Steve Borba

My notes, I hope they help you, feel free to comment/add to them

AWS – Recover Windows Password

There are times one needs to reset the local admin password on a windows server hosted in AWS.
If this were host in VMware, I would just mount the drive to a linux helper with chntpw, and we could do that with AWS, but if the guest has EC2Config, then we have another option (it will be unless you specifically tried to kill it).

There are tons of other options, this is just one I think is fairly easy.

First step is to stop the instance:

(Right Click, Stop instance)

Once stopped, you add the script into userdata

Right Click, Instance Settings, Edit user data

Then put this script in the data (Change PASSWORD to the password you want to use):

<powershell>
    $rc = ([adsi]("WinNT://$env:computername/"+((Get-LocalUser)|? {$_.SID.value -like '*-500'}).name)).SetPassword('PASSWORD')
    Start-Sleep -Seconds 10
    $rc = Stop-Computer
</powershell>
<persist>true</persist>

Then start the instance, it should change the password and shutdown – even if it doesn’t shut down, you should and remove that script or it will keep changing the password and make it visable to anyone on that server.

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>