Windows OS Hub
  • Windows Server
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
    • Windows Server 2012 R2
    • Windows Server 2008 R2
    • SCCM
  • Active Directory
    • Active Directory Domain Services (AD DS)
    • Group Policies
  • Windows Clients
    • Windows 11
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows XP
    • MS Office
    • Outlook
  • Virtualization
    • VMWare
    • Hyper-V
    • KVM
  • PowerShell
  • Exchange
  • Cloud
    • Azure
    • Microsoft 365
    • Office 365
  • Linux
    • CentOS
    • RHEL
    • Ubuntu
  • Home
  • About

Windows OS Hub

  • Windows Server
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
    • Windows Server 2012 R2
    • Windows Server 2008 R2
    • SCCM
  • Active Directory
    • Active Directory Domain Services (AD DS)
    • Group Policies
  • Windows Clients
    • Windows 11
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows XP
    • MS Office
    • Outlook
  • Virtualization
    • VMWare
    • Hyper-V
    • KVM
  • PowerShell
  • Exchange
  • Cloud
    • Azure
    • Microsoft 365
    • Office 365
  • Linux
    • CentOS
    • RHEL
    • Ubuntu

 Windows OS Hub / Windows Server 2008 R2 / Remote Desktop Connection Error: Outdated entry in the DNS cache

December 14, 2016 Windows Server 2008 R2

Remote Desktop Connection Error: Outdated entry in the DNS cache

Users have begun to complain that when trying to connect to the RDS (Remote Desktop Server) farm  running Windows Server 2008 R2 using the standard RD client (mstsc.exe) they often get an error:

The connection cannot be completed because the remote computer that was reached is not the one you specified. This could be caused by an outdated entry in the DNS cache

The connection cannot be completed because the remote computer that was reached is not the one you specified. This could be caused by an outdated entry in the DNS cache. Try using the IP address of the computer instead of the name.

The configuration of the RDS farm: 3 servers running Windows Server 2008 R2 with RD Connection Broker used to distribute workload between the terminals and to reconnect to the current sessions. The fact that the error occurred from time to time had suggested that there was a problem with one of the servers of the farm. By means of sequential search, the problem server was found and we connected to its desktop remotely using its IP address.

Just in case, I ran the server record registration in DNS again:

ipconfig /registerdns

And reset the local DNS cache on the client in a couple of minutes:

ipconfig /flushdns

But it didn’t help. There were no other problems with the server, so I had to use an article in Microsoft knowledge base: https://support.microsoft.com/kb/2493594 (RDP connection to Remote Desktop server running Windows Server 2008 R2 may fail with message ‘The Local Security Authority cannot be contacted’).

The solution in the article offered to reduce the level of the protocol used to encrypt the RDP connection from SSL (TLS 1.0 is used for authentication) to RDP Security Layer (the integrated and less secure RDP encryption).

Note. This setting is located in Remote Desktop Session Host Configuration -> Microsoft RDP 7.1 ->Properties -> Security Layer

rds host configuration

But in our configuration, the Negotiate method is used that uses automatic switching from TLS to RDP Security Layer if the client does not support the first method.

Entirely by accident, I noticed that the time on the problem server differ from the domain controller time. Indeed, it turned out that this server (a virtual one) was located on the VMWare ESXi host with the wrong time, and the option of time synchronization with the host hypervisor (Time synchronization between the virtual machine and the ESX Server) was enabled in VMWare Tools settings.

I had to disable ESXi synchronization and restart Windows Time Service to synchronize time with the DC.

net stop w32time
net start w32time

restart w32time service

After that, users could connect to all servers of the RDS farm without any errors.

Note. The error “This could be caused by an outdated entry in the DNS cache” also appears if you try to connect to the specific server in the RDS farm by its name. In this case, Connection Broker may redirect the client to another RD host (with another DNS name and IP address), which results in the discrepancy between the specified address and the address of the server, and the client returns the error after the authentication attempt. So always specify the RD farm name to connect.

3 comments
1
Facebook Twitter Google + Pinterest
previous post
Recovering Encrypted Files from VSS Snapshot after Ransomware Infection
next post
How to Block Viruses and Ransomware Using Software Restriction Policies

Related Reading

Fix: BSOD Error 0x0000007B (INACCESSABLE_BOOT_DEVICE) on Windows

May 16, 2023

0x80244010 Exceeded Max Server Round Trips: Windows Update...

April 12, 2023

How to Enable TLS 1.2 on Windows?

January 18, 2023

Outlook: Your Server Does Not Support the Connection...

October 20, 2022

Adding USB 3.0 and NVMe Drivers to Windows...

September 7, 2022

3 comments

Bob May 1, 2017 - 9:25 pm

Tried the stop w32time/start w32time/ registerdns suggestion and corrected all my errors, thank you!

Reply
Andy May 27, 2019 - 6:54 pm

‘net time /set’ worked for me.
Leadup to scenario:
– Yearly factory power outage for electrical maintenance
– Power up, most servers came up clean. DNS server did not.
– Other servers could not sync their clocks and started their own as best they could.
– DNS server returned to service but by not remoting into the other servers was refused.
– Remoting into other server using IP address, ‘set time’ command, then remote logon by server name successful.
!! Thanks for the tip.

Reply
Madhura March 15, 2023 - 10:36 am

I tried ipconfig \registerdns and associate commands, its working for me. Many many thanks!

Reply

Leave a Comment Cancel Reply

Categories

  • Active Directory
  • Group Policies
  • Exchange Server
  • Microsoft 365
  • Azure
  • Windows 11
  • Windows 10
  • Windows Server 2022
  • Windows Server 2019
  • Windows Server 2016
  • PowerShell
  • VMWare
  • Hyper-V
  • Linux
  • MS Office

Recent Posts

  • Configuring Event Viewer Log Size on Windows

    May 24, 2023
  • How to Detect Who Changed the File/Folder NTFS Permissions on Windows?

    May 24, 2023
  • Enable Single Sign-On (SSO) Authentication on RDS Windows Server

    May 23, 2023
  • Allow Non-admin Users RDP Access to Windows Server

    May 22, 2023
  • How to Create, Change, and Remove Local Users or Groups with PowerShell?

    May 17, 2023
  • Fix: BSOD Error 0x0000007B (INACCESSABLE_BOOT_DEVICE) on Windows

    May 16, 2023
  • View Success and Failed Local Logon Attempts on Windows

    May 2, 2023
  • Fix: “Something Went Wrong” Error When Installing Teams

    May 2, 2023
  • Querying Windows Event Logs with PowerShell

    May 2, 2023
  • Configure Windows LAPS (Local Administrator Passwords Solution) in AD

    April 25, 2023

Follow us

  • Facebook
  • Twitter
  • RSS
Popular Posts
  • Fixing High Memory Usage by Metafile on Windows Server 2008 R2
Footer Logo

@2014 - 2023 - Windows OS Hub. All about operating systems for sysadmins


Back To Top