I came across and interesting approach recently for resetting a misplaced/undocumented Windows administrator passwords in a reddit post. This technique is only valid for instances with SSM installed.
“SSM Agent is installed by default on Windows Server 2016 instances and instances created from Windows Server 2003-2012 R2 AMIs published in November 2016 or later.”[source]
As the reddit post suggests, this is a simple process. Let’s go through it.
First, we’ll go to IAM > Roles > Create Role…
Select AmazonEC2RoleforSSM, then name your role.
Then, we’ll switch back over to the EC2 Console. With the instance selected, we’ll attach the IAM Role.
Now, we’ll go to Run Command, select AWS-RunPowerShellScript, select our instance and command: net user Administrator {password} then click Run.
Wait for the Status to say Success, but if you get antsy, go ahead and try your new password…the console is a bit laggy to update sometimes.
Boom, you’re in! That’s all there is to it.
I should note…As with everything, this could also be done via cmd line with Windows AWS CLI:
aws ssm send-command –document-name “AWS-RunPowerShellScript” –instance-ids “i-0b01ec329736da1cb” –max-concurrency “1” –max-errors “1” –parameters “{\”commands\”:[\”net user Administrator MyNewPassword99**\”],\”executionTimeout\”:[\”3600\”]}” –timeout-seconds 600 –region us-east-1
(If you’re curious, this instance has already been terminated).
