I think we all had that experience where we suddenly couldn’t use Remote Desktop Services (RDP) to access our Windows Server anymore. Luckily, if this happens to an Azure virtual machine (VM), we can use the VMAccess extension to reset the RDP configuration as well as the password of the Azure VM. You can reset the RDP configuration or the Azure virtual machine password using the Azure portal or Azure PowerShell.
Reset the administrator password of an Azure VM 🔓
To reset the password of an Azure VM, you can use the Azure portal or Azure PowerShell. If you take the portal path, log in to the Azure portal, go to the Azure VM, you want to reset the password. Under Support + Troubleshooting, click on Reset Password, and follow to the Reset Password wizard to update the credentials. Note that this is not supported for Active Directory Domain Controllers.
If you want to use Azure PowerShell, you can run the following commands:
$SubID = "SUBID" $RgName = "RESOURCE GROUP NAME" $VmName = "VM NAME" $Location = "LOCATION" Connect-AzAccount Select-AzSubscription -SubscriptionId $SubID Set-AzVMAccessExtension -ResourceGroupName $RgName -Location $Location -VMName $VmName -Credential (get-credential) -typeHandlerVersion "2.0" -Name VMAccessAgent
This should help you to reset the password of an Azure Virtual Machine (VM) if you lost access to it. If you want to know more, read the following troubleshooting article on Microsoft Docs.
Reset RDP configuration 👩💻
If you can access your Azure Virtual Machine using RDP, you can reset the configuration, and this will enable Remote Desktop service in the VM and create a firewall rule for the default RDP port 3389. To reset the Remote Desktop Service (RDP) configuration, you again login to the Azure portal, select the virtual machine you want to reset the RDP configuration. Under Support + Troubleshooting, click on Reset Password, on the new blade select Reset configuration only, and click on update.
There is also an Azure PowerShell command available to do this:
$SubID = "SUBSCRIPTION ID" $RgName = "RESOURCE GROUP NAME" $VmName = "VM NAME" $Location = "LOCATION" Connect-AzAccount Select-AzSubscription -SubscriptionId $SubID Set-AzVMAccessExtension -ResourceGroupName $RgName" -VMName $VmName" -Name "myVMAccess" -Location $Location -typeHandlerVersion "2.0" -ForceRerun
I hope this gives you an overview of how you can Reset your Remote Desktop Service of an Azure Virtual Machine (VM) if you lost access to it. If you want to know more, read the following troubleshooting article on Microsoft Docs. You can also use Azure PowerShell in Cloud Shell.
If you want to know more about how you migrate your virtual machines to Azure, check out my blog post about Azure Migrate.
Tags: Azure, Azure IaaS, Azure PowerShell, Azure VM, IaaS, Microsoft, Microsoft Azure, password, PowerShell, RDP, Remote Desktop, Remote Desktop Services, reset, Virtual Machine, VM Last modified: December 5, 2019
Thanks for sharing , really very helpful information.
-Name “myVMAccess” ?? Can this be any entry?
Found it –
If you enter a different name than the current local administrator account on your VM, the VMAccess extension will add a local administrator account with that name, and assign your specified password to that account. If the local administrator account on your VM exists, the VMAccess extension will reset the password. If the account is disabled, the VMAccess extension will enable it.
Reset remote access to your VM with the Set-AzVMAccessExtension PowerShell cmdlet. The following example resets the access extension named myVMAccess on the VM named myVM in the myResourceGroup resource group:
Set-AzVMAccessExtension -ResourceGroupName “myResoureGroup” -VMName “myVM” -Name “myVMAccess” -Location WestUS -typeHandlerVersion “2.0” -ForceRerun
Thank you Thomas! I was not aware of this feature.
And if you forgot the username > Run Command > Get-LocalUser
Run Command > RunPowershellScript > Get-LocalUser
Run Command > RunPowershellScript >
$password = ConvertTo-SecureString “taking care of something” -AsPlainText -Force
$UserAccount = Get-LocalUser -Name “user”
$UserAccount | Set-LocalUser -Password $Password