All Products
Search

This Product

    Elastic Compute Service:Connect to a Windows instance by using Workbench

    Document Center

    Elastic Compute Service:Connect to a Windows instance by using Workbench

    Last Updated:Jun 25, 2026

    Workbench is a browser-based remote connection tool provided by Alibaba Cloud. You can use it to connect to a Windows instance over a private network.

    Prerequisites

    • The instance must be in the Running state and its Health Status must be Normal.

    • If you use a RAM user to connect with Workbench, that user must be granted the required permissions.

    Procedure

    1. Log on to the ECS console. At the top of the page, select a resource group and a region.

    2. After you find the target instance, click Connect. In the dialog box, click Sign in now for Workbench.

    3. On the Instance Login page of Workbench, configure the following parameters and click Log In.

      Parameter

      Description

      Instance

      Information about the current instance is automatically populated.

      Connection Method

      Select Terminal. This method connects to the instance using the Remote Desktop Protocol (RDP).

      Authentication

      Password Authentication.

      User Name

      The default username for a Windows instance is Administrator.

      Password

      If you have not set a password or have forgotten the password, you must first reset it.

      To avoid entering the username and password every time you log on, you can save the credential for future use.

      RDP Port (Optional)

      The default port for RDP connections is 3389. On the Instance Login page, you can click More Options > Port.
      After you click Log In, you may be prompted to add a security group rule. This rule is required to allow traffic from the Workbench IP address range to access the instance's RDP port, which is 3389 by default. Click Add Now to quickly configure the rule. The specific security group rule configured in the console prevails.
    Important

    A Workbench remote connection session can last for a maximum of 6 hours. If a session is idle for more than 6 hours, Workbench automatically disconnects it, and you must reconnect.

    FAQ

    How do I save a logon credential?

    To avoid entering your username and password every time you log on, you can save them as a credential for future use.

    This credential is not shared, and only the user who created it can use it to log on to the instance.
    • Save a logon credential

      When you log on to the instance, select the Save logon credential check box. After you successfully log on, the credential is saved.image

    • Log on with a credential

      When you log in to an instance and set a username, you can use the Use Credential option to log in with saved credentials.image

    How Workbench connects over a private network

    When Workbench connects to an instance using a private IP, a reverse access rule is automatically created in the instance's VPC. This establishes a secure, bidirectional communication channel. You can view or manage this rule on the image > Private Links tab.

    Default Windows instance username

    The default username for a Windows instance is Administrator.

    Initial instance password

    An instance does not have an initial password. To set a password, you can reset the password.

    Troubleshoot remote connection failures

    If you cannot remotely connect to an instance, first, use the self-service diagnostic tool to troubleshoot the issue. You can also perform a manual check based on the instructions in Troubleshoot connection issues for a Windows instance.

    1. Click to open the Diagnostics page and select the target region.

    2. Under Instance Cannot Connect, click Start Diagnosis. Follow the on-screen instructions to select the instance that has issues and click Start Diagnosis.

    3. After the diagnosis is complete, follow the on-screen instructions to resolve the issue.