Giggles Galore

blog

It looks like you're encountering Remote Desktop error 0x904 with extended error 0x7, and you're looking for the best fix.

Let me break down what this means and the most effective solutions.

Fix #1: Clear the RDP Client Cache (The 90% Solution)

In 9 out of 10 cases, this resolves the issue immediately. Windows saves thumbnails and security data for each RDP connection.

How to do it (Best method):

  1. Press Win + R, type mstsc /edit and hit Enter. (Note: mstsc /edit opens the editor without loading cached data).
  2. Alternatively, manually delete the cache:
    • Close all Remote Desktop connections.
    • Press Win + R, type %USERPROFILE%\Documents\Default.rdp and delete that file.
    • Press Win + R, type %temp% and delete any files named tsclient or starting with RemoteDesktop.
    • Clear thumbnail cache: Open Disk Cleanup -> Check Thumbnails -> OK.

Part 5: Advanced Diagnosis – Using Wireshark & Event Viewer

For IT professionals seeking the best permanent solution, use logging to pinpoint the exact trigger.

1. Check the Windows Event Log on the Remote Machine:

  • Open Event Viewer -> Windows Logs -> System.
  • Filter for Source: RemoteDesktopServices-RDPCoreTS.
  • Look for Event ID 226 (fatal error). It will mention "Error code: 0x904" and provide the exact sub-error.

2. Analyze the Network Trace:

  • On the local machine, run netsh trace start scenario=NetConnection capture=yes before connecting.
  • Reproduce the error, then run netsh trace stop.
  • Open the generated .etl file in Microsoft Network Monitor. Look for RDP packets followed by a RST (reset) flag – that confirms the remote kernel forced closure.

The "Best" Solutions (Remediation)

After testing various fixes, here are the most effective methods for resolving this specific error combination, ranked from best to least intrusive:

1. Disable UDP at the Client Level (The "Best" Fix) The most reliable fix for Extended Error 0x7 is forcing RDP to use TCP only. UDP is faster but notoriously unstable over VPNs or strict corporate firewalls.

  • Open the Local Group Policy Editor (gpedit.msc).
  • Navigate to: Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Connection Client > Turn off UDP on Client.
  • Set this to Enabled.
  • Verdict: This resolves the handshake error immediately in 90% of cases without requiring server-side changes.

2. Adjust the RD Gateway Settings If you are connecting through an RD Gateway:

  • Open Remote Desktop Connection.
  • Go to Show Options > Advanced tab > Settings (under Connect from anywhere).
  • Change the "Connection settings" to "Automatically detect RD Gateway server settings" or uncheck "Use my RD Gateway server credentials for the remote computer" if there is a credential mismatch.

3. The Registry Fix (Advanced) If Group Policy is unavailable (e.g., Windows Home editions), you can disable UDP via the Registry:

  • Navigate to: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Terminal Server Client
  • Create a DWORD value named UseURedirection and set it to 0.

What does this error mean?

  • Error 0x904 – Generic RDP client-side failure.
  • Extended error 0x7 – Typically points to authentication or security layer mismatch between the RDP client and the remote computer.

In plain English: Your computer and the remote server can’t agree on how to verify your login securely.

3. Adjust Remote Desktop Settings

  • On the remote computer:
    • Ensure Remote Desktop is enabled (Settings > System > Remote Desktop).
    • Note the computer's name (under "PC name") and ensure it's correctly entered in the RDC client.
  • On the client machine:
    • Open RDC and select "Options" to verify the connection settings.
    • Ensure the "Allow me to save credentials" option is checked (if applicable).

3. Check Firewall for SSL/TLS Blocking

Extended error 0x7 may be a lie—the firewall might be stripping SSL packets.

  • On the server, ensure TCP port 3389 is open.
  • Additionally, ensure outbound TCP port 443 is NOT required by your RDP gateway (some configurations use HTTPS). If a network appliance performs SSL inspection, it can break the RDP certificate chain. Add the remote IP to your firewall's SSL bypass list.
making the ordinary extraordinary one creative idea at a time

You might also like

Instagram

Don’t Miss Out!

Get EXTRAORDINARY DIY projects, unique crafts and delicious recipes delivered straight to your inbox!