asked on

trying to find a way to locate all the instances of where a service account is running before i change the password

I need to clean up my domain from accounts that have older than 90 days password age. But i don't want to just change passwords without knowing where all these accounts reside on the domain and whether or not i may need to fat finger these accounts if required. In dire need of a solution. Scripting, command line or Power shell, I'm sure would do that trick. Thank you so much.

ASKER CERTIFIED SOLUTION

netcmh

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Joseph Daly

I used to use a tool from digital labs called locate user that was great for this. Basically you pick a user in your domain and it scans all computers for logon sessions.

The company went out of business in 2010 but you can still grab the download from the web.archive.org site.

http://web.archive.org/web/20081225122046/http://www.digitallabs.net/lu/default.htm

Obviously the company has gone out of business so no support is available.

mikeyd234

Only way i can think of doing this would be to scan all of the servers on the domain for active sessions running under that service account.

Did something similar to above in powershell, would overnight, every-night scan the domain for sessions and log the account name and server/computer name it's running on in a SQL table.

This wouldn't work for apps that run once then quit though as the session would be terminated.

But if it helps i can dig out the powershell script? Then perhaps you can mix it with what was suggested about get-services

McKnife

Hi.

You will like this free tool that will show you for your whole domain where tasks and/or services run as certain users: http://www.cjwdev.co.uk/Software/ServiceCredMan/Download.html

netcmh

Thanks for the grade. Good luck.