Trong nội dung bài viết này

This article describes an error that you may experience when you try khổng lồ connect to lớn a virtual machine (VM) in Microsoft Azure.

Bạn đang xem: Hướng dẫn sửa lỗi an internal error has occurred trên windows

Symptoms

You can"t connect to lớn an Azure VM by using the remote desktop protocol (RDP). The connection gets stuck on the Configuring Remote section, or you receive the following error message:

RDP internal error
An internal error has occurred
This computer can"t be connected to the remote computer. Try connecting again. If the problem continues, tương tác the owner of the remote computer or your network administrator

Cause

This issue might occur for the following reasons:

The virtual machine might have been attacked.The local RSA encryption keys can"t be accessed.TLS protocol is disabled.The certificate is corrupted or expired.

Solution

To troubleshoot this issue, complete the steps in the following sections. Before you begin, take a snapshot of the OS disk of the affected VM as a backup. For more information, see Snapshot a disk.

Check RDP security

First, kiểm tra to see whether the network security group for RDP port 3389 is unsecured (open). If it"s unsecured and it shows * as the source IP address for inbound, restrict the RDP port lớn a specifc user"s IP address, and then demo RDP access. If this fails, complete the steps in the next section.

Use Serial control

Use the Serial Console or repair the VM offline by attaching the OS disk of the VM khổng lồ a recovery VM.

To begin, connect to lớn the Serial Console and open a Power
Shell instance. If the Serial Console is not enabled on your VM, go khổng lồ the repair the VM offline section.

Step: 1 check the RDP port

If Termservice.exe is using 3389 port, go to lớn step 2. If another service or application other than Termservice.exe is using 3389 port, follow these steps:

Stop the service for the application that is using the 3389 service:

Stop-Service -Name -Force
Start the terminal service:

Start-Service -Name Termservice
If the application cannot be stopped, or if this method does not apply khổng lồ you, change the port for RDP:

Change the port:

Set-Item
Property -Path "HKLM:SYSTEMCurrent
Control
SetControlTerminal ServerWin
StationsRDP-Tcp" -name Port
Number -value Stop-Service -Name Termservice -Force
Start-Service -Name Termservice
Set the firewall for the new port:

Set-Net
Firewall
Rule -Name "Remote
Desktop-User
Mode-In-TCP" -Local
Port Step 2: mix correct permissions on the RDP self-signed certificate
In a Power
Shell instance, run the following commands one by one to lớn renew the RDP self-signed certificate:

Import-Module PKISet-Location Cert:Local
Machine $Rdp
Cert
Thumbprint = "Cert:Local
MachineRemote Desktop"+((Get-Child
Item -Path "Cert:Local
MachineRemote Desktop").thumbprint) Remove-Item -Path $Rdp
Cert
Thumbprint
Stop-Service -Name "Session
Env"Start-Service -Name "Session
Env"If you cannot renew the certificate by using this method, try to renew the RDP self-signed certificate remotely:

From a working VM that has connectivity khổng lồ the VM that is experiencing problems, type mmc in the Run box to open Microsoft Management Console.

On the File menu, select Add/Remove Snap-in, select Certificates, and then select Add.

Select Computer accounts, select Another Computer, and then địa chỉ the IP address of the problem VM.

Go to the Remote DesktopCertificates folder, right-click the certificate, và then and select Delete.

In a Power
Shell instance from the Serial Console, restart the Remote Desktop Configuration service:

Stop-Service -Name "Session
Env"Start-Service -Name "Session
Env"Reset the permission for the Machine
Keys folder.

remove-module psreadline md c: empicacls C:Program
DataMicrosoftCryptoRSAMachine
Keys /t /c > c: empBefore
Script_permissions.txt takeown /f "C:Program
DataMicrosoftCryptoRSAMachine
Keys" /a /ricacls C:Program
DataMicrosoftCryptoRSAMachine
Keys /t /c /grant "NT AUTHORITYSystem:(F)"icacls C:Program
DataMicrosoftCryptoRSAMachine
Keys /t /c /grant "NT AUTHORITYNETWORK SERVICE:(R)"icacls C:Program
DataMicrosoftCryptoRSAMachine
Keys /t /c /grant "BUILTINAdministrators:(F)"icacls C:Program
DataMicrosoftCryptoRSAMachine
Keys /t /c > c: empAfter
Script_permissions.txt Restart-Service Term
Service -Force
Restart the VM, and then try Start a Remote Desktop connection to the VM. If the error still occurs, go to the next step.

Step 3: Enable all supported TLS versions

The RDP client uses TLS 1.0 as the default protocol. However, this can be changed to lớn TLS 1.1, which has become the new standard. If TLS 1.1 is disabled on the VM, the connection will fail.

In a CMD instance, enable the TLS protocol:

reg add "HKLMSYSTEMCurrent
Control
SetControlSecurity
ProvidersSCHANNELProtocolsTLS 1.0Server" /v Enabled /t REG_DWORD /d 1 /freg add "HKLMSYSTEMCurrent
Control
SetControlSecurity
ProvidersSCHANNELProtocolsTLS 1.1Server" /v Enabled /t REG_DWORD /d 1 /freg add "HKLMSYSTEMCurrent
Control
SetControlSecurity
ProvidersSCHANNELProtocolsTLS 1.2Server" /v Enabled /t REG_DWORD /d 1 /f
To prevent the AD policy from overwriting the changes, stop the group policy update temporarily:

REG địa chỉ "HKLMSYSTEMCurrent
Control
SetServicesgpsvc" /v Start /t REG_DWORD /d 4 /f
Restart the VM so that the changes take effect. If the issue is resolved, run the following command to lớn re-enable the group policy:

sc config gpsvc start= tự động sc start gpsvcgpupdate /force
If the change is reverted, it means that there"s an Active Directory policy in your company domain. You have to change that policy khổng lồ avoid this problem from occurring again.

Repair the VM Offline

Attach the OS disk lớn a recovery VMAfter the OS disk is attached khổng lồ the recovery VM, make sure that the disk is flagged as Online in the Disk Management console. Chú ý the drive letter that is assigned khổng lồ the attached OS disk.Start a Remote Desktop connection khổng lồ the recovery VM.Enable dump log & Serial Console

To enable dump log và Serial Console, run the following script.

Open an elevated command prompt session (Run as administrator).

Run the following script:

In this script, we assume that the drive letter that is assigned lớn the attached OS disk is F. Replace this drive letter with the appropriate value for your VM.

reg load HKLMBROKENSYSTEM F:windowssystem32configSYSTEMREM Enable Serial Consolebcdedit /store F:ootcd /set bootmgr displaybootmenu yesbcdedit /store F:ootcd /set bootmgr timeout 5bcdedit /store F:ootcd /set bootmgr bootems yesbcdedit /store F:ootcd /ems ONbcdedit /store F:ootcd /emssettings EMSPORT:1 EMSBAUDRATE:115200REM Suggested configuration khổng lồ enable OS Dump
REG showroom "HKLMBROKENSYSTEMControl
Set001ControlCrash
Control" /v Crash
Dump
Enabled /t REG_DWORD /d 1 /f
REG add "HKLMBROKENSYSTEMControl
Set001ControlCrash
Control" /v Dump
File /t REG_EXPAND_SZ /d "%System
Root%MEMORY.DMP" /f
REG địa chỉ "HKLMBROKENSYSTEMControl
Set001ControlCrash
Control" /v NMICrash
Dump /t REG_DWORD /d 1 /f
REG add "HKLMBROKENSYSTEMControl
Set002ControlCrash
Control" /v Crash
Dump
Enabled /t REG_DWORD /d 1 /f
REG showroom "HKLMBROKENSYSTEMControl
Set002ControlCrash
Control" /v Dump
File /t REG_EXPAND_SZ /d "%System
Root%MEMORY.DMP" /f
REG showroom "HKLMBROKENSYSTEMControl
Set002ControlCrash
Control" /v NMICrash
Dump /t REG_DWORD /d 1 /freg unload HKLMBROKENSYSTEMReset the permission for Machine
Keys folder
Open an elevated command prompt session (Run as administrator).

Run the following script. In this script, we assume that the drive letter that is assigned khổng lồ the attached OS disk is F. Replace this drive letter with the appropriate value for your VM.

Md F: empicacls F:Program
DataMicrosoftCryptoRSAMachine
Keys /t /c > c: empBefore
Script_permissions.txttakeown /f "F:Program
DataMicrosoftCryptoRSAMachine
Keys" /a /ricacls F:Program
DataMicrosoftCryptoRSAMachine
Keys /t /c /grant "NT AUTHORITYSystem:(F)"icacls F:Program
DataMicrosoftCryptoRSAMachine
Keys /t /c /grant "NT AUTHORITYNETWORK SERVICE:(R)"icacls F:Program
DataMicrosoftCryptoRSAMachine
Keys /t /c /grant "BUILTINAdministrators:(F)"icacls F:Program
DataMicrosoftCryptoRSAMachine
Keys /t /c > c: empAfter
Script_permissions.txt
Enable all supported TLS versions
Open an elevated command prompt session (Run as administrator), and the run the following commands. The following script assumes that the driver letter is assigned khổng lồ the attached OS disk is F. Replace this drive letter with the appropriate value for your VM.

Check which TLS is enabled:

reg load HKLMBROKENSYSTEM F:windowssystem32configSYSTEMREG showroom "HKLMBROKENSYSTEMControl
Set001ControlSecurity
ProvidersSCHANNELProtocolsTLS 1.0Server" /v Enabled /t REG_DWORD /d 1 /f
REG địa chỉ cửa hàng "HKLMBROKENSYSTEMControl
Set001ControlSecurity
ProvidersSCHANNELProtocolsTLS 1.1Server" /v Enabled /t REG_DWORD /d 1 /f
REG add "HKLMBROKENSYSTEMControl
Set001ControlSecurity
ProvidersSCHANNELProtocolsTLS 1.2Server" /v Enabled /t REG_DWORD /d 1 /f
REG add "HKLMBROKENSYSTEMControl
Set002ControlSecurity
ProvidersSCHANNELProtocolsTLS 1.0Server" /v Enabled /t REG_DWORD /d 1 /f
REG địa chỉ "HKLMBROKENSYSTEMControl
Set002ControlSecurity
ProvidersSCHANNELProtocolsTLS 1.1Server" /v Enabled /t REG_DWORD /d 1 /f
REG showroom "HKLMBROKENSYSTEMControl
Set002ControlSecurity
ProvidersSCHANNELProtocolsTLS 1.2Server" /v Enabled /t REG_DWORD /d 1 /f
If the key doesn"t exist, or its value is 0, enable the protocol by running the following scripts:

REM Enable TLS 1.0, TLS 1.1 and TLS 1.2REG địa chỉ "HKLMBROKENSYSTEMControl
Set001ControlSecurity
ProvidersSCHANNELProtocolsTLS 1.0Server" /v Enabled /t REG_DWORD /d 1 /f
REG showroom "HKLMBROKENSYSTEMControl
Set001ControlSecurity
ProvidersSCHANNELProtocolsTLS 1.1Server" /v Enabled /t REG_DWORD /d 1 /f
REG add "HKLMBROKENSYSTEMControl
Set001ControlSecurity
ProvidersSCHANNELProtocolsTLS 1.2Server" /v Enabled /t REG_DWORD /d 1 /f
REG showroom "HKLMBROKENSYSTEMControl
Set002ControlSecurity
ProvidersSCHANNELProtocolsTLS 1.0Server" /v Enabled /t REG_DWORD /d 1 /f
REG add "HKLMBROKENSYSTEMControl
Set002ControlSecurity
ProvidersSCHANNELProtocolsTLS 1.1Server" /v Enabled /t REG_DWORD /d 1 /f
REG địa chỉ cửa hàng "HKLMBROKENSYSTEMControl
Set002ControlSecurity
ProvidersSCHANNELProtocolsTLS 1.2Server" /v Enabled /t REG_DWORD /d 1 /f
Enable NLA:

REM Enable NLAREG địa chỉ "HKLMBROKENSYSTEMControl
Set001ControlTerminal ServerWin
StationsRDP-Tcp" /v User
Authentication /t REG_DWORD /d 1 /f
REG địa chỉ "HKLMBROKENSYSTEMControl
Set002ControlTerminal ServerWin
StationsRDP-Tcp" /v User
Authentication /t REG_DWORD /d 1 /freg unload HKLMBROKENSYSTEM

Contact us for help

If you have questions or need help, create a tư vấn request, or ask Azure community support. You can also submit product feedback khổng lồ Azure community support.

Theo các chuyên viên kỹ thuật huets.edu.vn, Có nhiều tại sao khi quý khách remote VPS/ hệ thống riêng, khiến máy chủ lộ diện Lỗi “an internal error has occurred”. Lỗi trên có thể xuất vạc từ những vấn đề liên quan đến việc setup máy công ty RDP / RDS, lắp thêm khách cài đặt Windows hoặc setup trong cửa sổ Kết nối máy tính xách tay từ xa.


“An internal error has occurred” Remote Desktop thường xuất hiện sau khi người dùng đăng nhập vào cửa ngõ sổ mstsc.exe hoặc ngay sau khi nhấp vào nút Connect:


*

Anh chị rất có thể sửa lỗi “an internal error has occurred” bởi 3 phương pháp sau:

C1: Khởi hễ lại máy tính xách tay và liên kết lại.

C2: Khởi đụng lại Remote Desktop Services

B1: Mở kiếm tìm kiếm Run, seach Services.msc, click “OK”


*

*

B3: Mở Remote Desktop Connection trên window.

Mở tab “Experience” -> tick chọn “Reconnect if the connection is dropped


*

Click “Connect”, xong việc sửa lỗi “an internal error has occurred

Lưu ý: Nếu bạn cài đặt phần mượt VPN, buộc phải tắt kết nối VPN đến lúc sửa xong lỗi

C3: biến hóa 1 số chính sách trong phần gpedit.msc

B1: Trong tra cứu kiếm “Run”, mở gpedit.msc


*

B2: Tắt giao thức UDP mang đến Remote Desktop mặt phía Client: Computer configuration => Administrative Templates => Windows Components=> Remote Desktop Services => Remote Desktop Connection Client => Turn Off UDP on Client = Enabled:


B3: Bật thuật toán FIPS: Computer configuration => Windows Settings => Security Settings => Local Policies => Security Options => System cryptography: Use FIPS compliant algorithms for encryption, hashing, & signing = Enabled:


B4: Tắt mã hóa phần cứng với thực thế chế độ AVC:444 sống phía server: Computer configuration => Administrative Templates => Windows Components => Remote Desktop Services => Remote Desktop Session Host => Remote Session Environment => Prioritize H.264/AVC 444 Graphics mode for Remote Desktop Connection = Disabled:


B5: Thay đổi mức độ bảo mật thông tin RDP sang chế độ RDP: Computer configuration => Administrative Templates => Windows Components => Remote Desktop Services => Remote Desktop Session Host => Security => Require use of specific security layer for remote connections = Enabled


B6: Sau lúc chỉnh chấm dứt dùng lệnh gpupdate trong cmd.exe với quyền Administrator

Trên đấy là hướng dẫn chi tiết các bí quyết khắc phục lỗi “an internal error has occurred” Remote Desktop, hy vọng sẽ giúp đỡ ích các bạn trong quá trình máy chủ gặp vấn đề, đề nghị khắc phục cấp tốc chóng

Nếu anh chị em có nhu cầu thuê sever ảo CLOUD VPS giá bán rẻThuê sever Server ổn định, hãy tương tác với huets.edu.vn để nhận bốn vấn, làm giá ưu đãi giỏi nhất.

Xem thêm: Công thức tính giá trị tương lai của dòng tiền đều và cách xác định giá trị này


Được ra đời năm 2017, công ty cổ phần công nghệ và truyền thông huets.edu.vn (huets.edu.vn JSC) đang sớm khẳng định được vị trí của bản thân mình là giữa những đơn vị cung cấp dịch vụ lưu trữ dữ liệu bậc nhất với quality tốt nhất, cùng ngân sách hợp lý nhất.


White box testing là gì? nếu như bạn đang vồ cập tới kỹ thuật kiểm test phần mềm của mình để nắm bắt các cấu trúc


Certificate Authority là gì? Nó được biết đến là đơn vị thứ 3 cung ứng chứng chỉ SSL để khẳng định danh tính của các


Lỗi The DNS hệ thống isn’t responding thường xẩy ra khi người tiêu dùng không kết nối được với DNS Server. Lỗi này thường xảy ra là


Đối với tư thục trình, Visual Studio Code (còn được call là VSCode) đang là trợ giúp đắc lực hỗ trợ code website, nhờ vào hiệu suất


Thuê server giá bán rẻ