Unable to remotely access a Windows Instance due to NLA failure

You are unable to remotely access (RDP) a Windows instance, receiving the following error due to a Network Level Authentication (NLA) failure.

The remote computer that you are trying to connect to requires Network Level Authentication (NLA), but your Windows domain controller cannot be contacted to perform NLA. If you are an administrator on the remote computer, you can disable NLA by using the options on the Remote tab of the System Properties dialog box

• Google Compute Engine
• Windows VM Instance
• Windows Domain setup for Network Level Authentication (NLA)

1. Disable NLA with a startup script on the instance, using the Instance's metadata with the following content:

   Key: windows-startup-script-ps1
   
   Value:  reg add "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v UserAuthentication /t REG_DWORD /d 0 /f

2. Restart the instance. You should see something like below in the Serial Console logs:

   2022/02/03 16:25:30 GCEMetadataScripts: Starting startup scripts (version 20200129.00).
   
   2022/02/03 16:25:30 GCEMetadataScripts: Found windows-startup-script-ps1 in metadata.
   
   2022/02/03 16:25:31 GCEMetadataScripts: windows-startup-script-ps1: The operation completed successfully.
   
   2022/02/03 16:25:31 GCEMetadataScripts: windows-startup-script-ps1 exit status 0
   
   2022/02/03 16:25:31 GCEMetadataScripts: Finished running startup scripts.
   

The Domain Controller (DC) for the Instance is not accessible. DC is not accessible due to:

• Network configurations,
• Instance was set up with DomainA and now was moved to a network or project where DomainA is not reachable, and you want to change the configuration, so instance joins DomainB.