Unable to RDP to Windows instance after creating an AMI from it

Question

I created and customized a Windows EC2 instance. I gave the Administrator account for this instance a custom password. Before creating an EMI from it, I used the EC2Config service to generate a new random password for the Administrator account. The AMI was created successfully. I was able to launch a new instance, decrypt the password, RDP into it. The new instance works fine.

My issue is I am unable to login to the original custom EC2 instance from which I created the AMI. I have tried the decrypted password, as well as the custom password I had originally set. This doesn't seem to be an RDP issue, as neither Powershell Remoting is working (PS Remoting was working before creating the AMI).

Can't the original instance be used again after creating an AMI from it?

ps: I don't have another user account on the original instance. Next time I will remember to create a second Admin account.

Answer 1

This seems to be the expected behaviour. This has more to do with Sysprep than with AWS. The EC2ConfigService even warns us about it - "Sysprep doesn't support retaining the Admin account password for Win Server 2008 onwards". Running Sysprep wipes out the password from the original instance. The recommended way is to create a separate user account with admin privileges and use that to login and manage the system.

Answer 2

RDP is disabled after sysprep.

You have to mount the ebs boot volume on a different server and use ec2Savior program to renable the RDP service in the registry, reattach to your server, and boot.