klo2k

Posted on Mar 7, 2025 • Edited on Apr 3, 2025

Create Ubuntu 24.04.2 VM in Hyper-V, with "Enhanced Session" RDP support (Windows 11, xrdp, development)

#ubuntu #tutorial #devops

Create Ubuntu 24.04.2 VM in Hyper-V, with "Enhanced Session" RDP support (Windows 11, xrdp, development)

To setup an Ubuntu 24.04.2 development Hyper-V VM, with built-in "Enhanced Session" + Remote Desktop Protocol (RDP) support (until it's available in Hyper-V's "Quck Create"):

Create Hyper-V VM
Configure VM for "Enhanced Session", allow nested virtualisation
Start VM, install Ubuntu
XRDP Setup
Optional, but really useful setup
Fix Xrdp slow performance
Connect to VM

Create Hyper-V VM

Create VM ("New" > "Virtual Machine"):

# Specify Name and Location
Name: Ubuntu 24.04
[Next]

# Specify Generation
Generation: 2
[Next]

# Assign Memory
Startup memory: 4096
[Next]

# Configure Networking
Connection: Default Switch
[Next]

# Connect Virtual Hard Disk
Create a virtual hard disk:
  Name: Ubuntu 24.04.vhdx
  Size: 256GB
[Next]

# Installation Options
Install an operating system from a from bootable CD/DVD-ROM:
  Image file: ubuntu-24.04.2-desktop-amd64.iso

[Finish]

DO NOT START VM YET

Configure VM (Right-click "Ubuntu 24.04" > "Settings..."):

# Change boot order (boot from HDD before Network)
Firmware
  DVD Drive
  HDD
  Network

# Necessary to boot Ubuntu
Security
  Enable Secure Boot
  Template: Microsoft UEFI Certificate Authority

# Optional
Integration Services
  (Check all)

# Optional
Checkpoints
  (Uncheck) Use automatic checkpoints

# Optional
Automatic Stop Action
  Shut down the guest operating system

[OK]

DO NOT START VM YET

Configure VM for "Enhanced Session", allow nested virtualisation

From admin PowerShell (Right-click "Windows PowerShell" > "Run as administrator..."):

# Connect with Enhanced Session
Set-VM -VMName 'Ubuntu 24.04' -EnhancedSessionTransportType HvSocket

# Allow nested virtualisation (optional)
Set-VMProcessor -VMName 'Ubuntu 24.04' -ExposeVirtualizationExtensions $true
# Verify - expect 'True'
(Get-VMProcessor -VMName 'Ubuntu 24.04').ExposeVirtualizationExtensions

Start VM, install Ubuntu

Start VM, install with default options, using the latest installer (Update installer if promoted).

Note:
1. ❗ Make sure Require my password to log in is checked (this is needed for xrdp)
2. Example Default installation options:
```
  Interactive installation
  Default selection
  Erase disk and install Ubuntu
```
Restart - Hard-reset VM if you get error: SQUASHFS error: Failed to read block

XRDP Setup

Install Xrdp + apply Ubuntu 24.04 specific fixes:

💡 You may find it easier to do this over SSH: apt install -y openssh-server, then ssh to new VM.

# As root
sudo su -

# Hyper-V integration services
apt install -y linux-tools-virtual-hwe-24.04 linux-cloud-tools-virtual-hwe-24.04
# Fix-up journal log error
mkdir /usr/libexec/hypervkvpd/
ln -s /usr/sbin/hv_get_dhcp_info /usr/libexec/hypervkvpd/hv_get_dhcp_info
ln -s /usr/sbin/hv_get_dns_info /usr/libexec/hypervkvpd/hv_get_dns_info

# Install xrdp
apt install -y xrdp
cp -p /etc/xrdp/sesman.ini /etc/xrdp/sesman.ini.original
cp -p /etc/xrdp/xrdp.ini /etc/xrdp/xrdp.ini.original

# Allow enhanced session
sed -i -e 's/^port=3389$/port=3389 vsock:\/\/-1:3389/g' /etc/xrdp/xrdp.ini

# Rename redirected drives to 'shared-drives'
sed -i -e 's/FuseMountName=thinclient_drives/FuseMountName=shared-drives/g' /etc/xrdp/sesman.ini


# Use "Ubuntu" session
cat > /etc/xrdp/startubuntu.sh << EOF
#!/bin/sh
export GNOME_SHELL_SESSION_MODE=ubuntu
export XDG_CURRENT_DESKTOP=ubuntu:GNOME
exec /etc/xrdp/startwm.sh
EOF
chmod a+x /etc/xrdp/startubuntu.sh
# use the script to setup the ubuntu session
sed -i -e 's/startwm/startubuntu/g' /etc/xrdp/sesman.ini

# Fixes login black screen delay
echo "blacklist vmw_vsock_vmci_transport" > /etc/modprobe.d/blacklist-vmw_vsock_vmci_transport.conf

# Unlock keyring on login
cat > /etc/pam.d/xrdp-sesman <<'EOT'
#%PAM-1.0
auth     required  pam_env.so readenv=1
auth     required  pam_env.so readenv=1 envfile=/etc/default/locale
@include common-auth
-auth    optional  pam_gnome_keyring.so
-auth    optional  pam_kwallet5.so

@include common-account

@include common-password

# Ensure resource limits are applied
session    required     pam_limits.so
# Set the loginuid process attribute.
session    required     pam_loginuid.so
# Update wtmp/lastlog
session    optional     pam_lastlog.so quiet
@include common-session
-session optional  pam_gnome_keyring.so auto_start
-session optional  pam_kwallet5.so auto_start
EOT

Optional, but really useful setup

Reduce boot delay:

cp -p /etc/default/grub /etc/default/grub.default
# Show boot log instead of splash screen
sed -i -e 's/GRUB_CMDLINE_LINUX_DEFAULT=.*/GRUB_CMDLINE_LINUX_DEFAULT=""/g' /etc/default/grub
# Faster boot - reduce grub wait for input timeout
echo 'GRUB_RECORDFAIL_TIMEOUT=3' >> /etc/default/grub
update-grub

Enable zram (compressed memory), disable swap file:

apt install -y systemd-zram-generator
cp -p /etc/systemd/zram-generator.conf /etc/systemd/zram-generator.conf.original
cat > /etc/systemd/zram-generator.conf <<'EOT'
[zram0]
zram-size = 12288
compression-algorithm = zstd
EOT
systemctl daemon-reload
systemctl restart systemd-zram-setup@zram0

# Disable swap file
cp -p /etc/fstab /etc/fstab.original
sed -i -e 's@^/swap.img@#/swap.img@g' /etc/fstab
swapoff /swap.img
rm /swap.img

Full reboot (must power off > power on - else Enhanced Session won't kick-in)

poweroff

Fix Xrdp slow performance

In Feb 2025 one of the Ubuntu update caused a performance regression with the Xorg backend (even on 1920x1080...).

To switch to the VNC Backend:

# As root
sudo su -

# Install TigerVNC
apt install -y tigervnc-standalone-server tigervnc-xorg-extension

# Configure tigervnc backend
cp -p /etc/xrdp/sesman.ini /etc/xrdp/sesman.ini.20250213
sed -z -i -e \
's/'\
'\(\[Xvnc\].*\nparam=96\n\)\n\[/'\
'\1param=-CompareFB\nparam=1\nparam=-ZlibLevel\nparam=0\nparam=-geometry\nparam=1920x1080\n\n[/'\
'gi' /etc/xrdp/sesman.ini

# Remove Xorg backend
sed -z -i -e \
's/'\
'\[Xorg\].*\ncode=20\n\n\[/'\
'[/'\
'gi' /etc/xrdp/xrdp.ini

reboot

Connect to VM

Either using mstsc / Hyper-V

Profit 😉

Credits

Top comments (7)

Paul Rathbone • Aug 15 '25

Well fxxk me! I spent about 15 person-hours in total asking Copilot to guide me through achieving this and it so almost did. What it didn't figure out was that on each guest install I performed (and there were several), I was NOT requiring password because, you know, life is too short to type it in every time if you have a low security need. So, as soon as I saw ...

❗ Make sure Require my password to log in is checked (this is needed for xrdp)

...I knew your code would work. Thank you for your amazing solution, it's brilliant!

It's not all roses though. After I updated the client, it broke! Happily, this time Copilot guided me through making it functional again in half an hour.

Just in case you're interested, here's what it says happened: -

📌 Problem Summary

Trigger Event: You ran a system update inside the Linux guest.
Impact of Update:
Likely upgraded xrdp, xorgxrdp, kernel, or display‑manager packages.
Any one of these can break the negotiated Enhanced Session channel if configs, service states, or driver modules change while Hyper‑V is expecting the old stack.
Observed Symptom: After reboot, Enhanced Session failed to initialise — Hyper‑V dropped back to Basic Session or failed to connect entirely.
Why:
Updated xrdp/xorgxrdp may have overwritten critical config lines (especially the vsock:// listener in xrdp.ini).
Kernel or module changes (e.g., hv_sock, xorgxrdp) may not load until a full shutdown.
Display Manager may have flipped defaults (e.g., reverted to Wayland), breaking xrdp handshake.

Here's what it reckons to do before a system update.
🧭 Enhanced Session Update Flowchart
┌────────────────────────────┐
│ BEFORE SYSTEM UPDATE │
└────────────────────────────┘
↓
[1] Snapshot VM (Hyper‑V checkpoint)
↓
[2] Backup configs:
cp -p /etc/xrdp/xrdp.ini /etc/xrdp/xrdp.ini.bak
cp -p /etc/xrdp/sesman.ini /etc/xrdp/sesman.ini.bak
↓
[3] Hold critical packages (optional):
sudo apt-mark hold xrdp xorgxrdp
↓
[4] Stop XRDP services:
sudo systemctl stop xrdp xrdp-sesman
↓
[5] Apply updates:
sudo apt update && sudo apt upgrade -y
↓
[6] Validate configs:
grep vsock /etc/xrdp/xrdp.ini
echo $XDG_SESSION_TYPE
lsmod | grep hv_sock
↓
[7] Restart services:
sudo systemctl start xrdp-sesman
sudo systemctl start xrdp
↓
[8] Reconnect Enhanced Session
↓
[✓] If broken → restore backup configs or revert checkpoint

🧪 Post‑Update Validation Checklist

🛡️ Recovery Options

Restore configs:

cp -p /etc/xrdp/xrdp.ini.bak /etc/xrdp/xrdp.ini
cp -p /etc/xrdp/sesman.ini.bak /etc/xrdp/sesman.ini

Unhold packages (when ready):

sudo apt-mark unhold xrdp xorgxrdp

Revert VM checkpoint: Use Hyper‑V Manager → Apply Checkpoint

dnxb42 • Mar 29

For the future me:

sudo adduser xrdp ssl-cert
...
sudo -u xrdp test -r /etc/ssl/private/ssl-cert-snakeoil.key && echo OK || echo FAIL
...
sudo cp -a /etc/xrdp/xrdp.ini /etc/xrdp/xrdp.ini.bak.2026-03-29
sudo mcedit /etc/xrdp/xrdp.ini

=> security_layer=rdp

=> crypt_level=high

grep -E "security_layer=|crypt_level=" /etc/xrdp/xrdp.ini

reboot

Robert Young • Feb 7

I just wanted to tell you that you are my hero. I've spent hours trying to get my display to go about 1920x1080p. The only time it got close was doing a Quick Create setup in HyperV but as soon as Ubuntu updated it broke. You are the man!