Remote Desktop Connection Error Code 0x904 Extended Error Code 0x7 💫

If it is expired or invalid, right-click the certificate and select .

REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v MaxOutstandingConnections /t REG_DWORD /d 65536 5. Azure-Specific Fix (MachineKeys) For Azure VMs with corrupt certificate stores, rename C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys using Azure's Run Command, then restart the VM. Summary Checklist Potential Issue Recommended Action Expired Certificate Delete old cert in certlm.msc and restart Network Speed Reconnect VPN or test bandwidth; avoid high-latency links. Security Layer Temporarily disable Network Level Authentication (NLA) via gpedit.msc DNS/Hostname Use the static IP address for the connection. PowerShell commands to verify if port 3389 is open on your remote server? Unable to RDP into some Windows Servers - Error code: 0x904

: On virtual machines (such as Azure VMs), the system's RSA MachineKeys directory can become corrupt, preventing the RDP service from reading or creating necessary private keys. If it is expired or invalid, right-click the

If the TLS handshakes are being analyzed or broken by deep packet inspection tools, third-party firewalls, or corporate antivirus solutions (such as Bitdefender), a termination drop occurs. Unable to RDP into some Windows Servers - Error code: 0x904

Navigate to: Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Security Unable to RDP into some Windows Servers -

The Remote Desktop Connection error is a multifaceted issue typically rooted in network instability or security layer mismatches. By systematically addressing network connectivity, verifying firewall rules, updating the client, and adjusting TLS settings, most users can resolve this quickly. However, in persistent cases involving legacy systems or Azure VMs, clearing the MachineKeys store or resetting security layers often proves to be the definitive solution. Always begin with the simpler diagnostics—checking the firewall and updating the client—before moving on to registry modifications.

or the built-in Windows Firewall can block the connection, especially after a Windows 11 upgrade. Whitelist the App Windows Security Firewall & network protection Allow an app through firewall Remote Desktop is checked for both Private and Public networks. Manual Exception C:\Windows\System32\mstsc.exe as an exception in your third-party antivirus. 3. Stabilize the Network Connection Windows Server environments (2016/2019/2022)

In hardened standalone environments, the TerminalServices listener drops connections if it lacks direct read rights to its cryptographic keys.

. The error frequently strikes suddenly on Windows 11 upgrades, Windows Server environments (2016/2019/2022), and Azure Virtual Machines (VMs). Even when you enter correct credentials, the connection drops before the desktop environment can load, leaving you with an unhelpful "This computer can't connect to the remote computer" prompt.

Open as Administrator and run: Restart-Service TermService -Force

Windows will automatically generate a new certificate upon the service restart 2. Adjust Firewall and Antivirus Settings Security software like Bitdefender