Remote Desktop Connection Error Code 0x904 Extended Error Code 0x7 ⭐ Working

Example:

qwinsta
rwinsta 2

If the default port has been changed or is not listening, the connection will fail immediately.

Remote Desktop error code 0x904 (extended 0x7) typically indicates a general network connection failure. It most often occurs due to network instability, expired security certificates on the host machine, or firewall interference. Most Common Fixes

Renew Expired Certificates: This is a frequent "hidden" cause where the self-signed RDP certificate on the host machine has expired.

On the remote server, press Win + R, type certlm.msc, and hit Enter. Navigate to Remote Desktop > Certificates. If a certificate is expired, delete it.

Restart the Remote Desktop Services (TermService) via the Services app or Command Prompt to force Windows to generate a new one.

Connect via IP Address: Instead of using the computer's hostname (e.g., "Work-PC"), use its local IP address (e.g., 192.168.1.50). This bypasses potential DNS resolution issues.

Verify Firewall Settings: Ensure that RDP is allowed through the Windows Defender Firewall on both the client and host machines.

Search for "Allow an app through Windows Firewall" and confirm Remote Desktop and Remote Desktop (WebSocket) are checked for both Private and Public networks.

Check VPN Stability: If you are connecting over a VPN, a "dodgy" or slow connection often triggers this specific code. Try disconnecting and reconnecting the VPN before attempting the RDP session again. Additional Troubleshooting

Restart Both Machines: A simple reboot of both the client and the remote host can often clear temporary service hangups or network glitches.

Update RDP Clients: Ensure you are using the latest version of the Microsoft Remote Desktop app, especially if you recently upgraded to Windows 11.

Azure VM Fix: If the error occurs on an Azure Virtual Machine, it may be due to a corrupt MachineKeys folder. Renaming this folder (e.g., to MachineKeys_old) and rebooting the server can resolve certificate creation issues.

Are you connecting over a local network or via a VPN/Gateway when this happens?

The Remote Desktop Connection error code 0x904 (extended code 0x7) typically signals a breakdown in the communication handshake between your device and the remote host. This most often stems from unstable network conditions, security software interference, or corrupted RDP certificates. The Story of the Broken Connection

Imagine you're trying to walk through a secure door (the remote server) using a digital key. You reach for the handle, but before you can even turn it, the door vanishes or the lock jams.

The Unstable Path: Your "path" to the door (the network) might be too shaky. If your Wi-Fi drops packets or your VPN is lagging, the connection times out before the security handshake can finish.

The Invisible Guard: A firewall or antivirus (like Bitdefender) might be standing in the way, mistakenly flagging the Remote Desktop request as a threat and cutting the line instantly.

The Expired ID: On the server side, the "ID badge" (the self-signed RDP certificate) might have expired or become corrupted. When your computer asks to see it, the server can't provide a valid one, leading to an immediate 0x904 error. How to Fix It

If you are facing this "vanishing door" scenario, try these steps in order:

Switch to the IP Address: Instead of using the computer's name (e.g., "Work-PC"), try connecting directly using its local IP address (e.g., 192.168.1.50). This bypasses potential DNS issues.

Check Your Firewall: Ensure mstsc.exe (the Remote Desktop app) is allowed through the Windows Firewall on both your computer and the target machine. Example: qwinsta rwinsta 2

Reset RDP Certificates (Azure/Servers): For Azure VMs or Windows Servers, corrupted certificates are a common culprit. You can often resolve this by renaming the MachineKeys folder and rebooting to force Windows to generate a new certificate.

Disable Network Level Authentication (NLA): As a temporary troubleshooting step, try disabling NLA in the Remote Desktop Session Host settings to see if it bypasses the handshake error.

Are you connecting to a local office computer or a cloud-based virtual machine (like Azure)? Unable to RDP into some Windows Servers - Error code: 0x904

Remote Desktop error code 0x904 (extended error 0x7) typically indicates an unstable network connection, expired certificates, or firewall misconfigurations www.remoteaccesspcdesktop.com 1. Renew Expired RDP Certificates

The most common cause for this specific error is an expired self-signed certificate on the remote server. www.remoteaccesspcdesktop.com Access the server locally or through an alternative remote tool. certlm.msc , and press Enter. Navigate to Certificates Remote Desktop Certificates Find the certificate used for Remote Desktop, check its expiration date , and delete it if expired. Open Command Prompt as Administrator and run: restart-service termserv -force (or restart the server).

Windows will automatically generate a new certificate upon restart. www.remoteaccesspcdesktop.com 2. Connect via IP Address

Windows 11 builds (22H2 and later) sometimes have hostname resolution bugs that trigger this error. www.remoteaccesspcdesktop.com Try connecting using the target machine’s IP address 192.168.1.100 ) instead of its hostname. Clear your DNS cache on the client machine by running ipconfig /flushdns in Command Prompt. TheITBros.com 3. Fix Certificate Store (Azure VMs only) If you are using an Azure Virtual Machine, a corrupt MachineKeys

folder often prevents new RDP certificates from being created. www.remoteaccesspcdesktop.com In the Azure Portal, go to your VM and select Run Command RunPowerShellScript Run the following command:

Rename-Item -path "C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys" -NewName "MachineKeys_old" the server from the portal. www.remoteaccesspcdesktop.com 4. Configure Firewall & Antivirus

Ensure that the Remote Desktop application and port 3389 are not being blocked. Microsoft Learn Allow an app through Windows Firewall on both machines. Remote Desktop Remote Desktop (WebSocket) are checked for both Private and Public networks. Verify that (located in C:\Windows\System32\ ) is explicitly allowed in your antivirus settings. 5. Increase Outstanding Connections

If the error occurs during high traffic or multiple simultaneous requests, you can increase the connection limit via the Registry: Microsoft Learn Run Command Prompt as Administrator.

REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v MaxOutstandingConnections /t REG_DWORD /d 65536 your computer. Microsoft Learn disable Network Level Authentication (NLA) as a temporary security workaround to test the connection? Fix Remote Desktop Error Code 0x904: 4 Working Solutions

The Remote Desktop connection error 0x904 (Extended Error 0x7)

typically points to network instability, expired security certificates, or firewall blocks

. This guide outlines how to troubleshoot and fix these issues to restore your connection. 1. Fix Expired RDP Certificates

The most common cause of this error on Windows Servers or Azure VMs is an expired self-signed certificate.

Log into the affected machine locally or via an alternative remote tool. Certificates MMC snap-in by pressing and typing certlm.msc Navigate to Remote Desktop Certificates

Check for an expired certificate. If it is past its date, right-click and Open Command Prompt as an administrator and run: net stop termservice && net start termservice

Windows will automatically generate a new certificate upon the service restart 2. Adjust Firewall and Antivirus Settings Security software like Bitdefender

or the built-in Windows Firewall can block the connection, especially after a Windows 11 upgrade. Whitelist the App Windows Security Firewall & network protection Allow an app through firewall Remote Desktop is checked for both Private and Public networks. Manual Exception C:\Windows\System32\mstsc.exe as an exception in your third-party antivirus. 3. Stabilize the Network Connection

Error 0x904 often triggers when the connection is "dodgy"—meaning it has high packet loss or insufficient bandwidth. Switch to IP Address : Try connecting using the server's IP address instead of its hostname to bypass potential DNS issues. If the default port has been changed or

: If using a VPN, ensure it is not throttling your speed. Try reconnecting the VPN tunnel. Update the Client : Ensure you are using the latest version of the Microsoft Remote Desktop client from the Microsoft Store. 4. Configure Security Layers (Advanced)

If the above fails, you can force the server to use a specific security layer via the Group Policy Editor ( gpedit.msc Computer Configuration Administrative Templates Windows Components Remote Desktop Services Remote Desktop Session Host

Require use of specific security layer for remote (RDP) connections and select from the dropdown.

Require user authentication for remote connections by using Network Level Authentication (NLA) Are you connecting to a local server cloud-based virtual machine

? Knowing this can help pinpoint which certificate or network rule is likely failing. Fix Remote Desktop Error Code 0x904: 4 Working Solutions

Troubleshooting Remote Desktop Error 0x904 (Extended Error 0x7) The Remote Desktop Connection error 0x904 with extended error 0x7

a generic failure indicating that the client cannot establish a stable session with the host

. It most commonly occurs due to network instability, expired security certificates, or misconfigured firewall settings on modern Windows versions like Windows 10, 11, and Server 2016–2022. Primary Causes Certificate Issues:

Expired or corrupt self-signed RDP certificates on the host machine often trigger this specific error. Network Instability:

Insufficient bandwidth, high packet loss, or slow VPN connections can cause the handshake to fail. Firewall Interference:

Even if RDP is "allowed," specific sub-components like "Remote Desktop (WebSocket)" may be blocked. Windows 11 Compatibility:

Hostname resolution bugs in newer Windows 11 builds (e.g., 22H2) frequently result in 0x904. Technical Resolution Procedures 1. Renew Expired RDP Certificates Access the server, open certlm.msc , navigate to Remote Desktop > Certificates , and delete the expired certificate. restart-service termserv -force in an admin Command Prompt to regenerate the certificate. 2. Bypass Hostname Resolution (Windows 11)

To address potential DNS bugs in Windows 11, attempt to connect using the IP address instead of the hostname. 3. Advanced Firewall Configuration Verify that both Remote Desktop Remote Desktop (WebSocket) are allowed in the Windows Firewall. Manually add as an allowed app on the client side. 4. Adjust Connection Registry (Host Side)

To resolve errors caused by too many pending connections, run the following in an Admin Command Prompt to increase MaxOutstandingConnections

REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v MaxOutstandingConnections /t REG_DWORD /d 65536 5. Azure-Specific Fix (MachineKeys) For Azure VMs with corrupt certificate stores, rename C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys using Azure's Run Command, then restart the VM. Summary Checklist Potential Issue Recommended Action Expired Certificate Delete old cert in certlm.msc and restart Network Speed Reconnect VPN or test bandwidth; avoid high-latency links. Security Layer Temporarily disable Network Level Authentication (NLA) via gpedit.msc DNS/Hostname Use the static IP address for the connection. PowerShell commands to verify if port 3389 is open on your remote server? Unable to RDP into some Windows Servers - Error code: 0x904

Remote Desktop error 0x904 (Extended Error 0x7) typically indicates a network-level connection failure often caused by expired certificates, firewall blocks, or unstable network conditions. Quick Fixes

Connect via IP Address: Windows 11 hostname resolution can sometimes trigger this error. Try entering the IP address (e.g., 192.168.1.50) instead of the computer name.

Use the Modern Client: If the classic "Remote Desktop Connection" fails, try the Microsoft Remote Desktop app from the Microsoft Store.

Verify Port 3389: Use PowerShell to check if the remote port is reachable:Test-NetConnection [RemoteIP] -Port 3389. Detailed Troubleshooting Guide 1. Fix Expired RDP Certificates (Most Common)

RDP uses self-signed certificates that don't always auto-renew, causing connections to fail silently. Access the remote server (via console or another method). Press Win + R, type certlm.msc, and hit Enter. Go to Remote Desktop > Certificates.

Check for an expired certificate. If expired, right-click and Delete it. Remote Desktop error code 0x904 (extended 0x7) typically

Restart the service to generate a new one: Open Command Prompt as Admin and run:net stop termservice then net start termservice. 2. Resolve Azure VM Certificate Corruption

If you are using an Azure Virtual Machine, a corrupt MachineKeys folder can prevent RDP from functioning.

In the Azure Portal, go to your VM and select Run command > RunPowerShellScript.

Run this command:Rename-Item -path "C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys" -NewName "MachineKeys_old". Reboot the VM from the portal. 3. Configure Firewall & Antivirus Exceptions

Firewalls often block the specific RDP executable even if the general rule is enabled.

On both the client and host, go to Allow an app through Windows Firewall.

Click Change settings and ensure both Remote Desktop and Remote Desktop (WebSocket) are checked for Private and Public.

Click Allow another app, browse to C:\Windows\System32\mstsc.exe, and add it.

Antivirus Check: Ensure third-party security software (like Bitdefender) isn't blocking rdp.exe. 4. Increase Maximum Outstanding Connections

If the error occurs due to too many pending requests, adjust the registry. Open Command Prompt (Admin) on the host computer.

Run: REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v MaxOutstandingConnections /t REG_DWORD /d 65536. Restart the computer. 5. Adjust Security Layers (Legacy Support)

If there is an encryption cipher mismatch, lowering the security requirement can restore the connection. Open gpedit.msc on the host.

Navigate to Computer Configuration > Admin Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Security.

Enable Require use of specific security layer for remote (RDP) connections and set the Security Layer to RDP.

Disable Require user authentication... using Network Level Authentication (NLA).

Are you connecting through a VPN or a local network when this error occurs? Fix Remote Desktop Error Code 0x904: 4 Working Solutions

Here’s a focused troubleshooting guide for Remote Desktop Connection error code 0x904 (extended error code 0x7).

On the client, collect a more detailed log:

mstsc.exe /restrictedAdmin

If that works, the issue is NLA/CredSSP.

Or use wireshark during connection attempt – filter tcp.port==3389 – look for SSL/TLS handshake failure (indicates encryption mismatch).

How It Works

Download Exam
Step 1. Choose Exam
on Exam-Labs
Download IT Exams Questions & Answers
Download Avanset Simulator
Step 2. Open Exam with
Avanset Exam Simulator
Press here to download VCE Exam Simulator that simulates latest exam environment
Study
Step 3. Study
& Pass
IT Exams Anywhere, Anytime!

Close

SPECIAL OFFER: GET 10% OFF. This is ONE TIME OFFER

You save
10%
Save
Exam-Labs Special Discount

Enter Your Email Address to Receive Your 10% Off Discount Code

A confirmation link will be sent to this email address to verify your login

* We value your privacy. We will not rent or sell your email address.

SPECIAL OFFER: GET 10% OFF

You save
10%
Save
Exam-Labs Special Discount

USE DISCOUNT CODE:

A confirmation link was sent to your email.

Please check your mailbox for a message from [email protected] and follow the directions.