8

I was under the impression that once you joined a domain that the local admin account would be disabled. I did the following in Azure:

  1. Created Windows Server 2012 R2 instance and promoted to domain controller.
  2. Created SQL Server 2012 SP1 on Windows Server 2012 database instance and joined domain.

On my Windows 7 box with Remote Desktop 6.2.9200 (RDP Protcol 8.0), I could not RDP to my boxes without using the domain admin account I had created. In other words, I was under the impression that the local admin account had been deactivated.

On my Mac however, using the RDP client from the app store, I was able to login with the local admin account with no issues. I also noticed that I could RDP from an older RDP client on another Win7 box.

Any ideas?

user3357018
  • 83
  • 1
  • 1
  • 3

3 Answers3

18

Were you qualifying the username you entered with the local machine name? If not, it's likely Windows was assuming you were attempting to login as the administrator account for the domain instead of the local system.

In order to explicitly tell Windows that you want to login with the local administrator account you either need to qualify the username using the computer name like MYCOMPUTER\administrator or you can use the "dot notation" like this .\administrator. The dot is an alias that Windows recognizes as the local computer.

Ryan Bolger
  • 16,755
  • 4
  • 42
  • 64
5

The only time the local account is "disabled" is when a server is promoted to a Domain Controller.

Dacid Salin
  • 204
  • 4
  • 12
2

Joining a domain does not automatically disable any local accounts - including the built-in admin account. If logging in didn't work from one system but worked from all others, the only reasonable conclusion is that you made an error (typo, etc) from the first box you tried.

MDMarra
  • 100,734
  • 32
  • 197
  • 329