Solved

Cannot Login to EC2 Instance As Local User After Joining SimpleAD Directory Service in AWS

Posted on 2016-09-21
4
119 Views
Last Modified: 2016-09-22
I have an EC2 Windows 2012 r2 instance that is joined to Directory Services (SimpleAD directory).

Before joining the server to my SimpleAD I was able to login as the local Administrator yesterday.

I have created a local administrative user but I cannot login as that User. I can login as a Domain Administrator, but not locally. Obviously this is different than yesterday.

I've tried several things, including omitting the domain name when attempting to RDP and adding
.\ 

Open in new window

before the user name.

The error I am getting is "Login Attempt Failed".

I have not changed any Group Policy.

Any suggestions on how I can login to the machine as a local user?

Thanks for your help.
0
Comment
Question by:Tessando
  • 2
  • 2
4 Comments
 
LVL 6

Expert Comment

by:sAMAccountName
ID: 41809784
Have you tried recovering the local adminsitrator password through the AWS console?  If you view your instances in the EC2 console, you should be able to right-click it and get the password.

If that password doesn't work, you should be able to log on to the instance using the Administrator account you have been provided via SImpleAD.  Using that account, you should be able to RDP to the EC2 instance you joined and reset its local administrator password.
0
 

Author Comment

by:Tessando
ID: 41809797
Thank you, but that's not the issue. I have the Administrator password. What's really happening is that when this server was connected to a Domain, I couldn't login as any local user.

Update --->

To resolve this, I removed the computer from the Domain and associated it with a temporary Workgroup. I was then able to login locally. I then logged back out and in as the local account again, adding the machine to the Domain.

My best guess is that this has something to do with SimpleAD (Directory Service from AWS). I'm going to leave this up for the rest of the day to see if someone else has experienced this as well and, if so, what the fix was.
0
 
LVL 6

Accepted Solution

by:
sAMAccountName earned 500 total points
ID: 41810872
Thats probably useful information for the AWS Directory Services team and Id suggest you forward that behavior along through the forum posts, which do get read by that team.

SimpleAD is Samba directory services in the back end and some of the behavior it exhibits is odd.  This looks like something they might be able to code around and I suspect you arent the only one this has happened to.
0
 

Author Closing Comment

by:Tessando
ID: 41811245
Great suggestion. I will let AWS know. Thank you.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question