Windows OS Hub
  • Windows Server
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
    • Windows Server 2012 R2
    • Windows Server 2012
    • Windows Server 2008 R2
    • SCCM
  • Active Directory
    • Active Directory Domain Services (AD DS)
    • Group Policies
  • Windows Clients
    • Windows 11
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows XP
    • MS Office
    • Outlook
  • Virtualization
    • VMWare
    • Hyper-V
    • KVM
  • PowerShell
  • Exchange
  • Cloud
    • Azure
    • Microsoft 365
    • Office 365
  • Linux
    • CentOS
    • RHEL
    • Ubuntu
  • Home
  • About

Windows OS Hub

  • Windows Server
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
    • Windows Server 2012 R2
    • Windows Server 2012
    • Windows Server 2008 R2
    • SCCM
  • Active Directory
    • Active Directory Domain Services (AD DS)
    • Group Policies
  • Windows Clients
    • Windows 11
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows XP
    • MS Office
    • Outlook
  • Virtualization
    • VMWare
    • Hyper-V
    • KVM
  • PowerShell
  • Exchange
  • Cloud
    • Azure
    • Microsoft 365
    • Office 365
  • Linux
    • CentOS
    • RHEL
    • Ubuntu

 Windows OS Hub / Windows Server 2008 R2 / Remote Desktop Connection Error: Outdated entry in the DNS cache

December 14, 2016 Windows Server 2008 R2

Remote Desktop Connection Error: Outdated entry in the DNS cache

Users have begun to complain that when trying to connect to the RDS (Remote Desktop Server) farm  running Windows Server 2008 R2 using the standard RD client (mstsc.exe) they often get an error:

The connection cannot be completed because the remote computer that was reached is not the one you specified. This could be caused by an outdated entry in the DNS cache

The connection cannot be completed because the remote computer that was reached is not the one you specified. This could be caused by an outdated entry in the DNS cache. Try using the IP address of the computer instead of the name.

The configuration of the RDS farm: 3 servers running Windows Server 2008 R2 with RD Connection Broker used to distribute workload between the terminals and to reconnect to the current sessions. The fact that the error occurred from time to time had suggested that there was a problem with one of the servers of the farm. By means of sequential search, the problem server was found and we connected to its desktop remotely using its IP address.

Just in case, I ran the server record registration in DNS again:

ipconfig /registerdns

And reset the local DNS cache on the client in a couple of minutes:

ipconfig /flushdns

But it didn’t help. There were no other problems with the server, so I had to use an article in Microsoft knowledge base: https://support.microsoft.com/kb/2493594 (RDP connection to Remote Desktop server running Windows Server 2008 R2 may fail with message ‘The Local Security Authority cannot be contacted’).

The solution in the article offered to reduce the level of the protocol used to encrypt the RDP connection from SSL (TLS 1.0 is used for authentication) to RDP Security Layer (the integrated and less secure RDP encryption).

Note. This setting is located in Remote Desktop Session Host Configuration -> Microsoft RDP 7.1 ->Properties -> Security Layer

rds host configuration

But in our configuration, the Negotiate method is used that uses automatic switching from TLS to RDP Security Layer if the client does not support the first method.

Entirely by accident, I noticed that the time on the problem server differ from the domain controller time. Indeed, it turned out that this server (a virtual one) was located on the VMWare ESXi host with the wrong time, and the option of time synchronization with the host hypervisor (Time synchronization between the virtual machine and the ESX Server) was enabled in VMWare Tools settings.

I had to disable ESXi synchronization and restart Windows Time Service to synchronize time with the DC.

net stop w32time
net start w32time

restart w32time service

After that, users could connect to all servers of the RDS farm without any errors.

Note. The error “This could be caused by an outdated entry in the DNS cache” also appears if you try to connect to the specific server in the RDS farm by its name. In this case, Connection Broker may redirect the client to another RD host (with another DNS name and IP address), which results in the discrepancy between the specified address and the address of the server, and the client returns the error after the authentication attempt. So always specify the RD farm name to connect.

2 comments
0
Facebook Twitter Google + Pinterest
previous post
Recovering Encrypted Files from VSS Snapshot after Ransomware Infection
next post
GPO Logging Using Gpsvc.log in Windows 7

Related Reading

How to Enable TLS 1.2 on Windows?

January 18, 2023

Outlook: Your Server Does Not Support the Connection...

October 20, 2022

Adding USB 3.0 and NVMe Drivers to Windows...

September 7, 2022

How to Run Disk Cleanup (Cleanmgr.exe) on Windows...

March 12, 2020

RDP Authentication Error: CredSSP Encryption Oracle Remediation

September 10, 2019

2 comments

Bob May 1, 2017 - 9:25 pm

Tried the stop w32time/start w32time/ registerdns suggestion and corrected all my errors, thank you!

Reply
Andy May 27, 2019 - 6:54 pm

‘net time /set’ worked for me.
Leadup to scenario:
– Yearly factory power outage for electrical maintenance
– Power up, most servers came up clean. DNS server did not.
– Other servers could not sync their clocks and started their own as best they could.
– DNS server returned to service but by not remoting into the other servers was refused.
– Remoting into other server using IP address, ‘set time’ command, then remote logon by server name successful.
!! Thanks for the tip.

Reply

Leave a Comment Cancel Reply

Categories

  • Active Directory
  • Group Policies
  • Exchange Server
  • Microsoft 365
  • Azure
  • Windows 11
  • Windows 10
  • Windows Server 2022
  • Windows Server 2019
  • Windows Server 2016
  • PowerShell
  • VMWare
  • Hyper-V
  • Linux
  • MS Office

Recent Posts

  • Configure User’s Folder Redirection with Group Policy

    February 3, 2023
  • Using Previous Command History in PowerShell Console

    January 31, 2023
  • How to Install the PowerShell Active Directory Module and Manage AD?

    January 31, 2023
  • Finding Duplicate E-mail (SMTP) Addresses in Exchange

    January 27, 2023
  • How to Delete Old User Profiles in Windows?

    January 25, 2023
  • How to Install Free VMware Hypervisor (ESXi)?

    January 24, 2023
  • How to Enable TLS 1.2 on Windows?

    January 18, 2023
  • Allow or Prevent Non-Admin Users from Reboot/Shutdown Windows

    January 17, 2023
  • Fix: Can’t Extend Volume in Windows

    January 12, 2023
  • Wi-Fi (Internet) Disconnects After Sleep or Hibernation on Windows 10/11

    January 11, 2023

Follow us

woshub.com
  • Facebook
  • Twitter
  • RSS
Popular Posts
  • Windows Update Error 0x80244022 and WsusPool Memory Limit
  • Fixing High Memory Usage by Metafile on Windows Server 2008 R2
  • Unable to Install Print Driver after KB3170455
  • How to Filter Event Logs by Username in Windows 2008 and higher
  • GPO Logging Using Gpsvc.log in Windows 7
  • Windows Event Triggers
Footer Logo

@2014 - 2023 - Windows OS Hub. All about operating systems for sysadmins


Back To Top