Add new Admin Account to AWS Windows Instances to rescue the system

As mentioned earlier, we could reset the local admin password of windows instances via registry, but unfortunately that will not going to help us if we forget the user id details or we renamed the user id. And the good news is, we still will be able to logon into the system by creating one new Admin Account using AWS User Data. This process is very simple as described bellow.

You have to re-attached the root volume of faulty system to a working AWS instances.
Now, you have to use EC2Rescue to enable user data (Ec2HandelUserData), which will execute a script on next boot. (*This could be done by editing config.xml file of EC2Config)

Once done, you have to re-attach the volume to the original system as root (/dev/sda1) volume.
Now, from AWS EC2 Console, you have to select the server and edit the User Data before starting the server and add the following PowerShell script. This script will create a Admin Account called “MyAdminX” with the password “!!4SJKAHGYWMd4!!” on first boot and you will be able to logon to the server using this new account.

powershellAddAdminAccount

<powershell>
$Name="MyAdminX"
$Computer = [ADSI]"WinNT://$Env:COMPUTERNAME,Computer"
$LocalAdmin = $Computer.Create("User", $Name)
$LocalAdmin.SetPassword("!!4SJKAHGYWMd4!!")
$LocalAdmin.SetInfo()
$LocalAdmin.FullName = $Name
$LocalAdmin.SetInfo()
$LocalAdmin.Description = "Admin Account created using User Data"
$LocalAdmin.SetInfo()
$LocalAdmin.UserFlags = 64 + 65536 # ADS_UF_PASSWD_CANT_CHANGE + ADS_UF_DONT_EXPIRE_PASSWD
$LocalAdmin.SetInfo()
$AdminGroup = [ADSI]"WinNT://$Env:COMPUTERNAME/Administrators,group"
$User = [ADSI]"WinNT://$Env:COMPUTERNAME/$Name,User"
$AdminGroup.Add($User.Path)
</powershell>

I hope this will be helpful for you.