Default Domain Admin Password Change
I'm in the process of creating a plan to change the defautl domain administrators password. I know that applications installed under this account may have applied it to it's services. My question is, is there and easier way then going throu every servers services to see what account they are using prior to changing the domain admin password? Thank you in advance for any help.
July 23rd, 2007 7:12pm

Hi, here is one way to do it with .NET. The example is written in C# and shows a clear lack of error handling, it does however work and hopefully it can after some minor modifications help you out. The code has been tested on a DC runningWindows Server 2008 (beta 3). The code snippet button and me are not friends it seems since it keeps screwing up the layout of the code. Sorry about that. Code Snippet using System; using System.DirectoryServices; using System.Management; namespace FindService { class Program { static void Main(string[] args) { string serviceAccountName = @"DEMODOM\administrator"; // <- user too look for GetServices(GetComputers(), serviceAccountName); } /// <summary> /// Gets all computers with their respective dns names from Active Directory /// Clearly this will be slight overkill so you will probably want to limit /// the scope of this search somewhat. Another option would be to read the hostnames from a textfile /// </summary> /// <returns></returns> private static SearchResultCollection GetComputers() { DirectorySearcher ds = new DirectorySearcher(new DirectoryEntry("LDAP://DC=demodom,DC=local")); //Change this ds.Filter = "(objectClass=Computer)"; ds.PropertiesToLoad.Add("dNSHostName"); return ds.FindAll(); } /// <summary> /// Gets all services on all hosts contained in the search result from Active Directory. /// If the service account matches the one we are looking for it prints out the name of the service and the associated service account. /// </summary> /// <param name="computers"></param> /// <param name="serviceAccountName"></param> private static void GetServices(SearchResultCollection computers, string serviceAccountName) { foreach (SearchResult computer in computers) { string dNSHostName = computer.Properties["dNSHostName"][0].ToString(); ManagementScope scope = new ManagementScope(); scope.Path.RelativePath = "root\\CIMV2"; scope.Path.Server = dNSHostName; ObjectQuery query = new ObjectQuery("SELECT displayName, startName FROM Win32_Service"); //The WMI query ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, query); Console.WriteLine(string.Format("-[{0}]------", dNSHostName)); foreach (ManagementObject service in searcher.Get()) { string startName = service.Properties["startName"].Value.ToString().ToLower(); //startName contains the name of the account running the service if (startName.Equals(serviceAccountName.ToLower())) { Console.WriteLine(string.Format("{0}: {1}", service.Properties["displayName"].Value, service.Properties["startName"].Value)); } } } } } } /Fredrik
Free Windows Admin Tool Kit Click here and download it now
July 25th, 2007 12:59am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics