DEVHIDE
Login Or Sign up

Azure new VM account disabled by default (Custom Image)

1k Views Asked by At

I'm having trouble when creating a VM in Microsoft Azure using a custom windows image.

Issue

When connecting to the newly spawned VM using the credentials entered in Azure Portal, I get the following message :

   The user account is currently disabled and cannot be used.

Running a Get-LocalAccount script using the "Run Command" menu of the Azure Portal I get the following output:

Name               Enabled Description                                                                                 
----               ------- -----------                                                                                                                                                                         
DefaultAccount     False   A user account managed by the system.                                                       
Guest              False   Built-in account for guest access to the computer/domain                                    
myusername         False   Built-in account for administering the computer/domain                                      
WDAGUtilityAccount False   A user account managed and used by the system for Windows Defender Application

Workaround

If I use procedure from Azure VM connection error - The user account is currently disabled and cannot be used, I'm able to unlock the user and connect to the VM via RDP.

I also try creating a new user prior to sysprepping the VM so the local admin account is renamed and disable by Azure during VM creation but the user account created remain enabled.

Image Info

OS: Windows 10 LTSC 2019

Source: Custom deployed image used by my company. It was installed with an ISO on local HyperV machine, uploaded to Azure and SysPrep from a managed disk.

WindowsAzureVmAgent version 2.7.41491.949_191001-1418 installed on the VM prior to running sysprep.

Step Taken

  • Re-enabling the account and running Sysprep again to create a new snapshot does not fix the issue
  • Renaming the local administrator account prior to Sysprep the device does not have any effect.
  • Checked the local policies and nothing look unusual.
azure windows-10 virtual-machine sysprep
Original Q&A
1

There are 1 best solutions below

0
On BEST ANSWER

Found the solution with the help of Microsoft Azure support engineer. For a VM uploaded from on premise source, you would need to add a SetupComplete2.cmd and EnableLocalAdminAccount.ps1 in C:/Windows/OEM to unlock the user account automatically upon VM creation. Strangely enough this does not appear on anywhere on Microsoft's guideline on how to migrate a on-prem VM to Azure, but the official windows image from the Marketplace do have those 2 files that are run after Sysprep.

This blog article was also very useful and points towards the creation of a SetupComplete2.cmd https://matt.kotsenas.com/posts/azure-setupcomplete2

Related Questions in AZURE

Related Questions in WINDOWS-10

Related Questions in VIRTUAL-MACHINE

Related Questions in SYSPREP

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.