EC2 Windows password recover

windows-server-2008 password-recovery amazon-ec2

I can't get the password from the AWS console tools. I can reach the box via rdesktop.Can I reset the password remotely? If so, how to go about doing this? the machine is Windows server 2008 R2 Datacenter.


Solution 1:

I ran across this scenario and found a solution using the unique setup of EC2 on another site: http://www.smattie.com/2012/01/23/video-remotely-reset-windows-password-via-ec2-config-service/

The video is long, so to summarize the steps:

  1. Create a new scratch EC2 instance running 2003 server, and log into it.
  2. Shut down your lost instance (the one you can't log into) from the AWS console.
  3. On the EC2 console, go to Elastic Block Store/Volumes and find your C: disk volume, and Detach it.
  4. On that same volume, attach it to your scratch EC2 instance. You can see it appear in Disk Manager and you'll get a new D: drive letter.
  5. Go to D:\Program Files\Amazon\Ec2ConfigService\Settings\ and edit config.xml with notepad
  6. The first setting in the file is for the Ec2SetPassword plugin; change the State field from Disabled to Enabled. Save & close.
  7. On the AWS console, Detach the volume from the scratch instance (don't worry, it safely detaches from Windows)
  8. Attach the volume to your original lost instance, as /dev/sda1
  9. Start the instance. After a few minutes, run the Get Windows Password function which will have the newly generated password.

Solution 2:

When the password says not ready for an extended period of time. It usually means that this server was launched from an AMI. The keys don't work for AMI's The keys don's work for AMI's that have modified the EC2Config service. When you save a windows AMI you need to make sure you have the administrator password written down or better yet memoried. Standard practice with amazon is to change the password the first time you log in.

If you need some type of data on the instance you can shut it down. Detach the harddrive and attach it to another instance to recover any data. But my suggestion is to use a new instance. There's nothing you can do at this point unless you have the original instance running that was used to create the AMI. The password for that machine would be the same as the machine that will not generate the password for you.

Related

one ssh key file for multiple machines, instead of pair to single machine?
Grepping for CIDR ranges
Best way to go about changing a root password on 3000+ Solaris, AIX, and Linux servers?
Where are pfsense log files?
how many decibels of noise will an Intel R1000BB generate?
Default arp cache timeout
Supervisor sock file missing
CentOS 6 router/firewall seems to be throttling throughput
Bare metal or virtualize?
Instant Messaging Server [closed]
How do I generate a list of windows patches and the date they were installed on a windows 2000 server?
Disable modsecurity For a Specific Directory