RDP black screen after promoting Azure VM to domain controller

Zichuan Yang 0 Reputation points

I had RDP issue on domain controller VMs in Azure. I have spent more than a week trying to fix, but failed. Want to see whether someone had similar experience and knew a solution. Many thanks.

I built two VMs using Windows Server 2022 Azure edition. I can RDP or bastion to those VMs with no issue until I promoted them to domain controllers. After a few minutes of RDP, RDP session turned to black screen, I can no longer RDP to the VMs. I tried all troubleshooting methods to RDP, but none worked. Except RDP, the VMs functions as normal. I can still remote manage using remote server manager and remote powerwhell. I just cannot RDP to it.

  1. redploy the vms
  2. delocate the VMs
  3. Add new NIC,
  4. Rebstart,
  5. checked,
  6. reconfigure RDP
  7. disabled windows firewall
  8. deleted local user profiles

Strangely, after I depromote DC on those VMs, I can RDP to both VMs with no issue. In order to clear that the issue is not related GPO and windows image, I destroyed and built two new azure VMs using windows 2019 image. Surprisingly, after both VMs are promoted to DC, RDP issue happened on the 2nd promoted domain controller VM only and works on the first VM. I compared RsoP on both machine and found no issue on GPO.

I noticed in the VM with RDP issue. In windows Event>remote desktop service, after event ID 1149 (Remote desktop services: user authentication succeeded) is logged, there is missing event ID 41 (Begin session arbitration)

event ID 20521 (user config info will be loaded from local machine for this rdp-tcp connection)

event ID 21: (Remote desktop services: session logon succeeded.

I suspect the issue is on RDP local session manager which failed to create session after successful user authentication.

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,513 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Anveshreddy Nimmala 3,460 Reputation points Microsoft Vendor


    Welcome to microsoft Q&A, thankyou for posting your query here.

    Use a remote Powershell session to access the server.

    enter-pssession -computername<computer name> -credential <domain/user>

    Use the registry command 

    new-itemproperty -path HKLM:Software\Microsoft\Windows\CurrentVersion\policies\system -name EnableLUA -propertytype DWord -value 0 -force

    Rebooted the machine: shutdown /r /t 0

    if the issue isn't resolved , please find the below link to check the below accepeted answers helps you.


    Hope this helps you.

    1 person found this answer helpful.