How to Change Password in a Nested RDP Session

04:14:2015

Practicing good IT security is not always convenient. It can be tedious to change passwords without a dedicated password tool, but password rotation is a necessary step.  Even though I don’t have an ideal tool for this task, I will show you how to rotate the local admin password on one of our servers.  So, let’s log in and change it!

With previous versions of Windows, this was a bit easier.  However, Server 2012 made some changes from 2008 that require additional steps since it doesn’t have “Windows Security.” From your workstation, you would remote desktop (RDP) to our Jump Box, then remote desktop to the server. Then you click on “Windows Security”:

You can still change it by going to “Computer Management” and then \Local Users and Groups\Users\ right-clicking on the administrative user and selecting “set password”:

However, Server 2012 will present a warning, as this is not the recommended way for a variety of reasons; including encrypted file system (EFS) issues. If you press CTRL+ALT+DEL as instructed, you will receive a prompt on our local workstation. If you press CTRL+ALT+END, as we’ve learned from years of RDP, you will receive a prompt on our Jump Box:

At this point, it seems you are stuck – an unintended consequence of Microsoft’s changes from Server 2008 to 2012. So how do you safely change my local admin password?

How to Change the Password in a Remote Desktop Session

Step 1:  For tablet and accessibility support, Windows includes an on-screen keyboard (OSK)! Start -> Run -> osk.exe or search for osk:

**NOTE: When you type CTRL+ALT+DEL on the OSK, it also gives a warning!

Step 2:  Hold down CTRL+ALT on your physical keyboard and click DEL on the OSK:

Step 3:  The correct “Change Password” prompt will finally appear:

This may seem more inconvenient since there is not a dedicated tool. But this method addresses the problem without having to utilize a tool, so you can secure your password quickly and move onto other tasks.

Credit for this post should be shared with friend of SealingTech, Tony Pimenta.

Related Articles

Computational Fluid Dynamics within SealingTech Servers

–  By Austin McAlexander SealingTech is proud to provide our customers and mission partners with industry leading carry-on compliant server hardware while maintaining the performance characteristics of traditional data center…

Learn More

The Importance of Compliance in Cybersecurity

More than ever, cybersecurity, as an industry and as a field, has been growing exponentially in terms of the workforce and reach. From commercial and conglomerate entities such as banks,…

Learn More

DCO: Do You Know What Your Network Security Systems are Looking For?

Over the past 3 years, I have been supporting Defensive Cyber Operations (DCO) capabilities for various Department of Defense (DoD) customers, along with an additional 7 years within Network Security…

Learn More

Sign Up for Our Newsletter

Get all the recent SealingTech news and updates right to your inbox monthly.