Windows Service Accounts Inventory

You have a list of service account names and a list of server names.  You need to know which service account is used in which server.  You can logon to each server and go through the Services MMC if there are not too many servers and service accounts.  However, if you have too many servers or service accounts to check, the following vbscript might be of a little help.

You can download a copy of this vbscript from http://www.mediafire.com/?jfh5w4774w6ayru.

On Error Resume Next Const ForReading = 1 Set objFSO = CreateObject("Scripting.FileSystemObject") 'Open the servers.txt containing the server names for reading Set objServersFile = objFSO.OpenTextFile("servers.txt", ForReading) 'The results will be written to SvcAcctServers.txt strFileName = "SvcAcctServers.txt" Set objResultFile = objFSO.OpenTextFile(strFileName, 8, True, 0) objResultFile.WriteLine "Server Name" + vbTab + "Service Account" + vbTab + "Service Name" 'Loop through all the server names in the servers.txt file Do Until objServersFile.AtEndOfStream     strServerName = objServersFile.Readline         Wscript.Echo "Connecting to " + strServerName         'For each server, connect to the \root\cimv2 WMI namespace     Set objWMIService = GetObject("winmgmts:" _         & "{impersonationLevel=impersonate}!\\" & strServerName & "\root\cimv2")     'Catch the error connecting to the WMI namespace     If Err.Number <> 0 Then         objResultFile.WriteLine strServerName + vbTab + "Error Connecting" + vbTab + "Error"         Err.Clear     Else         'Open the services.txt file containing all the service accounts for reading         Set objServiceAcctsFile = objFSO.OpenTextFile("services.txt", ForReading)         Wscript.Echo "Checking " + strServerName + "..."         'Loop through the services.txt file         Do Until objServiceAcctsFile.AtEndOfStream             strServiceName = objServiceAcctsFile.Readline                         'Get all the Windows services on the server by quering the win32_Service class             Set colServices = objWMIService.ExecQuery _                 ("Select * from win32_Service")             'Loop through all the Windows services             For each objService in colServices                 'If the service account name of the Windows Service matched the service account name in the services.txt                 If InStr(1,objService.StartName, strServiceName , 1) > 0 Then                         objResultFile.WriteLine strServerName + vbTab + strServiceName + vbTab + objService.Name                 End If             Next                Loop     End If     'Clean up     objServiceAcctsFile.Close Loop 'Clean up objResultFile.Close objServersFile.Close

You need to two input files to run this script.  The first file is servers.txt which contains the name of all your servers.  The second file is services.txt which contains the name of all the service accounts.

Example of servers.txt and services.txt:

servers.txt	services.txt
deServer1 deServer2 deServer3 deServer4 deServer5 deServer6 deServer7 deServer8	ArcSvc AppsSvc BackupSvc MSSQLSvc SOClusterSvc SOMSSQLSvc SFClusterSvc SFMSSQLSvc

From the command prompt, run the vbscript using cscript.exe.  Make sure that the command prompt is open using an account that has administrative access to the server because the script impersonate the account to connect to the server.

C:\scripts\Services>cscript ServiceAcctsInventory.vbs Microsoft (R) Windows Script Host Version 5.8 Copyright (C) Microsoft Corporation. All rights reserved. Connecting to deServer1 Checking deServer1... Connecting to deServer2 Checking deServer2... Connecting to deServer3 Checking deServer3... Connecting to deServer4 Checking deServer4... Connecting to deServer5 Connecting to deServer6 Checking deServer6... Connecting to deServer7 Checking deServer7... Connecting to deServer8 Checking deServer8... C:\scripts\Services>

The results will be written to SvcAcctServers.txt which is tab delimited.  Below is a sample of the results opened in Excel.

Server Name	Service Account	Service Name
deServer1	ArcSvc	AMS
deServer1	ArcSvc	MMS
deServer1	ArcSvc	StorageNode
deServer3	MSSQLSvc	MSSQLSERVER
deServer3	MSSQLSvc	SQLSERVERAGENT
deServer3	SFClusterSvc	ClusSvc
deServer3	SFMSSQLSvc	MSSQLSERVER
deServer3	SFMSSQLSvc	SQLSERVERAGENT
deServer5	Error Connecting	Error
deServer7	BackupSvc	BackupExecAgentBrowser
deServer7	BackupSvc	BackupExecDeviceMediaService
deServer7	BackupSvc	BackupExecJobEngine
deServer7	BackupSvc	BackupExecManagementService
deServer7	BackupSvc	BackupExecRPCService

deserver2, deserver4, deserver6 and deserver8 do not use any of the service accounts to run its Windows Services so they do not appear in the results.  There is an error connecting to deServer5 and it is most likely caused by permission issues, WMI service not working or non Windows systems.