1. Home
  2. IT Process Automation Tutorials
  3. Process Automation – Detect servers using a specific service account

Process Automation – Detect servers using a specific service account

This tutorial will showcase how to detect whether a specific account is a service account logged into a server with the Goverlan Reach’s Process Automation framework. This may be useful for an IT audit of accounts or when a service account is being locked out due to a bad password stored in a service configuration.

Disclaimer:

**These tutorials are for demonstration purposes. Please test all Scope Actions before deploying them into production.**

Tutorial

This process automation workflow creates a report that lists the servers, service name and Log On As attribute of the service. Using this same workflow, several actions can be taken.
This Scope Action can also be modified to reset the password on all of the service instances or it can be used to change the Log On As attribute altogether.

Reporting on the Log On As attribute

Step 1 – Starting a new Scope Action

Go to the Global Management via Scope Action console and create a new scope action with the desired name and scope. If you have never created a Scope Action before, please refer to the below video and the Scope Action Creation Basics article for more information.

Step 2 – Configuring the Action Module for the report

Add the following report items to your Action Module.

Add \ Remove –> Report Computer Property –> Services –> Software Services –> Display Name
Add \ Remove –> Report Computer Property –> Services –> Software Services –> Log On As

Add the following conditions using the “Only if the following is true” section.

Add \ Remove –> Set Computer Condition –> Services –> Software Services –> Log On As
The Condition should be “=”
Double click the Desired Value field and enter the Domain\Username of the service account that is being searched for.

This is what the action module should look like when all options are selected.

This Action Module will produce a report like this.

Changing the service account or password on all of your servers

Use the following action module to change the password where the service account is configured.

Step 1 – Configuring the Action Module

Add the following action items to your Action Module.

Add \ Remove –> Execute Computer Action –> Services –> Set Logon As

Set the following Arguments

Service Name: *NOTE: This must be the service name NOT the DISPLAY NAME.
Account Name: *This should be in DOMAIN\USERNAME format
Password: Account password

This is what the action module should look like when all options are selected.

Was this article helpful?

Related Articles