Solved

Accessing Windows 2008 R2

Posted on 2013-11-04
17
167 Views
Last Modified: 2013-11-21
Hi Windows Experts,

I have a server acting as a reverse proxy for lync. It was set up long before I joined the company. No RDP or remote login allowed on this server. My guess is there is a local admin named test(which is normally the local admin account used on all the servers) created and disabled the default administrator account.  Unfortunately, someone tried to login to this vm with local username administrator and not the username test. Now when I try to login to this vm the username has defaulted to administrator and I do not have any option to change it to other username. This is a VM and is accessible via console in vSphere/VCenter only.

I would really appreciate your expert advise on this.

Thanks,

Deorali
0
Comment
Question by:Deorali
  • 6
  • 5
  • 4
17 Comments
 
LVL 24

Expert Comment

by:Mike Thomas
ID: 39625885
Can u post up some screen shots of what you see? you should just simply be able to logon as a different user, unless maybe you supply the logon details prior to connection? but even then you should in most cases be able to supply domain\username to force change any defaults. Point being you should not be locked into anything.
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 39626708
normally you would log into vCentre as yourself and then right click on the VM to open the console screen, from there you should be able to CTRL+ALT+INS and as MojoTech said, you should be able to use DOMAIN\YOURUSERNAME to log into the server as yourself or any DA, and correct the RDP access rights & unlock the usual local admin account you use.

By default Win 7 & 2008 R2 usually have the local admin accounts disabled.
0
 
LVL 1

Author Comment

by:Deorali
ID: 39628170
from vCenter Console
Sorry, my exchange server went kaput today and took all morning fixing it. Yes,  I am accessing this vm from the vCenter console. I get no option to change the username to anything else as Administrator appears by default. How do I change from Administrator to test which is the local admin account.

I would really appreciate your help.

Thanks,
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 24

Expert Comment

by:Mike Thomas
ID: 39628333
Unless some has taken steps to change defaults then all you have is a local Account "Administrator" you need to either guess, or reset the password, have you ever know this to be logged on using an account called "test" or are you making an assumption based on other systems?

(In regards to a password reset google search for that and follow some instructions for whatever they use instead of the Offline Reg Hacker these days)
0
 
LVL 1

Author Comment

by:Deorali
ID: 39628555
Thanks MojoTech.  "Administrator" is disabled on all the servers and "test"(this is not a real account and do not want to put in here)  local admin account is created.

So, there is no way I can change the "Administrator" username to "test" right?

Thanks,
0
 
LVL 24

Expert Comment

by:Mike Thomas
ID: 39628569
Well what you see there is enumerated from local accounts so for any local account (you should see that represented) that fact that you are only seeing administartor suggests that either that is the only account or somone has reg hacked to prevent the others from showing up.

Could you maybe try to remotly access an admin share, and auth using the "test" account, just to verify it?
0
 
LVL 1

Author Comment

by:Deorali
ID: 39628597
I just tried to access an admin share using "test" but it won't let me in. I am getting Logon failure: unknown user name or bad password.
0
 
LVL 24

Expert Comment

by:Mike Thomas
ID: 39628602
That suggest to me there is no such account and the evidence somewhat supports that.

I would focus on the "Administrator" account, and maybe look into resetting the password if it is not known to you.
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 39628745
you should be able to use Computer Management admin tool, right click where it says LOCAL, and type the name of your server.

once connected open out the Local Users & Groups and see if you can enable the local Admin account and get logged in (or enable and reset pwd).
0
 
LVL 1

Author Comment

by:Deorali
ID: 39630378
No luck. I tried to connect via computer management admin tool but none of the credentials work to connect to the vm.
0
 
LVL 20

Accepted Solution

by:
Iain MacMillan earned 500 total points
ID: 39630703
that seems very worrying, and code be an issue with domain membership/trusted link, as when i link to any server with computer management console, it just uses my existing DA creds and links, i don't get prompted.

have you tried to bring the server up in safe mode, F8 should work from the console window, you should then be prompted for a full login, and enter your 'test' local admin account.

I.
0
 
LVL 1

Author Comment

by:Deorali
ID: 39631741
During my maintenance window next week, I will try to reboot in safe mode and see if it will allow me enter different username.

Thanks,
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 39665976
did you get it fixed in the end??
0
 
LVL 1

Author Comment

by:Deorali
ID: 39666163
Thanks IainNIX. I was able to reset the password. This was the Lync Edge Server.
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 39666188
cool......:)
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
How to record audio from input sources to your PC – connected devices, connected preamp to record vinyl discs, streaming media, that play through your audio card: Vista, Windows 7, Windows 8, Windows 8.1 and Windows 10 – both 32 bit & 64.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question