Reset the local admin password the other day and I needed to find out all services that rely on the local admin account to run so no interruption would happen after the reboot. Obviously, the easiest way to find out is using PowerShell. But how?
I first tried the Get-Service cmdlet but found that it doesn’t return the value for the log-on account (service account) that runs the service. Maybe I’m missing something here…
Then, I turned my eyes to another cmdlet Get-WmiObject that seems to pull more information about the service, including the log-on account I was looking for , though it’s named as StartName as the result.
So, here is the final command I ran that list all the services that use Admin account to start.
Get-WmiObject Win32-Service -ComputerName computername | Select DisplayName, StartName | Where-Object {$_.StartName -eq "administrator"}
If you want to check for multiple servers, type in all the names after -ComputerName, separated by the comma.
We have 800+ servers….is there an option to read a text file. I’d like to automate this if possible….have it do an AD scan of all SERVERS, output to a text file and then use that text file to scan for all of the services.
I’m NOT that great at PowerShell, but other scripts I’ve used we can get a list of Servers using this:
Get-ADComputer -Filter ‘operatingsystem -like “*server*” -and enabled -eq “true”‘ `
-Properties Name,Operatingsystem,OperatingSystemVersion,IPv4Address |
Sort-Object -Property Operatingsystem |
Select-Object -Property Name,Operatingsystem,OperatingSystemVersion,IPv4Address | Export-Csv “C:\Powershell\Server-List.csv”-NoTypeInformation
Then we’d have to modify your script to read the text file….not sure how to do that!
You can probably $computers = Get-ADComputer …
And then use ForEach ($computer in $computers) to cycle through the list.