Windows Embedded 2009, which is based on XP Embedded.
So, I decided to try a Windows 7 Embedded Thin Client on the off-chance it might fix the issue. Lo-and-behold it did! Needless to say we are slowly replacing the older Thin Clients with Windows 7 Embedded devices.
The moral of the story here is to never overlook your Thin Clients.