Azure windows 11 VM reset password error = Deploy failed with deploymentStatusCode (Failure)

James Sidwell 45 Reputation points
2023-08-08T09:34:53.9466667+00:00

We have restored a backup of a working Windows 11 VM to another location and now can't RDP to the restored machine. Any attempt to RDP using a domain admin or local admin user results in this error:

User's image

I have reset the RDP config using the Azure portal and tried resetting the password for the local admin user but that gives this error: Deploy failed with deploymentStatusCode (Failure). Not particularly helpful...

The VM agent states it is ready and I have deleted and re-created the vm access extension.

Any ideas what else I can try to get into this VM?

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
9,021 questions
Windows for business | Windows Client for IT Pros | User experience | Remote desktop services and terminal services
{count} votes

Accepted answer
  1. kobulloc-MSFT 26,806 Reputation points Microsoft Employee Moderator
    2023-08-09T16:12:16.57+00:00

    Hello, @James Sidwell !

    I'm glad that you were able to resolve your issue and thank you for posting your solution so that others experiencing the same thing can easily reference this! Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others ", I'll repost your solution in case you'd like to "Accept " the answer.

    Issue:

    Restored Windows 11 VM fails to establish RDP connection:

    Remote Desktop can't connect to the remote computer for one of these reasons

    RDP settings were reset in the portal and attempting to reset the VM password resulted in an error:

    Deploy failed with deploymentStatusCode (Failure)

    The VM agent stated it was ready and the VM access extension was deleted and re-created.

    Solution:

    (From James Sidwell)

    I have found the problem. A group policy applied a block rule to ALL inbound traffic when on a private or public network.

    1. I have moved the LIVE (source) VM to an OU that does not have that policy linked
    2. Ran gpupdate /force on the Live VM
    3. Ran a new backup
    4. Restored to a new VM in the isolated subscription. I can now RDP to the restored VM.

    If you have any other questions or are still running into more issues, please let me know. Thank you again for your time and patience throughout this issue.

    Please consider accepting answers as this helps increase visibility of this answer for other members of the Microsoft Q&A community. Thank you for helping to improve Microsoft Q&A!

    User's image

    1 person found this answer helpful.
    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. James Sidwell 45 Reputation points
    2023-08-09T09:54:29.9866667+00:00

    @kobulloc-MSFT thanks for that suggestion. The NSG was correctly setup to allow the RDP traffic.

    I have found the problem. A group policy applied a block rule to ALL inbound traffic when on a private or public network.

    1. I have moved the LIVE (source) VM to an OU that does not have that policy linked
    2. Ran gpupdate /force on the Live VM
    3. Ran a new backup
    4. Restored to a new VM in the isolated subscription.

    I can now RDP to the restored VM.

    1 person found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.