RDS Serveur 2022 disconnected from domain

Question

Hello,

We are migrating an old hyperv to a new 2022 hyperv (including DC and RDS 2022).

The new DC has been promoted GC (the previous GC has been demoted DC, and will be removed soon).
Everything is working fine for users, and they can still use the old RDS.

We are now preparing the new RDS 2022.

But, many times a day (2 or 3), it is disconnected from the domain :
"The security database on the server does not have a computer account for this workstation trust".

But, without doing anything, the domain is found again later (less than 1 hour).
Then, the new RDS is working fine again.

Only error found in the log (maybe not related at all with this problem) :
Nom de l’application défaillante LogonUI.exe, version : 10.0.20348.1, horodatage : 0x8b367c97
Nom du module défaillant : Windows.UI.Xaml.dll, version : 10.0.20348.617, horodatage : 0x5ad50d66
Code d’exception : 0xc000027b
Décalage d’erreur : 0x0000000000814788
ID du processus défaillant : 0x66fc
Heure de début de l’application défaillante : 0x01d8d96d0ac6357b
Chemin d’accès de l’application défaillante : C:\Windows\system32\LogonUI.exe
Chemin d’accès du module défaillant: C:\Windows\System32\Windows.UI.Xaml.dll
ID de rapport : d8b89be1-e566-4b12-96ca-336114d233bc
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Do you have any idea about the cause of this problem ?

thanks in advance for your help.

Answer 1

Hello Bernard,

Were you able to fix your problem?

I had the same exact error that you've posted on my Win2022 RDS server - same DLLs, same versions, even same timestamps every time user tried to connect to to terminal server. Since LogonUI crashed every time I was trying to pinpoint the issue.

First I've tried with deleting the user profile (I have only RDS server, DC is on separate machine). Simple remove profile option did not work. I had to comb through registry to delete almost everything that mentioned user's SID. That have helped, but only for a while.
After I've set up fresh profile everything was ok - no errors ID 1000 in log. I've prepared the profile, started to fiddle with personalization a bit and to my dismay the ID 1000 error came back.
I was able to pinpoint the problem to Windows Transparency option in user Personalization window... It had to stay on for LogonUI and Windows.UI.Xaml.dll.
After setting transparency ON and leaving it that way I have no more problems with LogonUI crashing for any of my users.

I hope it will help at least with this error.

Best regards

Answer 2

Hi,

There might be some instances where old metadata is still in the DC database, try this to remove metadata cc736378(v=ws.10)

Also can you check the date and time on the server? As misconfiguration of time & date settings can also cause this issue on the server, check DNS and Firewall settings on the server if it is as per environment, finally you will need to take a downtime to disjoin the server from the domain and rejoin the server to the Domain.

Hope this helps.

==
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Answer 3

Hi Jimmy,

Thanks for the answer.

Time of all servers (old and new) are identical.

Yes, it could be a problem with old GC.
The 5 FSMO roles have been transferred but... there is maybe additional cleanup to do.

Is there any risk using the ntdsutil command on the old DC ?
First, is there any command allowing to check if there is something wrong remaining in the DC database ?