Error 0x904 is not a network glitch—it’s a licensing protocol failure. The better approach is to either:
Avoid wasting time on superficial checks. Use the targeted solutions above for a reliable fix.
Error code 0x904 is not a dead end—it’s a sign that your RDP security layer needs attention. By following this guide, you’ve moved past the generic “restart your computer” advice and implemented better fixes: resetting certificates, adjusting security layers, automating the repair, and preventing future failures.
Remember these key takeaways:
The next time someone types “i remote desktop connection error code 0x904 better” into a search engine, they’ll land here—and finally solve it for good.
Happy (and stable) remote connecting.
About the Author – Systems engineer specializing in Windows RDP, certificate services, and remote work infrastructure. If this article helped you, consider sharing it with a colleague who still restarts their router for error 0x904.
Error 0x904 is annoying but fixable. The registry reset method works ~90% of the time. If you're in a corporate environment, your IT may need to reissue RDP CALs. For personal use, clearing cache + NLA tweak usually resolves it without reinstalling anything.
Rating for Microsoft's error handling: ⭐⭐☆☆☆ (Poor – error messages are vague, forcing registry edits)
Fix effectiveness: ⭐⭐⭐⭐☆ (Good if you follow the steps above)
Would you like a step-by-step PowerShell script to automate the registry fix?
Troubleshooting Remote Desktop Connection Error Code 0x904: A Comprehensive Guide
Are you frustrated with the Remote Desktop Connection error code 0x904? You're not alone! Many users have reported encountering this issue while trying to establish a remote desktop connection. In this blog post, we'll explore the possible causes of error code 0x904 and provide you with practical solutions to resolve it.
What is Error Code 0x904?
Error code 0x904 is a common issue that occurs when trying to establish a Remote Desktop Connection (RDC) to a Windows machine. The error message typically reads: "The remote computer disconnected. The error code is 0x904." This error can occur due to various reasons, including network connectivity issues, incorrect configuration, or problems with the remote desktop software.
Causes of Error Code 0x904
After analyzing various user reports and technical forums, we've identified some common causes of error code 0x904:
Solutions to Resolve Error Code 0x904
Don't worry; we've got you covered! Here are some step-by-step solutions to help you resolve error code 0x904:
Solution 1: Check Network Connectivity
Solution 2: Verify RDC Configuration
Solution 3: Update Remote Desktop Software
Solution 4: Disable Firewall or Antivirus Software
Solution 5: Check Event Logs
Conclusion
Error code 0x904 can be frustrating, but with these solutions, you should be able to resolve the issue and establish a successful Remote Desktop Connection. If you're still experiencing problems, feel free to leave a comment below, and we'll do our best to help you troubleshoot the issue.
Additional Tips
By following these solutions and tips, you should be able to overcome error code 0x904 and enjoy a seamless remote desktop experience.
Troubleshooting Remote Desktop Connection Error Code 0x904 Remote Desktop Protocol (RDP) is essential for modern IT management, but encountering Error Code 0x904 (often accompanied by extended error code 0x7) can bring productivity to a halt. This error typically signifies a failure to establish a secure Transport Layer Security (TLS) tunnel, often due to certificate issues, firewall blocks, or network instability.
If you are facing this issue on Windows 10, Windows 11, or Windows Server, follow these proven solutions to restore your connection. 1. Fix Expired or Corrupt RDP Certificates i remote desktop connection error code 0x904 better
The most common cause for error 0x904 is an expired self-signed certificate that the Remote Desktop Service uses for encryption. How to Renew the Certificate:
Log into the affected host locally or through an alternative remote tool.
Press Win + R, type certlm.msc, and hit Enter to open the Local Computer Certificates manager. Navigate to Remote Desktop > Certificates.
Identify the expired certificate, right-click it, and select Delete.
Restart the Remote Desktop Services. Open PowerShell as Administrator and run:Restart-Service termserv -Force.
Windows will automatically generate a new, valid self-signed certificate. 2. Resolution for Azure Virtual Machines (VMs)
For those using Azure, error 0x904 often stems from a corrupt MachineKeys folder, which prevents the system from generating new certificates. The PowerShell Fix:
Go to the Azure Portal, select your VM, and choose Run command.
Select RunPowerShellScript and enter:Rename-Item -path "C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys" -NewName "MachineKeys_old".
Reboot the VM. The system will recreate the folder and the necessary keys upon startup. 3. Advanced Firewall & Anti-Virus Exceptions
Even if RDP is technically enabled, specific firewall rules or third-party security software (like Bitdefender) might block the mstsc.exe process. Verification Steps:
Manual Exception: Go to "Allow an app through Windows Firewall," click Change settings, and ensure both Remote Desktop and Remote Desktop (WebSocket) are checked for Private and Public networks.
Direct Path: Explicitly add C:\Windows\System32\mstsc.exe to your firewall's allowed list.
Check Port 3389: Run Test-NetConnection [ServerIP] -Port 3389 in PowerShell to confirm the port is reachable. 4. Workarounds for Windows 11 Compatibility Error 0x904 is not a network glitch—it’s a
Windows 11 updates occasionally introduce bugs that affect hostname resolution or standard RDP client stability.
Use IP Instead of Hostname: Try connecting using the remote machine's internal or external IP address (e.g., 192.168.1.50) instead of its computer name.
Microsoft Store RDP App: Many users find that the Microsoft Remote Desktop app from the Microsoft Store is unaffected by the bugs hitting the legacy mstsc.exe client. 5. Adjust Security Layers (GPO)
If encryption mismatches are suspected, you can force the server to use a specific security layer via the Group Policy Object (GPO). Unable to RDP into some Windows Servers - Error code: 0x904
Remote Desktop Protocol (RDP) error code 0x904 is a connection failure message typically indicating network instability, expired security certificates, or firewall interference. While it often appears alongside "Extended Error Code: 0x7," the root cause usually lies in how the client and server negotiate their secure handshake. The Core Causes of Error 0x904
Expired RDP Certificates: This is the most common "silent" cause. Every RDP host generates a self-signed certificate that eventually expires, causing connections to fail even if network settings remain unchanged.
Network Instability: Low bandwidth, high packet loss, or a sluggish VPN can disrupt the RDP session before it fully establishes.
Credential and Security Mismatches: Discrepancies in encryption ciphers between Windows 11 clients and older servers (like Windows Server 2016/2019) frequently trigger this error.
Azure VM Specifics: On Azure Virtual Machines, a corrupt "MachineKeys" folder can prevent the system from creating the necessary certificates for remote access. Effective Troubleshooting Strategies
To resolve error 0x904, follow these steps in order of effectiveness:
Renew the RDP CertificateIf you have local access to the server, open the Certificates Manager (certlm.msc), find the expired certificate under Remote Desktop > Certificates, and delete it. Afterward, restart the Remote Desktop Services in the Command Prompt as an administrator using restart-service termserv -force. Windows will then automatically generate a fresh certificate.
Fix Azure VM CorruptionIf the error occurs on an Azure VM, use the Azure Portal "Run Command" feature to execute a PowerShell script that renames the corrupt MachineKeys folder to MachineKeys_old and reboots the server.
Adjust Security Layer SettingsUsing the Group Policy Editor (gpedit.msc), you can force the server to use a standard RDP security layer. Navigate to Remote Desktop Session Host > Security and set "Require use of specific security layer for remote (RDP) connections" to Enabled, selecting RDP as the security layer.
Verify Firewall and NetworkEnsure that Remote Desktop (WebSocket) is allowed through the Windows Defender Firewall on both the client and host machines. If using a VPN, ensure it is stable; switching from a computer name to a direct IP address in the connection field can also bypass local DNS resolution issues. Avoid wasting time on superficial checks
Are you connecting to a local workstation or a cloud-hosted virtual machine? Fixed: Remote Desktop 0x904 Error [2 Solutions] - AnyViewer
Completely bypass the RDP security layer by tunneling RDP through SSH.