Cannot RDP to Azure Virtual Machines because the DHCP Client service is disabled
This article describes a problem in which you cannot remote desktop to Azure Windows Virtual Machines (VMs) after the DHCP Client service is disabled in the VM.
Symptoms
You cannot make an RDP connection a VM in Azure because the DHCP Client service is disabled in the VM. When you check the screenshot in the Boot diagnostics in the Azure portal, you see the VM boots normally and waits for credentials in the login screen. You remotely view the event logs in the VM by using Event Viewer. You see that the DHCP Client Service isn't started or fails to start. The following a sample log:
Log Name: System Source: Service Control Manager Date: 12/16/2015 11:19:36 AM Event ID: 7022 Task Category: None Level: Error Keywords: Classic User: N/A Computer: myvm.cosotos.com Description: The DHCP Client service hung on starting.
For Resource Manager VMs, you can use Serial Access Console feature to query for the event logs 7022 using the following command:
wevtutil qe system /c:1 /f:text /q:"Event[System[Provider[@Name='Service Control Manager'] and EventID=7022 and TimeCreated[timediff(@SystemTime) <= 86400000]]]" | more
For Classic VMs, you will need to work in OFFLINE mode and collect the logs manually.
Cause
The DHCP Client Service is not running on the VM.
Note
This article applies only for the DHCP Client service and not DHCP Server.
Solution
Before you follow these steps, take a snapshot of the OS disk of the affected VM as a backup. For more information, see Snapshot a disk.
To resolve this problem, use Serial control to enable DHCP or reset network interface for the VM.
Use Serial control
Connect to Serial Console and open CMD instance. ). If the Serial Console is not enabled on your VM, see Reset network interface.
Check if the DHCP is disabled on the network interface:
sc query DHCP
If the DHCP is stopped, try to start the service
sc start DHCP
Query the service again to make sure that the service is started successfully.
sc query DHCP
Try to connect to the VM and see if the problem is resolved.
If the service does not start, use the following appropriate solution, based on the error message that you received:
Error Solution 5- ACCESS DENIED See DHCP Client service is stopped because of an Access Denied error. 1053 - ERROR_SERVICE_REQUEST_TIMEOUT See DHCP Client service crashes or hangs. 1058 - ERROR_SERVICE_DISABLED See DHCP Client service is disabled. 1059 - ERROR_CIRCULAR_DEPENDENCY Contact support to get your problem resolved quickly. 1067 - ERROR_PROCESS_ABORTED See DHCP Client service crashes or hangs. 1068 - ERROR_SERVICE_DEPENDENCY_FAIL Contact support to get your problem resolved quickly. 1069 - ERROR_SERVICE_LOGON_FAILED See DHCP Client service fails because of logon failure 1070 - ERROR_SERVICE_START_HANG See DHCP Client service crashes or hangs. 1077 - ERROR_SERVICE_NEVER_STARTED See DHCP Client service is disabled. 1079 - ERROR_DIFERENCE_SERVICE_ACCOUNT Contact support to get your problem resolved quickly. 1053 Contact support to get your problem resolved quickly.
DHCP Client service is stopped because of an Access Denied error
Connect to Serial Console and open a PowerShell instance.
Download the Process Monitor tool by running the following script:
remove-module psreadline $source = "https://download.sysinternals.com/files/ProcessMonitor.zip" $destination = "c:\temp\ProcessMonitor.zip" $wc = New-Object System.Net.WebClient $wc.DownloadFile($source,$destination)
Now start a procmon trace:
procmon /Quiet /Minimized /BackingFile c:\temp\ProcMonTrace.PML
Reproduce the problem by starting the service that's generating the Access Denied message:
sc start DHCP
When it fails, terminate the Process Monitor trace:
procmon /Terminate
Collect the c:\temp\ProcMonTrace.PML file:
- Attach a data disk to the VM.
- Use Serial Console you can copy the file to the new drive. For example,
copy C:\temp\ProcMonTrace.PML F:\
. In this command, F is the driver letter of the attached data disk. Replace the letter as appropriate with the correct value. - Detach the data drive and then attach it to a working VM that has Process Monitor ubstakke installed.
Open ProcMonTrace.PML by using Process Monitor on the working VM. Then filter by Result is ACCESS DENIED, as shown in the following screenshot:
Fix the registry keys, folders, or files that are on the output. Usually, this problem is caused when the sign-in account that's used on the service doesn't have ACL permission to access these objects. To determine the correct ACL permission for the sign-in account, you can check on a healthy VM.
DHCP Client service is disabled
Restore the service to its default startup value:
sc config DHCP start= auto
Start the service:
sc start DHCP
Query the service status again to make sure it's running:
sc query DHCP
Try to connect to the VM by using Remote Desktop.
DHCP Client service fails because of logon failure
Because this problem occurs if the startup account of this service was changed, revert the account to its default status:
sc config DHCP obj= 'NT Authority\Localservice'
Start the service:
sc start DHCP
Try to connect to the VM by using Remote Desktop.
DHCP Client service crashes or hangs
If the service status is stuck in the Starting or Stopping state, try to stop the service:
sc stop DHCP
Isolate the service on its own ‘svchost’ container:
sc config DHCP type= own
Start the service:
sc start DHCP
If the service still does not start, Contact support.
Repair the VM offline
Attach the OS disk to a recovery VM
Start a Remote Desktop connection to the recovery VM. Make sure that the attached disk is flagged as Online in the Disk Management console. Note the drive letter that's assigned to the attached OS disk.
Open an elevated command prompt instance (Run as administrator). Then run the following script. This script assumes that the drive letter that's assigned to the attached OS disk is F. Replace the letter as appropriate with the value in your VM.
reg load HKLM\BROKENSYSTEM F:\windows\system32\config\SYSTEM REM Set default values back on the broken service reg add "HKLM\BROKENSYSTEM\ControlSet001\services\DHCP" /v start /t REG_DWORD /d 2 /f reg add "HKLM\BROKENSYSTEM\ControlSet001\services\DHCP" /v ObjectName /t REG_SZ /d "NT Authority\LocalService" /f reg add "HKLM\BROKENSYSTEM\ControlSet001\services\DHCP" /v type /t REG_DWORD /d 16 /f reg add "HKLM\BROKENSYSTEM\ControlSet002\services\DHCP" /v start /t REG_DWORD /d 2 /f reg add "HKLM\BROKENSYSTEM\ControlSet002\services\DHCP" /v ObjectName /t REG_SZ /d "NT Authority\LocalService" /f reg add "HKLM\BROKENSYSTEM\ControlSet002\services\DHCP" /v type /t REG_DWORD /d 16 /f reg unload HKLM\BROKENSYSTEM
Detach the OS disk and recreate the VM. Then check whether the problem is resolved.
Contact us for help
If you have questions or need help, create a support request, or ask Azure community support. You can also submit product feedback to Azure feedback community.
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for