This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 14.000000000000002%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECS%3C/text%3E%3C/svg%3E)
We have two physical Windows 11 hosts in a datacenter, with a Windows 11 VM running in Hyper-v on one of those hosts. Up until today, we were able to remote into all 3 machines using RDP but now we are unable to get to the Hyper V machine with RDP. All machines are part of the same group in Azure, and we use Intune to push out config profiles based on Microsoft's security recommendations to this group. The only changes that have been recently made to configuration profiles are the following (these all are from Secure Score recommendations):
Although we have enabled these, the two host machines have not been affected, we can still remote in fine, but for the Hyper-V machine we cannot. I can still connect to the VM through Hyper-V manager on the host machine and confirmed in system properties that RDP is allowed and set to only network level auth. But under Remote Desktop settings, I cannot adjust the slider to allow Remote desktop:
Any suggestions or help on this topic would be appreciated.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Might try from PowerShell from both source and target (use the target address in both tests).
Test-NetConnection -ComputerName "192.168.49.142" -CommonTCPPort "RDP" -InformationLevel "Detailed"
I did this for both. It failed when I ran it from my personal machine. When I did it from the target itself, it was successful. What does this tell me?
This tells use there either is no route or that the port is blocked. If "ping" in the test above succeeded then its the port that's blocked.
--please don't forget to upvote and Accept as answer if the reply is helpful--
Ok, so I missed the comment about the slider. Run gpedit.msc and check that Computer configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections\Allow users to connect..... is Enabled
Went into group policy and enabled this setting (it was set to Not Configured), but now the slider bar is completely greyed out and still unable to RDP into the machine:
Previously, I could slide the bar to On but it would automatically slide back to Off as soon as set it.
Has it ever worked? May need to check if a policy is pushing something. rsop.msc may provide something.
--please don't forget to upvote and Accept as answer if the reply is helpful--
It has worked in the past and even yesterday we were able to RDP into it as normal. Haven't pushed any new policy or config changes, the other machines are configured with the same Intune Config Profile so I'm stumped as to why this one has changed.
I'd stand up a new one for testing. Confirm it works before domain join, then join and test it again. Another thought / option is if you can start the Remote Desktop Services(TermService) service, then manually create the firewall rules here then I believe it should work.
--please don't forget to upvote and Accept as answer if the reply is helpful--
Just checking if there's any progress or updates?
--please don't forget to upvote and Accept as answer if the reply is helpful--