Script to determine Server 2003 services running under the domain Admin account?

shipowners
shipowners used Ask the Experts™
on
Hi,

Before changing the admin account password, I need to find which, if any, services are running on our servers under the domain Administartor account.

Does anyone know what the best way of doing this is or have a script to run?

Thanks
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Most Valuable Expert 2018
Distinguished Expert 2018
Commented:
Download DumpSec (http://www.systemtools.com/somarsoft), install the download on an XP machine, uncheck "Hyena"; then copy DumpSec.exe and the help file into the folder with the script below.
In the script, specify the path and name of an input file with the server names you want to query (one name per line), and the output file; the script will generate a comma separated file which you can import into Excel and process there.

@echo off
setlocal
:: *** (Path and) name of the file with a list of servers:
set ServerFile=test.txt
:: *** (Path and) name of the file with the comma separated results:
set ResultFile=test.csv
:: *** Accounts to search for; several accounts can be specified, separated by a space:
set FindAccounts=%UserDomain%\Administrator

set DumpsecFile=%~dpn0.tmp
if exist "%ResultFile%" del "%ResultFile%"
for /f "tokens=1" %%a in ('type "%ServerFile%"') do call :process %%a
goto :eof

:process
set Server=%~1
echo Processing %Server% ...
dumpsec /computer=\\%Server% /rpt=services /outfile=%DumpsecFile% /saveas=csv /noheader
for /f "tokens=1,5 delims=," %%a in ('type "%DumpSecFile%" ^| findstr "%FindAccounts%"') do (
  >>"%ResultFile%" echo "%Server%","%%a","%%b"
)

Open in new window

Author

Commented:
Thanks oBdA,

Is this a .vbs script?

I have followed the above instructions, but i get the following error when i try running it:

Line: 1
Char: 1
Error: Invalid Character
Code: 800A0408
Source: Microsoft VBScript compilation error

Thanks..
Most Valuable Expert 2018
Distinguished Expert 2018

Commented:
No, that's a batch script; save it as whatever.cmd
Acronis in Gartner 2019 MQ for datacenter backup

It is an honor to be featured in Gartner 2019 Magic Quadrant for Datacenter Backup and Recovery Solutions. Gartner’s MQ sets a high standard and earning a place on their grid is a great affirmation that Acronis is delivering on our mission to protect all data, apps, and systems.

Author

Commented:
Ok, thanks

sorry, it doesn't seem to be creating the .csv file..

This is what i have changed the paths to:

@echo off
setlocal
:: *** (Path and) name of the file with a list of servers:
set ServerFile="C:\Users\user\Desktop\dumpsec\test.txt"
:: *** (Path and) name of the file with the comma separated results:
set ResultFile="C:\Users\user\Desktop\dumpsec\test.csv"
:: *** Accounts to search for; several accounts can be specified, separated by a space:
set FindAccounts=%UserDomain%\Administrator

set DumpsecFile=%~dpn0.tmp
if exist "%ResultFile%" del "%ResultFile%"
for /f "tokens=1" %%a in ('type "%ServerFile%"') do call :process %%a
goto :eof

:process
set Server=%~1
echo Processing %Server% ...
dumpsec /computer=\\%Server% /rpt=services /outfile=%DumpsecFile% /saveas=csv /noheader
for /f "tokens=1,5 delims=," %%a in ('type "%DumpSecFile%" ^| findstr "%FindAccounts%"') do (
  >>"%ResultFile%" echo "%Server%","%%a","%%b"
)


it is creating the.tmp file though. Does it take some time?
Thanks again
Most Valuable Expert 2018
Distinguished Expert 2018

Commented:
What's the content of the .tmp file?
It could simply be that no services are running under the administrator account (which is how it should be).
Replace FindAccounts with this and run it again:
set FindAccounts=NetworkService
You can try to run it with plain "Administrator" as well.

Author

Commented:
Excellent solution.

Thank you
Most Valuable Expert 2018
Distinguished Expert 2018

Commented:
Oh, one more thing I just noticed if you want to use this again:
In line 19, add a "/i" after "findstr", this will ignore the case of the account name.
for /f "tokens=1,5 delims=," %%a in ('type "%DumpSecFile%" ^| findstr /i "%FindAccounts%"') do (

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial