I have a requirement to find and track a 1 AD account wherever it is being used across the network as a service account.
How can i achieve this thing. Can DC event viewer provide me such information.
I have a requirement to find and track a 1 AD account wherever it is being used across the network as a service account.
How can i achieve this thing. Can DC event viewer provide me such information.
This can be somewhat of a challenge, but should be doable, one way would be to parse the Security event-log on every domain-joined machine by looking for logins by that domain service account.
Check the older forum threads below that discuss the same topic:
If the reply was helpful please don't forget to upvote and/or accept as answer, thank you!
Best regards,
Leon
Hi,
Thank you for posting in our forum.
I think you can try to use the script method, and you can also refer to the method in the link
To get list of services using a particular account you can do:
Get-WmiObject "win32_service" -Filter "StartName='domain\\user'"
To change the password for these, you can do:
Get-WmiObject "win32_service" -Filter "StartName='domain\\user'" |
%{$.StopService();$.Change($null,$null,$null,$null,$null,$null,$null,"blah");}
https://devblogs.microsoft.com/scripting/the-scripting-wife-uses-powershell-to-find-service-accounts/
Hope this information can help you
Best wishes
Vicky
6 people are following this question.