builtin admin seems to have a password issue but resetting it does not solve the problem

Question

Built in administrator on azure vm seems to have a password problem but resetting password or configuration still does not allow the account to rdp or even do a runas from another account.

Answer 1

Hi Patrik, sorry for delay with answers...

so... I would explain my way... what i would do if so... but probably u already did the same...

Check if the account is enabled Run the following in PowerShell (via another working account):

Get-LocalUser -Name "Administrator"

If Enabled is False, enable it:

Enable-LocalUser -Name "Administrator"

Ensure the account is part of the Remote Desktop Users group

Add-LocalGroupMember -Group "Remote Desktop Users" -Member "Administrator"

thats what i would like to check firstly...

next ... azure vm serial console for reset pass... if prev works its fine. fine if u cant login in in any way sooo Azure portal> Virtual Machines > u VM under operation select Serial Console and for reset pass

net user Administrator "YourNewPassword123!"

next rdp for that account

reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon /t REG_SZ /d 1 /f

and reboot that vm.

if pass is ok and account is enabled lets check rdp

Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections"

if its show 0 means rdp is disabled so need to be enabled

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" -Value 0
Enable-NetFirewallRule -DisplayGroup "par example RD"

finale lets check nsg if its allow rdp port 3389 go to azure portal>networking > Inb Rules

make sure the rule for tcp 3389 is exist and allowed.

and last one and most simple ... u can create a new local admin account )))) and happy to use it ))))...

if it will help let me to know pls.

Best regards,

Alex

P.S. If my answer help to you, please Accept my answer