1. Support
  2. Tutorials
  3. Scope Action – How to locate servers that are using a specific service account

Scope Action – How to locate servers that are using a specific service account

This tutorial will demonstrate how to locate if a specific account is being used as a service account on your servers. This may be required when an IT audit is being performed or when a service account is being locked out due to a bad password stored in a service configuration.

Disclaimer:

**These tutorials are for demonstration purposes. Please test all Scope Actions before deploying them into production.**

Tutorial

This Scope Action will create a report that will list the server, service name and Log On As attribute of the service. Using this same scope action, several actions can be taken.
This Scope Action can also be modified to reset the password on all of the service instances or it can be used to change the Log On As attribute all together.

Reporting on the Log On As attribute

Step 1 – Starting a new Scope Action

Go to the Global Management via Scope Action console and create a new scope action with the desired name and scope. If you have never created a Scope Action before, please refer to the below video and the Scope Action Creation Basics article for more information.

Step 2 – Configuring the Action Module for the report

Add the following report items to your Action Module.

Add \ Remove –> Report Computer Property –> Services –> Software Services –> Display Name
Add \ Remove –> Report Computer Property –> Services –> Software Services –> Log On As

Add the following conditions using the “Only if the following is true” section.

Add \ Remove –> Set Computer Condition –> Services –> Software Services –> Log On As
The Condition should be “=”
Double click the Desired Value field and enter the Domain\Username of the service account that is being searched for.

This is what the action module should look like when all options are selected.

This Action Module will produce a report like this.

Changing the service account or password on all of your servers

Use the following action module to change the password where the service account is configured.

Step 1 – Configuring the Action Module

Add the following action items to your Action Module.

Add \ Remove –> Execute Computer Action –> Services –> Set Logon As

Set the following Arguments

Service Name: *NOTE: This must be the service name NOT the DISPLAY NAME.
Account Name: *This should be in DOMAIN\USERNAME format
Password: Account password

This is what the action module should look like when all options are selected.

Was this article helpful?

Related Articles