Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 173
  • Last Modified:

Accessing Windows 2008 R2

Hi Windows Experts,

I have a server acting as a reverse proxy for lync. It was set up long before I joined the company. No RDP or remote login allowed on this server. My guess is there is a local admin named test(which is normally the local admin account used on all the servers) created and disabled the default administrator account.  Unfortunately, someone tried to login to this vm with local username administrator and not the username test. Now when I try to login to this vm the username has defaulted to administrator and I do not have any option to change it to other username. This is a VM and is accessible via console in vSphere/VCenter only.

I would really appreciate your expert advise on this.

Thanks,

Deorali
0
Deorali
Asked:
Deorali
  • 6
  • 5
  • 4
1 Solution
 
Mike ThomasConsultantCommented:
Can u post up some screen shots of what you see? you should just simply be able to logon as a different user, unless maybe you supply the logon details prior to connection? but even then you should in most cases be able to supply domain\username to force change any defaults. Point being you should not be locked into anything.
0
 
Iain MacMillanIT ManagerCommented:
normally you would log into vCentre as yourself and then right click on the VM to open the console screen, from there you should be able to CTRL+ALT+INS and as MojoTech said, you should be able to use DOMAIN\YOURUSERNAME to log into the server as yourself or any DA, and correct the RDP access rights & unlock the usual local admin account you use.

By default Win 7 & 2008 R2 usually have the local admin accounts disabled.
0
 
DeoraliAuthor Commented:
from vCenter Console
Sorry, my exchange server went kaput today and took all morning fixing it. Yes,  I am accessing this vm from the vCenter console. I get no option to change the username to anything else as Administrator appears by default. How do I change from Administrator to test which is the local admin account.

I would really appreciate your help.

Thanks,
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Mike ThomasConsultantCommented:
Unless some has taken steps to change defaults then all you have is a local Account "Administrator" you need to either guess, or reset the password, have you ever know this to be logged on using an account called "test" or are you making an assumption based on other systems?

(In regards to a password reset google search for that and follow some instructions for whatever they use instead of the Offline Reg Hacker these days)
0
 
DeoraliAuthor Commented:
Thanks MojoTech.  "Administrator" is disabled on all the servers and "test"(this is not a real account and do not want to put in here)  local admin account is created.

So, there is no way I can change the "Administrator" username to "test" right?

Thanks,
0
 
Mike ThomasConsultantCommented:
Well what you see there is enumerated from local accounts so for any local account (you should see that represented) that fact that you are only seeing administartor suggests that either that is the only account or somone has reg hacked to prevent the others from showing up.

Could you maybe try to remotly access an admin share, and auth using the "test" account, just to verify it?
0
 
DeoraliAuthor Commented:
I just tried to access an admin share using "test" but it won't let me in. I am getting Logon failure: unknown user name or bad password.
0
 
Mike ThomasConsultantCommented:
That suggest to me there is no such account and the evidence somewhat supports that.

I would focus on the "Administrator" account, and maybe look into resetting the password if it is not known to you.
0
 
Iain MacMillanIT ManagerCommented:
you should be able to use Computer Management admin tool, right click where it says LOCAL, and type the name of your server.

once connected open out the Local Users & Groups and see if you can enable the local Admin account and get logged in (or enable and reset pwd).
0
 
DeoraliAuthor Commented:
No luck. I tried to connect via computer management admin tool but none of the credentials work to connect to the vm.
0
 
Iain MacMillanIT ManagerCommented:
that seems very worrying, and code be an issue with domain membership/trusted link, as when i link to any server with computer management console, it just uses my existing DA creds and links, i don't get prompted.

have you tried to bring the server up in safe mode, F8 should work from the console window, you should then be prompted for a full login, and enter your 'test' local admin account.

I.
0
 
DeoraliAuthor Commented:
During my maintenance window next week, I will try to reboot in safe mode and see if it will allow me enter different username.

Thanks,
0
 
Iain MacMillanIT ManagerCommented:
did you get it fixed in the end??
0
 
DeoraliAuthor Commented:
Thanks IainNIX. I was able to reset the password. This was the Lync Edge Server.
0
 
Iain MacMillanIT ManagerCommented:
cool......:)
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 6
  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now