I'm having trouble when creating a VM in Microsoft Azure using a custom windows image.
When connecting to the newly spawned VM using the credentials entered in Azure Portal, I get the following message :
The user account is currently disabled and cannot be used.
Running a Get-LocalAccount script using the "Run Command" menu of the Azure Portal I get the following output:
Name Enabled Description
---- ------- -----------
DefaultAccount False A user account managed by the system.
Guest False Built-in account for guest access to the computer/domain
myusername False Built-in account for administering the computer/domain
WDAGUtilityAccount False A user account managed and used by the system for Windows Defender Application
If I use procedure from Azure VM connection error - The user account is currently disabled and cannot be used, I'm able to unlock the user and connect to the VM via RDP.
I also try creating a new user prior to sysprepping the VM so the local admin account is renamed and disable by Azure during VM creation but the user account created remain enabled.
OS: Windows 10 LTSC 2019
Source: Custom deployed image used by my company. It was installed with an ISO on local HyperV machine, uploaded to Azure and SysPrep from a managed disk.
WindowsAzureVmAgent version 2.7.41491.949_191001-1418 installed on the VM prior to running sysprep.
Found the solution with the help of Microsoft Azure support engineer. For a VM uploaded from on premise source, you would need to add a SetupComplete2.cmd and EnableLocalAdminAccount.ps1 in C:/Windows/OEM to unlock the user account automatically upon VM creation. Strangely enough this does not appear on anywhere on Microsoft's guideline on how to migrate a on-prem VM to Azure, but the official windows image from the Marketplace do have those 2 files that are run after Sysprep.
This blog article was also very useful and points towards the creation of a SetupComplete2.cmd https://matt.kotsenas.com/posts/azure-setupcomplete2