0

I received reports that users trying to RDP to an Azure Win Server 2019 VM via JIT or any other means were not able to. This used to work previously. In addition, users RDP using they own user account and not the local admin.

Upon investigation, we noted that the local admin password was expired so we reset that and all of a sudden, RDP is now working for everyone.

I'm not sure if this was the actual fix but it was odd that as soon as the account was reset, the RDP issue was fixed. No one else was on the server but me around the time the password was reset and confirmed RDP was back in business. We also confirmed RDP is running on the server.

My questions are:

  1. How did an expired local admin password prevent users from RDPing, with their own usernames, to the server?
  2. If the expired local admin wasn't the fix, can someone point me to what else could have fixed this?
Improve this question
3
  • How did an expired local admin password prevent users from RDPing, with their own usernames, to the server? It does not, and it cannot under any circumstances. You should be able to view the relevant audit entries in the security event log to confirm the accounts that failed to logon, and the accounts that were modified.
    – Greg Askew
    Aug 21 at 19:32
  • Admin password expiring might cause issues if one of the services, in particular related to RDP was set to use the admin login to run, rather than a service account. But in that case you would also need to update the credentials for the service for the new password, unless "reset that" was disabling password expiration for the account rather than assigning a new password.
    – Keith Langmead
    Aug 22 at 4:00
  • Don't let the local admin password expire, instead change its password regularly via LAPS
    – David Trevor
    Aug 22 at 5:37

0

Reset to default

You must log in to answer this question.