GCI: RDP error 0x204, Serial Port Connected but Unresponsive

[Kevin Black]

Apologies for the NOOB question, but I am halfway to hell and nothing seems to be functioning.

Quick overview

1. We have a Win Server 2012 R2 instance that is running J
   
2. JIRA (using MySQL) functioning (ie, can get to it with http//address:port)
3. PIAB (a project management system using MySQL) functioning  (ie, can get to it with http//address:port)
4. We have our own Directory Service (Apache-DS) that does account validation for an internal system NOT FUNCTIONING
5. RDP either return 0x104 or 0x204 (using the latest macOS BETA of MS RDP)
6. This was functioning fine until a week or so ago
7. Everything has been setup as far as I know on both the Google Console and the server
8. Of course now we can do nothing on the server , because we cannot access it
9. I have followed the guidelines religiously to get a serial port session (not my forte - noob...)
10. I can connect a session to serial port 2 for windows (supposedly an interactive session)
11. serialport: Connected to orex-administration.asia-east1-b.orex-admin-instance port 2 (session ID: 3ece5afe5202d676a14e2df447edb810cd7480eb54fa9c8f6813d94cd0ef2d72, active connections: 1).
    
12. I can also connect directly through a mac terminal (and it shows 2 connactions)
13. If I go to the console on a Windows 10 VM I get the same active connections message
14. But once that happens, the session is unresponsive, I cannot type anything at all, I can only kill the session

So my BIG issue is why no RDP (and I have done the trouble shooting, as noted was working perfectly last week), but I cannot access the GCI at all unless I am using canned $ gcloud comute xxxxx CANNED COMMANDS from the various (and largely unhelpful) web help sites.

I have stopped and started a gazillion times, I have rolled back snapshots to 09 November and 03 October, but still get the RDP errors. So it looks like some other environment option has caused the grief, but I have done so many things so many times I am at the point where I'm not sure what I have done or when or how many times. Further I don't want to irreparably break anything.

What's my question? The overarching question is how do I get RDP to work with what is now an orphaned Compute instance?

The more immediate question, once I have a valid serial port session enabled, contected how do I actually do ANYTHING with it?

Thanks,

Kevin

[xchri...@google.com]

As you're not able to login to the machine, & the serial console is not working, I suggest...

1. Reset the password & try another remote desktop application. For a user name, be sure to try 

• domain\user_name
• user...@domain.com

If applicable

After some Google searching, the 0x104 & 204 errors are guest configuration issues. Something along the lines of Active directory blocking permissions, port 3390 in windows firewall being closed, security software on the machine blocking, the remote desktop service not being enabled.

2. So, if we're not able to interact with the guest operating system at all, & the new RDP application & UN/PW don't resolve the issue, my next suggestion is to try & recover your data.

I believe you'll have to shut off the instance first. Then, detach the disk, & attach it to a different Windows instance you can access. The process of detaching & re-attaching the disk is much simpler in the GUI though, so I'd recommend using the GCP console instead of the commands. 

Hope this helps. 

[Kevin Black]

@xchristian,

​

1. Reset the password & try another remote desktop application. For a user name, be sure to try 

• domain\user_name
• user...@domain.com

If applicable

​I tried that with cloud and got the message: 

ERROR: (gcloud.compute.reset-windows-password)This Windows instance appears to be too old and does not support the

reset-windows-password command. ​

After some Google searching, the 0x104 & 204 errors are guest configuration issues. Something along the lines of Active directory blocking permissions, port 3390 in windows firewall being closed, security software on the machine blocking, the remote desktop service not being enabled.

​Since I could get into the system previously, and I haven’t changed anything, I assumed it should work. We have port 3389 open for RDP, not 3390. I don’t know what Active Directory would block, the remote desktop service is/was enabled (because I don’t seem to be able to access via serial console, I cannot verify now). Nothing should have stopped/disabled it (and it should start after a restart), and the only security software (AFAICR) is Windows Defender.  Basically system working with RDP, now system working with no RDP.​ Most outward facing systems seem to work (JIRA, Project in a Box). Our own server (just an Apache directory service) does not work. Previously we could connect with REST calls, now we get a 12020 error returned (essentially server down as fat as the DS goes).

2. So, if we're not able to interact with the guest operating system at all, & the new RDP application & UN/PW don't resolve the issue, my next suggestion is to try & recover your data.

​I several snapshots, none of which, after I restore, seem to allow RDP. Further, I have Duplicati backups (to a 1Tb Dropbox account). These all work religiously at around 02:00 am daily. I have tried to restore the data, the connection succeeds, but (and when things go wrong, they go really wrong​) when try to select files I get the error:

Failed to decrypt data (invalid passphrase?): Invalid password or corrupted data

I know it’s not invalid passphrase, I actually wrote it down etc etc. I will try some of the suggested command line options to try and read some of the data.

I believe you'll have to shut off the instance first. Then, detach the disk, & attach it to a different Windows instance you can access. The process of detaching & re-attaching the disk is much simpler in the GUI though, so I'd recommend using the GCP console instead of the commands. 

​So basically you are saying create a new minimal instance and off-load as much of the data as I can from the attached disk (our current system disk). This potentially gives us access to the data. Good advice, but potentially my option of last resort (although I’m pretty much at my last resort option).

As noted, this has become a bit of a nightmare. With snapshots and Duplicati backup you’d think you were a bit covered.

Regardless, thank you for your advice and thank you for taking the time to respond, 

Kevin

[xchri...@google.com]

Hello, I’m sorry to hear the previous suggestions did not work.

Google provides a document on troubleshooting RDP, try & see if any of Google’s suggestions fix the issue.

Google Groups is a general discussion forum for discussing products, architectures, the platform, etc. not individual troubleshooting support.

For individual user support, please use Stack Overflow &/or Server Fault.

For programming related inquiries, post on Stack Overflow.

For system administrator/networking inquiries post on Server Fault.

See our Community Support Overview article for more information.

This issue in particular would be better served on Server Fault. You can also purchase paid support if you would like a Google specialist to inspect your project.

[Kevin Black]

@xchristian,

Google provides a document on troubleshooting RDP, try & see if any of Google’s suggestions fix the issue.

 

Again, been there. All of what they suggest I’ve done (ensuring port 3389 is open via firewall rules etc). What I haven’t done is anything that needs a shell of sorts. I can use the $ gcloud compute xxxxxxx commands, they all work fine, but it I, say, try to use serial port 2 etc, the screen is dead, no keystrokes etc. Now that is very likely something I’m doing or not doing, I accept that, but I follow the instructions to the letter and get no where. The sorts of things I have been able to do is to detach the disk from our instance and attach one of the snapshots and reboot. All of that works, but RDP is still dead, which makes me think there is potentially some other issue?

Google Groups is a general discussion forum for discussing products, architectures, the platform, etc. not individual troubleshooting support.

Thanks, I understand. I have a similar question posted to Stack Overflow 

This issue in particular would be better served on Server Fault. You can also purchase paid support if you would like a Google specialist to inspect your project.

I looked at that option, but it seemed like I had to buy a subscription, not an individual incident support case.

On the plus side, I got Duplicati to work and have removed the complete system from Dropbox. Whilst it isn’t a VM I can just plug in and start, all of the data, database/folders etc, appear to have been restored locally. My dilemma now, based on what we are doing, is whether to host our server locally (given it’s only testing, with little traffic, that’s probably not a bad idea) or persevere with the GCI. The problem with the GCI, as I have found, if all goes well it’s excellent - fire and forget, if there are issues and you can get in - not a problem, if there are issues and you cannot RDP in - a world of hurt. Even if one of the other options worked, like getting in via Serial Port 2 (I can connect successfully 100% repeatable, the shell is dead, ie. no keystrokes accepted - also 100% repeatanble).

Again, thank you for taking the time to respond, provide encouragement and words of advice, it is appreciated.

Regards,

Kevin

[xchri...@google.com]

I'm glad to help Kevin, thank you for bringing this issue up. 

It's good to hear you were at least able to recover your data.

I wish you the best of luck with your instances in the future.