Solved

Accessing Windows 2008 R2

Posted on 2013-11-04
17
163 Views
Last Modified: 2013-11-21
Hi Windows Experts,

I have a server acting as a reverse proxy for lync. It was set up long before I joined the company. No RDP or remote login allowed on this server. My guess is there is a local admin named test(which is normally the local admin account used on all the servers) created and disabled the default administrator account.  Unfortunately, someone tried to login to this vm with local username administrator and not the username test. Now when I try to login to this vm the username has defaulted to administrator and I do not have any option to change it to other username. This is a VM and is accessible via console in vSphere/VCenter only.

I would really appreciate your expert advise on this.

Thanks,

Deorali
0
Comment
Question by:Deorali
  • 6
  • 5
  • 4
17 Comments
 
LVL 24

Expert Comment

by:MojoTech
ID: 39625885
Can u post up some screen shots of what you see? you should just simply be able to logon as a different user, unless maybe you supply the logon details prior to connection? but even then you should in most cases be able to supply domain\username to force change any defaults. Point being you should not be locked into anything.
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 39626708
normally you would log into vCentre as yourself and then right click on the VM to open the console screen, from there you should be able to CTRL+ALT+INS and as MojoTech said, you should be able to use DOMAIN\YOURUSERNAME to log into the server as yourself or any DA, and correct the RDP access rights & unlock the usual local admin account you use.

By default Win 7 & 2008 R2 usually have the local admin accounts disabled.
0
 
LVL 1

Author Comment

by:Deorali
ID: 39628170
from vCenter Console
Sorry, my exchange server went kaput today and took all morning fixing it. Yes,  I am accessing this vm from the vCenter console. I get no option to change the username to anything else as Administrator appears by default. How do I change from Administrator to test which is the local admin account.

I would really appreciate your help.

Thanks,
0
 
LVL 24

Expert Comment

by:MojoTech
ID: 39628333
Unless some has taken steps to change defaults then all you have is a local Account "Administrator" you need to either guess, or reset the password, have you ever know this to be logged on using an account called "test" or are you making an assumption based on other systems?

(In regards to a password reset google search for that and follow some instructions for whatever they use instead of the Offline Reg Hacker these days)
0
 
LVL 1

Author Comment

by:Deorali
ID: 39628555
Thanks MojoTech.  "Administrator" is disabled on all the servers and "test"(this is not a real account and do not want to put in here)  local admin account is created.

So, there is no way I can change the "Administrator" username to "test" right?

Thanks,
0
 
LVL 24

Expert Comment

by:MojoTech
ID: 39628569
Well what you see there is enumerated from local accounts so for any local account (you should see that represented) that fact that you are only seeing administartor suggests that either that is the only account or somone has reg hacked to prevent the others from showing up.

Could you maybe try to remotly access an admin share, and auth using the "test" account, just to verify it?
0
 
LVL 1

Author Comment

by:Deorali
ID: 39628597
I just tried to access an admin share using "test" but it won't let me in. I am getting Logon failure: unknown user name or bad password.
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 24

Expert Comment

by:MojoTech
ID: 39628602
That suggest to me there is no such account and the evidence somewhat supports that.

I would focus on the "Administrator" account, and maybe look into resetting the password if it is not known to you.
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 39628745
you should be able to use Computer Management admin tool, right click where it says LOCAL, and type the name of your server.

once connected open out the Local Users & Groups and see if you can enable the local Admin account and get logged in (or enable and reset pwd).
0
 
LVL 1

Author Comment

by:Deorali
ID: 39630378
No luck. I tried to connect via computer management admin tool but none of the credentials work to connect to the vm.
0
 
LVL 20

Accepted Solution

by:
Iain MacMillan earned 500 total points
ID: 39630703
that seems very worrying, and code be an issue with domain membership/trusted link, as when i link to any server with computer management console, it just uses my existing DA creds and links, i don't get prompted.

have you tried to bring the server up in safe mode, F8 should work from the console window, you should then be prompted for a full login, and enter your 'test' local admin account.

I.
0
 
LVL 1

Author Comment

by:Deorali
ID: 39631741
During my maintenance window next week, I will try to reboot in safe mode and see if it will allow me enter different username.

Thanks,
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 39665976
did you get it fixed in the end??
0
 
LVL 1

Author Comment

by:Deorali
ID: 39666163
Thanks IainNIX. I was able to reset the password. This was the Lync Edge Server.
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 39666188
cool......:)
0

Featured Post

Integrate social media with email signatures

Is your company active on social media? Do you also use email signatures? Including social media icons in your email signature is a great way to get fans for free. Let all your email users know you’re on social media quickly and easily, in a single click.

Join & Write a Comment

This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
This is an article about Leadership and accepting and adapting to new challenges. It focuses mostly on upgrading to Windows 10.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now