![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 42%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMK%3C/text%3E%3C/svg%3E)
318 questions
After a night of debugging we found the answer: It was the smart card removal policy that created the issue. We first ruled it out because the disconnects even happened on clients without smart cards but in the end, the smart card service was the culprit. Which in hindsight makes perfect sense, it is a service that lives in session "0" and is disconnecting other session when it detects a smart card removal.
We can't explain why it malfunctioned that often, killing session with the smart card still attached or sessions without smart cards at all but disabling the policy fixed the issue. We now detect a removed smart card on the client side and kill the freerdp session accordingly.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 50%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMS%3C/text%3E%3C/svg%3E)