If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.
Course Of The Month
5 days, 16 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
many domain users as service accounts - not documented
Posted on 2016-10-11
Hi experts,
at a costumer i have a little AD mess.
Many domain admin accounts are used as service accounts on productive systems - that was never documented.
So, as i want to reduce the amount of domain admins i need to get a report where domain accounts are used as service accounts.
My idea was to use msinfo32.exe, build a little script which i can distribute via. SCCM, baramundi or something else to get that informations.
Has somebody done this bevor to get dedicated information from msinfo32?
Or are there other ways to get the service accounts?
Best Regards
Thomas
at a costumer i have a little AD mess.
Many domain admin accounts are used as service accounts on productive systems - that was never documented.
So, as i want to reduce the amount of domain admins i need to get a report where domain accounts are used as service accounts.
My idea was to use msinfo32.exe, build a little script which i can distribute via. SCCM, baramundi or something else to get that informations.
Has somebody done this bevor to get dedicated information from msinfo32?
Or are there other ways to get the service accounts?
Best Regards
Thomas
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2 Comments
Active 2 days ago
Domain admin accounts!? That is an incredibly silly idea.
Please change that as soon as possible.
I can offer a link to a freeware that lists scheduled tasks and services domain wide together with the accounts that are used for those: http://www.cjwdev.com/Software/ServiceCredMan/Info.html
Please change that as soon as possible.
I can offer a link to a freeware that lists scheduled tasks and services domain wide together with the accounts that are used for those: http://www.cjwdev.com/Software/ServiceCredMan/Info.html
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Suggested Solutions
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This Micro Tutorial hows how you can integrate Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease.
The following video show how to bind OSX Mavericks to …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses
Course of the Month5 days, 16 hours left to enroll
734 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.