This document describes some methods and tooling available to troubleshoot common issues for instances running the Windows operating system on Compute Engine.
Troubleshooting RDP connections
If you are unable to connect to your instance by using Remote Desktop Protocol (RDP), follow our in-depth guide to troubleshooting RDP.
Connecting to the EMS console
Use the Emergency Management Services (EMS) console to troubleshoot problems with your Windows VMs when they or their services are no longer accessible over the network.
The tool uses a serial port connection to the instance that does not rely on network traffic, this allows login to a console prompt for you to troubleshoot and the repair the operating system.
To connect to the EMS console:
From your terminal or in Cloud Shell, enable connections to the serial ports on your VM:
gcloud compute instances add-metadata VM_NAME \ --metadata=serial-port-enable=1Replace
VM_NAMEwith the name of the VM on which to enable the serial ports.Connect to the EMS console on serial port 2 of your VM:
gcloud compute connect-to-serial-port VM_NAME \ --port 2Replace
VM_NAMEwith the name of the VM with the serial port to connect to.Verify that you see output similar to the following:
Computer is booting, SAC started and initialized. Use the "ch -?" command for information about using channels. Use the "?" command for general help. SAC> EVENT: The CMD command is now available. SAC>
Create a new command prompt session by using the
cmdcommand, and verify output similar to the following:The Command Prompt session was successfully launched. SAC> EVENT: A new channel has been created. Use "ch -?" for channel help. Channel: Cmd0001 SAC>
Connect to the new command prompt session by using the
ch -si 1command, and verify output similar to the following:Name: Cmd0001 Description: Command Type: VT-UTF8 Channel GUID: 28de7392-5413-11ea-bb03-c9656a2ed613 Application Type GUID: 63d02271-8aa4-11d5-bccf-00b0d014a2d0 Press <esc><tab> for next channel. Press <esc><tab>0 to return to the SAC channel. Use any other key to view this channel.
Press
Enterto connect to the session.Sign in to the session by entering your login credentials for this VM, after which the EMS console opens in the
C:\Windows\system32directory.- Type
helpfor a list of available commands in the EMS console.
- Type
Enabling advanced boot options
Use the Windows Boot Manager (BOOTMGR) to enter Safe Mode and access advanced boot options.
To enable advanced boot options:
From your terminal or in Cloud Shell, enable connections to the serial ports on your VM:
gcloud compute instances add-metadata VM_NAME \ --metadata serial-port-enable=1Replace
VM_NAMEwith the name of the VM on which to enable the serial ports.Connect to the Windows VM by using RDP.
If you cannot access the instance by using RDP, you can reset the instance by using the Cloud Console or the
gcloudtool.From an administrative command prompt, run the following commands:
bcdedit /set {bootmgr} displaybootmenu yesbcdedit /set {bootmgr} timeout 10bcdedit /set {bootmgr} bootems yesUse the Cloud Console or the
gcloudcommand-line tool to connect to the interactive serial console on serial port 2:gcloud compute connect-to-serial-port VM_NAME \ --port 2Replace
VM_NAMEwith the name of the VM with the serial port to connect to.Restart the instance through the user interface or from a command prompt:
shutdown /r /f
Verify in the interactive serial console that the Windows Boot Manager appears:
From the Windows Boot Manager, choose which operating system to start.
Press
Esc+8to open the Advanced Boot Options.
Troubleshooting blue screen errors
When a Windows OS crashes, it might display an error on a blue screen. This blue screen is also known as the blue screen of death (BSoD). During a blue screen error, a list of the currently loaded modules and a stack trace is sent to serial port 1.
Windows images later than version 20191112 contain the driver that enables sending the list of loaded modules and the stack trace to serial port 1. If the Windows VM that experienced a crash is running a Windows image that is earlier than version 20191112, run the following command from an elevated command prompt on the Windows VM to install the driver:
googet install google-compute-engine-driver-pvpanic
From your terminal or in Cloud Shell, enable connections to the serial ports on your VM:
gcloud compute instances add-metadata VM_NAME \ --metadata serial-port-enable=1Replace
VM_NAMEwith the name of the VM on which to enable the serial ports.Connect to serial port 1 of your VM:
gcloud compute instances get-serial-port-output VM_NAME \ --port 1Replace
VM_NAMEwith the name of the VM with the serial port to connect to.When a blue screen error occurs, the list of loaded modules and the stack trace is sent to serial port 1. In this output, the following line indicates the end of the list of loaded modules and the beginning of the stack trace:
Dumping stack trace:
Narrow down the issue by checking the Bug Check Code Reference.
Licensing issues
By default, Compute Engine Windows VMs renew their licenses every seven days by automatically connecting to the KMS server through TCP port 1688. If you receive messages about license expiration or any other issues related to licenses on your Windows VMs, do the following:
Confirm that your Windows VM has an IP address that is configured to allow communication with the KMS.
Confirm that there are no firewall egress rules blocking connections to
kms.windows.googlecloud.comthrough TCP port 1688.If you still have licensing issues, run the following commands from an elevated command prompt to forcibly set the IP address of the KMS and force an activation:
cscript \windows\system32\slmgr.vbs /skms 35.190.247.13:1688
cscript \windows\system32\slmgr.vbs /ato
What's next
Learn how to collect diagnostic information from a VM.
Learn how to capture screenshots from VMs.
Learn about licensing for Windows Server and SQL Server images.
Learn more about interacting with the serial console.
Learn how to Troubleshoot RDP connections.