Resolution

Note: For the support team, troubleshooting the Microsoft environment is out of the scope. However, this article provides some hints.

To troubleshoot issues in a Microsoft Remote Desktop Services environment, it can take quite some effort to find all relevant logs in the Windows Event Viewer on different servers.

There is however a PowerShell script available that makes it possible to get historical logs or live logs from multiple servers at once in a single view. Those entries can be viewed in the PowerShell console/terminal, or exported to .csv files.

The script is very generic. But it does contain a parameter that will make sure the output only contains entries from relevant RDS services such as RD Connection Broker, RD Web Access, RD Gateway and RD Session Host Servers.

Download:

• Stable version:
  PowerShell Gallery | event-log-manager 1.1 
• Mind that this script is maintained on GitHub. At the moment of writing, the GitHub version is more recent and contains minor fixes:
  powershellScripts/event-log-manager.ps1 at master · jagilber/powershellScripts · GitHub 

Some examples:

Live output of event logs on multiple machines for Remote Desktop Services:
.\event-log-manager.ps1 -listen -rds -machines rdsh01,rdsh02,rdcb01 

Query the last 10 minutes:
.\event-log-manager.ps1 -rds -minutes 10 -Machines rdcb01

Enable ‘debug and analytic’ event logs for 'rds' event logs:
.\event-log-manager.ps1 –enableDebugLogs -rds -machines rdcb01

Disable ‘debug and analytic’ event logs for 'rds' event logs:
.\event-log-manager.ps1 –disableDebugLogs -rds -machines rdcb01

Hint: If you are getting an "RPC Server is unavailable" error while executing the above commands, you may want to check the Windows Firewall to enable the "Remote Log Event Management" inbound firewall rules.