Error code 0x904 is frustrating but rarely dangerous. It simply means the remote computer is reserving your user profile for a session that is already active. By ensuring the previous session is fully signed out (either physically or via the command line), you should be able to establish your Remote Desktop connection immediately.
Locate the certificate listed under the server's hostname and review its expiration date. Right-click the expired certificate and choose .
The error code 0x904 might not be widely documented, but Remote Desktop errors often relate to:
The Microsoft Remote Desktop (often accompanied by Extended Error Code 0x7 ) is a common connection failure that occurs when a client machine is abruptly disconnected during the initial TLS/security handshake with a remote computer or server. This specific error typically stems from expired or corrupt self-signed RDP certificates , Network Level Authentication (NLA) mismatches , unstable VPN/network connections , or local firewall blocks . It frequently surfaces after a Windows 11 upgrade or an automated security update. i remote desktop connection error code 0x904 install
Search for "Allow an app through Windows Firewall" in the Start menu.
If you can connect locally but not remotely, or if the server has a corrupted certificate, follow these steps to force a renewal: Access the server (via console, IPMI, or Azure/AWS portal). Open (Microsoft Management Console). Add the Certificates snap-in (Computer account). Navigate to Remote Desktop > Certificates . Delete the existing self-signed certificate. Restart Remote Desktop Services from services.msc .
If the cryptographic backend is healthy, a local firewall rule may be cutting off the handshake packets mid-stream. Follow this structural layout to explicitly allow your connection binary through the Windows Defender Firewall pipeline: Error code 0x904 is frustrating but rarely dangerous
Enable Remote Desktop in "Allow an app through Windows Firewall" for both Public/Private networks. Add mstsc.exe to antivirus exclusions if needed. 3. Fix for Azure Virtual Machines Fix: Corrupt MachineKeys on Azure VMs can cause this error.
: Instead of typing the remote computer’s fully qualified domain name (e.g., server01.local ), type the explicit destination IPv4 address (e.g., 192.168.1.50 ) into the connection prompt.
DNS resolution issues often cause 0x904. Bypassing the hostname can establish a more stable link. Open the client. Locate the certificate listed under the server's hostname
If you just installed a new server, updated Windows 11, or deployed a virtual machine (VM) and find yourself locked out, this comprehensive deep-dive article provides the actionable technical procedures required to restore your RDP infrastructure. Understanding the Root Causes of Error 0x904
While you troubleshoot the underlying issue, you need access to remote machines immediately. There is no need to suffer downtime.
: High latency, packet loss, or insufficient bandwidth, especially when connecting over a VPN.
A: That indicates a corruption in the Windows Server side. Run DISM /Online /Cleanup-Image /RestoreHealth and ensure the ServerMediaStack feature is not blocked by Group Policy.