How to setup a VM to boot to last good known configuration (ARM)


  • VM stuck in Reboot Loop. Often due to Failed Windows Updates.


1) If Azure PowerShell is not installed, please install it from

2) Delete the broken VM. All disks will be kept automatically.

3) Wait for the disk lease to expire. (About 3 mins)

4) Attach the OS disk of the broken VM to a recovery VM located in the same Resource Group and Storage Account.


5) Change the Source Type to Existing Blog and browse to the broken VHD.

6) Select the broken VHD and continue to attach it to the recovery VM


7) Once the disk is attached RDP to the recovery VM and ensure that the attached disk is flagged as ONLINE in the Disk Management console.


8) Before doing any changes create a copy of the folder windowssystem32config incase rollback is needed

9) On the recovery machine open up regedit

10) Select ‘HKEY_USERS’ and select File -> Load Hive


11) Browse up to the file windowssystem32configSYSTEM of the attached affected VMs OS Disk. Most likely this will be Drive E: or F:

12) When opening it will ask for a name, put ‘BROKENSYSTEM’ and select okay

13) Unfold HKEY_USERS and there will be a folder called ‘BROKENSYSTEM’

14) In there, make the following changes:

HKEY_USERSBROKENSYSTEMSelectCurrent                            From 1 to 2

HKEY_USERSBROKENSYSTEMSelectDefault                             From 1 to 2

HKEY_USERSBROKENSYSTEMSelectFailed                               From 0 to 1

HKEY_USERSBROKENSYSTEMSelectLastKnownGood          From 2 to 3

HKEY_USERSBROKENSYSTEMControlSet002ControlCrashControlAutoreboot         From 1 to 0

15) Select ‘HKEY_LOCAL_MACHINEBROKENSYSTEM’ then select File -> Unload Hive from the menu


16) Remove the now fixed disk from the recovery VM in the Azure Portal

17) Wait for the disk lease to expire. (About 3 mins)

18) Recreate the original VM using the following script in PowerShell. All this information can be found by selecting the individual resources in the Portal if you are unsure.



Get-AzureRmSubscription –SubscriptionID “SUBID” | Select-AzureRmSubscription$rgname = “”

$loc = “”

$vmsize = “”

$vmname = “”

$vm = New-AzureRmVMConfig -VMName $vmname -VMSize $vmsize;

$nic = Get-AzureRmNetworkInterface -Name (“YourNICName”) -ResourceGroupName $rgname;

$nicId = $nic.Id;

$vm = Add-AzureRmVMNetworkInterface -VM $vm -Id $nicId;

$osDiskName = “YourDiskOSName”

$osDiskVhdUri = “YourDiskOSUri”

$vm = Set-AzureRmVMOSDisk -VM $vm -VhdUri $osDiskVhdUri -name $osDiskName -CreateOption attach -Windows

New-AzureRmVM -ResourceGroupName $rgname -Location $loc -VM $vm -Verbose

Here is an example of what is should look like:

# To login to Azure Resource Manager


# To view all subscriptions for your account


# To select a default subscription for your current session

Get-AzureRmSubscription –SubscriptionID “12345678-1234-123r-5332-522214446c32” | Select-AzureRmSubscription

$rgname = “server2012r2”

$loc = “southcentralus”

$vmsize = “Standard_A1”

$vmname = “server2012r2”

$vm = New-AzureRmVMConfig -VMName $vmname -VMSize $vmsize;

$nic = Get-AzureRmNetworkInterface -Name (“server2012r2577”) -ResourceGroupName $rgname;

$nicId = $nic.Id;

$vm = Add-AzureRmVMNetworkInterface -VM $vm -Id $nicId

$osDiskName = “server2012r2”

$osDiskVhdUri = “

$vm = Set-AzureRmVMOSDisk -VM $vm -VhdUri $osDiskVhdUri -name $osDiskName -CreateOption attach -Windows

New-AzureRmVM -ResourceGroupName $rgname -Location $loc -VM $vm -Verbose

19) Run the script and head to the portal. Once the VM is finished being created connect via RDP

Author: micahmckittrick

28 years old. Azure Engineer @Microsoft

2 thoughts on “How to setup a VM to boot to last good known configuration (ARM)”

  1. Thanks for your post Micah, but it didn’t work for me. After editing the registry hive and recreated the VM, it shows a black screen in boot diagnostics with an error saying that winload.exe cannot be found. My failing VM is a domain controller. Any similar method to boot into failsafe mode with RDP? Thanks.


    1. Hey Carlos. What is the error code you are seeing in boot diagnostics? Winload.exe missing can mean a few different things depending on the associated error code


Comments are closed.