-
Notifications
You must be signed in to change notification settings - Fork 1
/
serviceAccountFinderModule.ps1
86 lines (71 loc) · 3.17 KB
/
serviceAccountFinderModule.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
function Get-ServiceAccountReport {
<#
.SYNOPSIS
This function retrieve service accounts logged in a pool of computer passed as argument
.DESCRIPTION
This function retrieve service accounts logged in a pool of computer passed as argument
.PARAMETER
-dn : specify a string with the scope of the search (specify an OU or a specific computer)
-all : get every computers in the domain (not recommanded)
- input_csv : take as input a csv list of computer names to look up
.EXAMPLE
.Contributors
benoit estrade
clement LAVOILLOTTE
#>
[CmdletBinding()]
PARAM (
[parameter(Mandatory = $false, ParameterSetName = "dn")]
[String]$dn,
[parameter(Mandatory = $false, ParameterSetName = "All")]
[Switch]$All,
[parameter(Mandatory = $false, ParameterSetName = "input_csv")]
[String]$input_csv
)
BEGIN {
$path_to_file = "$(pwd)\output.csv"
$domain = Get-ADDomain | Select-Object name
TRY {
if (-not (Get-Module -Name ActiveDirectory)) { Import-Module -Name ActiveDirectory -ErrorAction Stop -ErrorVariable ErrorBeginIpmoAD }
}
CATCH {
Write-Warning -Message "[BEGIN] Something wrong happened"
IF ($ErrorBeginIpmoAD) { Write-Warning -Message "[BEGIN] Error while Importing the module Active Directory" }
$PSCmdlet.ThrowTerminatingError($_)
}
}
PROCESS {
Write-Host "Searching for services ..."
TRY {
if ($psBoundParameters['dn']) {
get-adcomputer -filter * -SearchBase $dn| % {
$c = $_
$service = Get-WmiObject "win32_service" -Filter "startname LIKE '%@%' OR startname LIKE '$domain.name\\%'" -ComputerName $c.Name
$service | % { New-Object psobject -Property @{
Computer = $c.name
Service = $_.Name
Display_Name = $_.Displayname
User = $_.StartName
} }
} | out-gridview -title "Service Accounts in your domain" -PassThru| Export-Csv $path_to_file -encoding UTF8 -NoTypeInformation
}
if ($psBoundParameters['input_csv']) {
Import-Csv input.csv | % {
$c = $_
$service = Get-WmiObject "win32_service" -Filter "startname LIKE '%@%' OR startname LIKE '$domain.name%'" -ComputerName $c.name
$service | % { New-Object psobject -Property @{
Computer = $c.name
Service = $_.Name
Display_Name = $_.Displayname
User = $_.StartName
} }
} | Export-Csv $path_to_file -encoding UTF8 -NoTypeInformation
}
Write-Host "Services found are written in $(pwd)\output.csv file"
}
CATCH {
Write-Warning -Message "[PROCESS] Something wrong happened"
$PSCmdlet.ThrowTerminatingError($_)
}
}
}