Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Cannot Login to EC2 Instance As Local User After Joining SimpleAD Directory Service in AWS

Posted on 2016-09-21
4
Medium Priority
?
342 Views
Last Modified: 2016-09-22
I have an EC2 Windows 2012 r2 instance that is joined to Directory Services (SimpleAD directory).

Before joining the server to my SimpleAD I was able to login as the local Administrator yesterday.

I have created a local administrative user but I cannot login as that User. I can login as a Domain Administrator, but not locally. Obviously this is different than yesterday.

I've tried several things, including omitting the domain name when attempting to RDP and adding
.\ 

Open in new window

before the user name.

The error I am getting is "Login Attempt Failed".

I have not changed any Group Policy.

Any suggestions on how I can login to the machine as a local user?

Thanks for your help.
0
Comment
Question by:Tessando
  • 2
  • 2
4 Comments
 
LVL 6

Expert Comment

by:sAMAccountName
ID: 41809784
Have you tried recovering the local adminsitrator password through the AWS console?  If you view your instances in the EC2 console, you should be able to right-click it and get the password.

If that password doesn't work, you should be able to log on to the instance using the Administrator account you have been provided via SImpleAD.  Using that account, you should be able to RDP to the EC2 instance you joined and reset its local administrator password.
0
 

Author Comment

by:Tessando
ID: 41809797
Thank you, but that's not the issue. I have the Administrator password. What's really happening is that when this server was connected to a Domain, I couldn't login as any local user.

Update --->

To resolve this, I removed the computer from the Domain and associated it with a temporary Workgroup. I was then able to login locally. I then logged back out and in as the local account again, adding the machine to the Domain.

My best guess is that this has something to do with SimpleAD (Directory Service from AWS). I'm going to leave this up for the rest of the day to see if someone else has experienced this as well and, if so, what the fix was.
0
 
LVL 6

Accepted Solution

by:
sAMAccountName earned 2000 total points
ID: 41810872
Thats probably useful information for the AWS Directory Services team and Id suggest you forward that behavior along through the forum posts, which do get read by that team.

SimpleAD is Samba directory services in the back end and some of the behavior it exhibits is odd.  This looks like something they might be able to code around and I suspect you arent the only one this has happened to.
0
 

Author Closing Comment

by:Tessando
ID: 41811245
Great suggestion. I will let AWS know. Thank you.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
Let's recap what we learned from yesterday's Skyport Systems webinar.
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question