ESXi 5.5 – recently I tried to RDP into my Server 2008 R2 machine without success. Looking at the console, I get the message: ” Interactive logon process initialization has failed. Please consult the event log for more details. ” My first reboot of the machine did an automatic check disk. I can no longer log into the machine either via RDP or on the console. I’d like to not have to rebuild this system as it is my only stand-alone DC in my home lab. I’m going to bring up a separate DC, then do a DCPROMO, however, below are the steps I took to resolve the issue, albeit unsuccessfully – some of these steps may work for you. I was hoping I could mark this process as “Solved” but I haven’t gotten there yet…
Event log says:
- Event 4005 Winlogon – The windows logon process has unexpectedly quit
- Event 33 SideBySide – Activation context generation failed for “C:\Windows\system32\LogonUI.exe”. Dependent Assembly Microsoft.Windows.Common-controls.Resources,language=”*”,processorArchitecture=”amd64″,publicKeyToken=”6595b64144ccf1df”,type=”win32,version=”184.108.40.206″ could not be found. Please use sxstrace.exe for detailed diagnosis.
These errors all seem to have started on 8/8/16 when the following events occurred:
Error: 36888 – Schannel – The following fatal alert was generated: 10. The internal error state is 1203
Event 56 – The terminal Server security layer detected an error in the protocol stream and has disconnected the client. Client IP: 223.x.x.x which is a Hong Kong IP. Prior to that are many Event 1012 – Remote session from client name a exceeded the maximum allowed failed logon attempts. The session was forcibly terminated.
I pulled the machine off the internet and the network in case it’s been compromised. On second thought I should probably kill this machine with fire!
Things I have tried that did not resolve the problem:
- Boot into safe mode
- Edited RDP settings on my workstation to use less resolution and video bit depth
- Increased Virtual Machine’s system memory size as suggested, went from 3GB to 7GB
- Booted to SystemRescueCD and replaced c:\windows\system32\LogonUI.exe – did this by booting the VM to a SystemRescueCD.iso (startx) and then mount the NTFS file system with the instructions here. Next I changed the root password with passwd and then connected to the VM with Filezilla on port 22 and renamed/moved the files.
- Hotfix 437977 – Windows6.1-KB2615701-v2-x64.msu – because I cannot get into the system to run this, I started Task Scheduler on the remote server from my workstation, and attempted to have the .msu run but get error: the application has failed to start because its side-by-side config is incorrect.
- Booted the VM to a Server2008R2.iso, Repair your Computer > command prompt,
sfc /scannow /offbootdir=c:\ /offwindir=c:\windows
didn’t work. Then tried command prompt > “cd sources” > StartRep.exe didn’t help.
Any suggestions? Has anyone gotten past this error? I can still connect to the machine via any means (mmc terminals such as event viewer, and task scheduler) other than a GUI console.
Edit: I gave up on trying to fix the issue – this is the reason we backup our VM’s and in this case I’m glad I had a good working backup. If you find a way to resolve, please drop a note – otherwise, make sure you have good backups of your DC’s: The VM as a bare metal backup and the System State (Separately.)