Azure services

Step-by-Step Guide : Serial Console for Azure VM

Azure VM now have serial console access via Azure portal. It is not depending on the virtual machine’s network or operating system state. This is ideal for recover machines/data, modify system configurations & troubleshooting. Azure serial console access is only available via Azure portal. It is using COM1 port of the virtual machine. This works for both Windows & Linux VMs. In my demo I am going to show how we can access windows VM via serial console. 

Prerequisite 

1. A VM created via New portal. This feature is not available for classic deployment model. 

2. A user with minimum of Virtual Machine Contributor role

3. Password based account for the VM

Once prerequisites are in place, we can start the configuration. In my demo setup, I am going to use a VM with Windows server 2019 datacenter version. 

1) Log in to the Azure portal as Global Administrator

2) Go to Virtual Machines and click on the selected VM. 

3) Then click on Boot diagnostics under Support + troubleshooting

4) In new window, Click on Settings and make sure Boot diagnostics are turned on

5) Then go back to Support + troubleshooting and click on serial console

6) Then it should start the SAC console

7) If your VM was created before Feb 2018, you will need to enable the SAC console manually. To do that,

RDP to the VM and login as administrator

Then open command prompt as administrator

Type bcdedit /ems {current} on and enter

Then run bcdedit /emssettings EMSPORT:1 EMSBAUDRATE:115200

Reboot the VM

This will enable the SAC ( Special Administrative Console ) 

8) Once SAC is open we can use CMD command to create CMD channel. 

9) Then run ch -si 1 to connect to the channel.

10) Press enter to continue and then it will ask for user name and password for the VM. 

11) Once session is authenticated, it will open the command prompt. 

12) If you want to switch to powershell instance, type powershell and press enter. 

This marks the end of this blog post. If you have any questions feel free to contact me on rebeladm@live.com also follow me on twitter @rebeladm to get updates about new blog posts.

Related posts
Azure services

Microsoft Entra Permissions Management – Part 01 – Azure Subscription Onboarding

Today’s rapidly changing digital landscape creates new identity and access challenges. Microsoft…
Read more
Azure servicesMicrosoft Entra IDMicrosoft Technologies

Step-by-Step Guide : Automate JML(Joiners/Movers/Leavers) process with Microsoft Entra lifecycle workflows

JML (Joiners/Movers/Leavers) process of an organization has a major impact on its security and…
Read more
Azure servicesCyber SecurityMicrosoft Defender

Microsoft Defender for Identity Part 04 – Network Requirements

This is the Part 04 of the Microsoft Defender for Identity blog series and so far in this series, we…
Read more
Newsletter
Become a Trendsetter

Sign up and get the best of RebelAdmin, tailored for you.

3 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *