Unable to RDP to Virtual Machine: CredSSP Encryption Oracle Remediation

This blog is being migrated to www.solveazure.com and will be decommissioned once the content has been moved. ETA 2/28/2019 Please use www.solveazure.com for updated and continuous content.  ================================================================================================================= This specific post has moved to https://solveazure.com/2018/05/11/unable-to-rdp-to-virtual-machine-credssp-encryption-oracle-remediation/  =================================================================================================================

22

Troubleshoot a Broken Azure VM using Nested Virtualization in Azure (Managed Disk)

Please note that 3rd party virtualization software(s) for Windows 2016 Nested Virtualization feature is not supported. Only Hyper-V is currently supported. Also note that as of right now, Nested Virtualization is only available in the following geographic locations: US -West 2 -East Europe -West Asia Pacific -Southeast Reference Links: Nested Virtualization in Azure New DV3 and EV3…

4

Troubleshoot a Broken Azure VM using Nested Virtualization in Azure (RDFE)

Please note that 3rd party virtualization software(s) for Windows 2016 Nested Virtualization feature is not supported. Only Hyper-V is currently supported. Also note that as of right now, Nested Virtualization is only available in the following geographic locations: US -West 2 -East Europe -West Asia Pacific -Southeast Reference Links: Nested Virtualization in Azure New DV3 and EV3…

0

Troubleshoot a Broken Azure VM using Nested Virtualization in Azure (ARM)

Please note that 3rd party virtualization software(s) for Windows 2016 Nested Virtualization feature is not supported. Only Hyper-V is currently supported. Delete the Broken Virtual machine Create a new Recovery VM OS: Windows Server 2016 Datacenter Size: Any V3 series with at least 2 cores Same Location, Storage Account and Resource Group as the Broken VM Select…

2

How to Remote PowerShell to Azure VM (DIP to DIP)

Enter a PowerShell session from inside another VM located inside the same Vnet and run the following: $Skip = New-PSSessionOption -SkipCACheck -SkipCNCheck Enter-PSSession -ComputerName “HOSTNAME” -port 5986 -Credential (Get-Credential) -useSSL -SessionOption $Skip If the above does not work try the following instead: $Skip = New-PSSessionOption -SkipCACheck -SkipCNCheck Enter-PSSession -ComputerName “HOSTNAME” -port 5985 -Credential (Get-Credential) -SessionOption…

0

Disable NLA via Custom Script Extension

Symptoms: When attempting to RDP to your virtual machine you receive an error regarding Network Level Authentication (NLA): Resolution:  Note: The below steps are using Custom Script Extension in the Azure Portal. If that is not an option as the Guest Agent is not responding you can also run the same commands via Remote PowerShell,…

4

Azure VM stuck in Failed State (ARM)

Symptom: VM is stuck in a “Failed” state Resolution: You can attempt to clear this state by updating the VM via PowerShell. This causes no additional downtime and only takes a moment. To do this, open a PowerShell session as an Administrator and run the following modifying as needed # To view all subscriptions for…

2

How to Reset Password for VMSS (Scale Set) Instances

This blog is being migrated to www.solveazure.com and will be decommissioned once the content has been moved. ETA 2/28/2019 Please use www.solveazure.com for updated and continuous content.  Symptom: Unable to RDP to a Virtual Machine Scale Set Instance (VMSS) due to an incorrect password Resolution: If Azure PowerShell is not installed, install it from http://azure.microsoft.com/en-us/downloads/…

2

How to Disable the Guest OS Firewall of an Azure VM (ARM)

Mitigation 1: Custom Script Extension 1) Open up a Blank Notepad and paste the following into it: Set-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile’ -name “EnableFirewall” -Value 0 Set-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile’ -name “EnableFirewall” -Value 0 Set-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\Standardprofile’ -name “EnableFirewall” -Value 0 2) Save the file as disablefirewall.ps1 3) Navigate to the Azure Portal 4) Select the impacted VM…

0