从自定义AMI启动具有自动登录功能的多台ec2 Windows服务器 [英] Launching multiple ec2 windows servers with auto logon from a custom AMI

问题描述

帮助！

我正在尝试创建一个Windows AMI，它在启动时(需要在短时间内短时间内启动多个[20]个活动服务器)自动登录并运行.exe应用程序(不幸的是，我无法使该应用程序运行)作为服务).另外，计算机名称必须唯一.

I am trying to create a windows ami that when launched (need multiple [20] live servers to be launched for short durations at short notice) auto logon and run an .exe application (unfortunately I can not get the app to run as a service). Also machine names must be unique.

问题在sysprep之前可以正常运行，但是当我从AMI启动实例时，由于计算机名称显然已与原始计算机映像发生了变化，因此无法登录.

Problem works fine pre sysprep, but when I launch instance from the ami it fails to logon as the machine name has obviously changed from the original machine image.

我管理它的唯一方法是不进行sysprep，进行AMI，然后在启动时登录到新计算机上，并手动更改计算机名称，并设置autologon sysinternal工具.这不是理想的选择，因为最终用户不是技术人员，并且时间限制不允许有效地执行此操作.

The only way I have managed it is to not sysprep, take an ami, then log onto the new machine when launched and manually change the machine name, and set the autologon sysinternal tool. THis is not ideal as the end user is not technical and time constraints do not allow for this action to be performed efficiently.

我精疲力尽！非常感谢您的帮助.

I am at my wits end! Your help is very much appreciated.

推荐答案

我知道这是一个非常老的问题.尽管如此，当我遇到类似的问题时，谷歌还是将我引向了这个问题.我做了以下事情来解决我的问题.

I am aware this is a very old question. Google, nonetheless, led me to this question when I faced a similar issue. I did the following to solve my issue.

• 根据自己的喜好自定义实例. AMI将使用此实例创建.

• Customize an instance to your liking. The AMI will be created using this instance.

• 创建一个具有管理员权限的新用户帐户.这是必需的，因为Sysprep \ Ec2ConfigService将重置管理员密码.将此用户添加到组Remote Desktop Users，以便您可以使用此用户帐户进行RDP.

• Create a new user account with admin privileges. This is needed as Sysprep\Ec2ConfigService will reset the Administrator password. Add this user to the group Remote Desktop Users, so you can RDP using this user account.

编辑EC2的Sysprep应答文件以启用自动登录.

Edit EC2's Sysprep answer file to enable auto-logon.

• 将以下内容附加到文件C:\Program Files\Amazon\Ec2ConfigService\sysprep2008.xml
中名为Microsoft-Windows-Shell-Setup的component节点

.

<AutoLogon>
  <Password>
    <Value>NewUser'sPassword</Value>
    <PlainText>true</PlainText>
  </Password>
  <Username>NewUser'sName</Username>
  <Enabled>true</Enabled>
  <LogonCount>999</LogonCount>
</AutoLogon>

生成的文件应类似于下面的代码片段.我已删除了此答案不需要的部分.

The resulting file should look like the snippet below. I have removed the parts not necessary for this answer.

<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
  <settings pass="oobeSystem">
    <!-- snip -->
    <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <!-- snip -->    
        <AutoLogon>
          <Password>
            <Value>NewUser'sPassword</Value>
            <PlainText>true</PlainText>
          </Password>
          <Username>NewUser'sName</Username>
          <Enabled>true</Enabled>
          <LogonCount>999</LogonCount>
        </AutoLogon>
    </component>
  </settings>
  <!-- snip -->
</unattend>

• 接下来，我们编辑EC2ConfigService设置.

  • Next we edit the EC2ConfigService settings.

    • 在文件"C:\Program Files\Amazon\Ec2ConfigService\Settings\BundleConfig.xml"中，确保SetPasswordAfterSysprep的值是Yes.
    • 在文件"C:\Program Files\Amazon\Ec2ConfigService\Settings\config.xml"中，确保state节点的插件Ec2SetPassword值为Enabled.
    • 在文件"C:\Program Files\Amazon\Ec2ConfigService\Settings\config.xml"中，确保RemoveCredentialsfromSysprepOnStartup的值为false.
    • In the file "C:\Program Files\Amazon\Ec2ConfigService\Settings\BundleConfig.xml", ensure the value for SetPasswordAfterSysprep is Yes.
    • In the file, "C:\Program Files\Amazon\Ec2ConfigService\Settings\config.xml", ensure the state node has the value Enabled for the plugin Ec2SetPassword.
    • In the file, "C:\Program Files\Amazon\Ec2ConfigService\Settings\config.xml", ensure the value for RemoveCredentialsfromSysprepOnStartup is false.

    您已经在登录时启动exe.使用相同的机制，还启动一个脚本，该脚本将从注册表中删除AutoLogonCount设置.此步骤很重要，否则在登录999(按照上述示例)后，自动登录将停止.

    You are already launching an exe on logon. Using the same mechanism, also launch a script that will delete the AutoLogonCount setting from the registry. This step is important, else after 999 (as per the example mentioned above) logins, the autologon will stop.

    .

    powershell.exe  -command { Remove-ItemProperty -Path "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\winlogon"  -Name AutoLogonCount -Force -ErrorAction 0 }
    

    • 现在我们可以启动Sysprep.使用UI或以下命令.

    .

    %ProgramFiles%\Amazon\Ec2ConfigService\ec2config.exe -sysprep
    

    使用从上述实例创建的AMI启动的任何实例都将无限期保留自动登录行为.

    Any instance launched using an AMI created from the above instance, retains the auto-logon behaviour indefinitely.

    这篇关于从自定义AMI启动具有自动登录功能的多台ec2 Windows服务器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！