Enclosed is a shell script (2000 or later) I wrote some time ago for a
customer with a similar (if not identical) requirement. It depends upon a
few Windows-commonplace binaries which it will inform you of in the event of
their absence or the lack of a suitable path.
NOTE - File extension of enclosed file should be changed to .CMD or .BAT
Dean
--
Dean Wells
MSEtechnology
* Tel: +1 (954) 501-4307
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of joe
Sent: Monday, March 29, 2004 7:11 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Services script
Well for a one off machine I would do something like
svcutil \\servername\. viewx |grep -i userid
Or if you don't have grep
svcutil \\servername\. viewx |findstr -i userid
Svcutil is on www.joeware.net.
F:\DEV\cpp\SvcUtil>svcutil \\.\. viewx |grep -i localservice
File STDIN:
Alerter Alerter stopped
MANUAL NT AUTHORITY\LocalService
ALG Application Layer Gateway Service stopped
MANUAL NT AUTHORITY\LocalService
LmHosts TCP/IP NetBIOS Helper running
AUTO NT AUTHORITY\LocalService
RemoteRegistry Remote Registry running
AUTO NT AUTHORITY\LocalService
SCardDrv Smart Card Helper stopped
MANUAL NT AUTHORITY\LocalService
SCardSvr Smart Card running
AUTO NT AUTHORITY\LocalService
SSDPSRV SSDP Discovery Service running
MANUAL NT AUTHORITY\LocalService
upnphost Universal Plug and Play Device Host stopped
MANUAL NT AUTHORITY\LocalService
UPS Uninterruptible Power Supply stopped
MANUAL NT AUTHORITY\LocalService
WebClient WebClient running
AUTO NT AUTHORITY\LocalService
Taking that and looping it in perl or batch shouldn't be overwhelming. Hard
part would be generating list of machines you want to run it against but if
you have them all in AD that should also not be too bad.
-------------
http://www.joeware.net (download joeware)
http://www.cafeshops.com/joewarenet (wear joeware)
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom
Sent: Monday, March 29, 2004 11:38 AM
To: ActiveDir (E-mail)
Subject: [ActiveDir] Services script
Is there a vb or perl script I can run on my network to enumerate all the
services that run under a specfic account on my servers?
I'm running a win2k AD network.
Thanks alot
List info : http://www.activedir.org/mail_list.htm
List FAQ : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/mail_list.htm
List FAQ : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
:: SVCcontent - Queries and list all services on all servers within a specified domain
running within a specified security context
:: Dean Wells - MSEtechnology - Sept. 2002
@echo off
setlocal ENABLEDELAYEDEXPANSION
:: Begin script body
echo/
:: Define initial environment
set fqdn=%1
set dn=dc=%fqdn:.=,dc=%
set principal=%2
set scriptname=SVCcontext
set log=%TEMP%\%scriptname%.log
set stdout=nul
set stderr=nul
set found=0
:: Determine if supplied arguments were sufficient
if "%2"=="" (
echo ERROR - Insufficient arguments, "%*"
goto :SYNTAX
)
:: Define extreme SC query buffer to cope with unfamiliar environments
set bufsize=50000
:: Locate critical executables
for %%e in (find.exe sc.exe ldifde.exe) do (
set where="%%~$PATH:e"
if "!where!"=="""" (
echo ERROR - Required executable, "%%e", not located within the path
goto :END
)
)
:: Cleanup existing temporary/log files and prepare log header
del %TEMP%\servers.log 1>%stdout% 2>%stderr%
del %log% 1>%stdout% 2>%stderr%
echo %scriptname% log, "%log%" - >>%log%
echo * created by "%USERNAME%" at "%TIME%" on "%DATE%">>%log%
echo * servers in domain "%fqdn%" queried>>%log%
echo * queried for match or partial match on "%principal%" >>%log%
echo/ >>%log%
echo [[BEGIN LOG]] >>%log%
echo/ >>%log%
:: Determine servers to query
ldifde -j %TEMP% -s %fqdn% -d %dn% -r (objectClass=computer) -l dnshostname -f
%TEMP%\servers.log 1>%stderr% 2>%stderr%
if errorlevel 1 (
echo ERROR - LDAP query failed enumerating server list
goto :SYNTAX
)
:: Prepare display
echo STATUS - Working ...
echo/
:: Parse the servers
for /f "tokens=2 delims=: " %%h in ('type %TEMP%\servers.log ^| find /i "dnshostname:
"') do (
call :GETSVCS %%h
)
:: Clean up display and display log
if "%found%"=="1" (
echo/ >>%log%
echo/
echo STATUS - Done^^!
start "" notepad %log%
) else (
echo STATUS - No services located
echo * Queried domain "%fqdn%"
echo * Queried for match or partial match on "%principal%"
)
echo [[END LOG]] >>%log%
:: Script body ends
goto :END
:: Define functions and procedures
:GETSVCS
for /f "tokens=2 delims=: " %%s in ('sc \\%1 query state^= all bufsize^= %bufsize% ^|
find "SERVICE_NAME"') do (
call :QUERYSVCS %1 %%s
)
goto :EOF
:QUERYSVCS
for /f "tokens=2 delims=: " %%p in ('sc \\%1 qc %2 ^| find "SERVICE_START_NAME"') do (
echo %%p | find /i "%principal%" 1>%stderr% 2>%stderr%
if not errorlevel 1 (
set found=1
echo + SERVICE %2, SERVER %1, CONTEXT %%p
echo + SERVICE %2 on SERVER %1 runs in the context of %%p >>%log%
)
)
goto :EOF
:SYNTAX
echo/
echo SYNTAX - %scriptname% [domain FQDN] [username]
echo/
echo * [domain FQDN] is the DNS domain name to query for servers
echo * [username] is the name or partial name of the service account
echo/
echo e.g. - %scriptname% microsoft.com Administrator
echo or ...
echo e.g. - %scriptname% microsoft.com MICROSOFT\Admin
echo/
:: End script and perform necessary cleanup
:END
del %TEMP%\servers.log 1>%stderr% 2>%stderr%
