May 08

PowerShell: Finding Those Pesky Service Accounts

In most Windows environments I’ve worked in, there is rarely any good documentation, especially documentation that tells you were service accounts are being used. This always presents a problem when you have to change the account’s password, or have to change the account all together. Getting tired of things breaking when this happens, I finally wrote a PowerShell script to go out and find these accounts.

This script connects to each machine listed in a text file or a specific Active Directory OU, and goes through each account you want to find. This is also useful to find old accounts to get rid of, or accounts that are in places they shouldn’t be. It then dumps the results in a CSV in the specified directory. It checks local Administrators group, MS SQL server if installed, Scheduled Tasks, and Services. The user account it is run under needs to have administrator rights to the machines being tested.

This requires PowerShell 4.0 or higher. Enjoy!


Leave a Reply