Windows Server 2016 RD Connection Broker doesn’t redirect

We have been trying to set up an RDP server farm for the past 2 weeks now and we are right at the end but just cannot solve this last issue.

We have 2 RD session hosts and 1 server running the RD gateway, RD broker, RD licensing, RD web access, AD and DNS.

We have gotten to the point where we have a public SSL (not self-signed) certificate configured on our gateway.

For testing purposes, we have the gateway set-up to allow all users to connect to all ports on all computers. Later we will, of course, change this for security.

The thing we are currently stuck on is the connection broker. When we connect locally or from a public address through the gateway we are getting the issue that the broker is unable to redirect our users to the correct session host.

We are getting this error message in: TerminalServices-SessionBroker > Admin:

RD Connection Broker failed to process the connection request for user [domain]\[user].
User's RDP file has invalid hint format.
Error: The format of the connection hint in the RDP file is incorrect.

We are getting this error message in: TerminalServices-SessionBroker-Client > Operational:

Remote Desktop Connection Broker Client failed to redirect the user LITE\d-admin.
Error: NULL

Our RDP file is setup with all defaults with the only changes being:

• Gateway: public domain name set by the certificate.
• Computer name: [computername].domain.wan

When connecting the client shows the following error:

The connection was denied because the user account is not authorized for remote login.

This means that the account can't log on without permissions. When given these permissions the account will log onto the connection broker computer and NOT one of the session hosts.

Please, someone help us…we are completely lost at this point. We have been Googling for days and just cannot find a solution.