Add new Admin Account to AWS Windows Instances to rescue the system

As mentioned earlier, we could reset the local admin password of windows instances via registry, but unfortunately that will not going to help us if we forget the user id details or we renamed the user id. And the good news is, we still will be able to logon into the system by creating one new Admin Account using AWS User Data. This process is very simple as described bellow.

You have to re-attached the root volume of faulty system to a working AWS instances.
Now, you have to use EC2Rescue to enable user data (Ec2HandelUserData), which will execute a script on next boot. (*This could be done by editing config.xml file of EC2Config)

Once done, you have to re-attach the volume to the original system as root (/dev/sda1) volume.
Now, from AWS EC2 Console, you have to select the server and edit the User Data before starting the server and add the following PowerShell script. This script will create a Admin Account called “MyAdminX” with the password “!!4SJKAHGYWMd4!!” on first boot and you will be able to logon to the server using this new account.

<powershell>
$Name="MyAdminX"
$Computer = [ADSI]"WinNT://$Env:COMPUTERNAME,Computer"
$LocalAdmin = $Computer.Create("User", $Name)
$LocalAdmin.SetPassword("!!4SJKAHGYWMd4!!")
$LocalAdmin.SetInfo()
$LocalAdmin.FullName = $Name
$LocalAdmin.SetInfo()
$LocalAdmin.Description = "Admin Account created using User Data"
$LocalAdmin.SetInfo()
$LocalAdmin.UserFlags = 64 + 65536 # ADS_UF_PASSWD_CANT_CHANGE + ADS_UF_DONT_EXPIRE_PASSWD
$LocalAdmin.SetInfo()
$AdminGroup = [ADSI]"WinNT://$Env:COMPUTERNAME/Administrators,group"
$User = [ADSI]"WinNT://$Env:COMPUTERNAME/$Name,User"
$AdminGroup.Add($User.Path)
</powershell>

$Name="MyAdminX"

$Computer = [ADSI]"WinNT://$Env:COMPUTERNAME,Computer"

$LocalAdmin = $Computer.Create("User", $Name)

$LocalAdmin.SetPassword("!!4SJKAHGYWMd4!!")

$LocalAdmin.SetInfo()

$LocalAdmin.FullName = $Name

$LocalAdmin.SetInfo()

$LocalAdmin.Description = "Admin Account created using User Data"

$LocalAdmin.SetInfo()

$LocalAdmin.UserFlags = 64 + 65536 # ADS_UF_PASSWD_CANT_CHANGE + ADS_UF_DONT_EXPIRE_PASSWD

$LocalAdmin.SetInfo()

$AdminGroup = [ADSI]"WinNT://$Env:COMPUTERNAME/Administrators,group"

$User = [ADSI]"WinNT://$Env:COMPUTERNAME/$Name,User"

$AdminGroup.Add($User.Path)

</powershell>

I hope this will be helpful for you.

Disclaimer: All posts and opinions on this site are provided AS IS with no warranties. These are our own personal opinions and do not represent our employer’s view in any way.

This article currently have 7,234 views

Author
Recent Posts

Follow me

Saugata

Founder at Internet

I am an IT Professional with 13+ years of experience in Windows, Storage, Backup, AWS and Azure. I love writing scripts using PowerShell. I loved to share my experience with rest of the world via this blog. I love my Echo Dot (3G). I love playing with Raspberry Pi.

Follow me

Add new Admin Account to AWS Windows Instances to rescue the system

Related

One comment

Leave a Reply Cancel reply

Share this:

Related

Leave a Reply Cancel reply