I swear Dean previously posted a script to this list to go looking for machine's using a specific account for one of their services.
Other than that, I recommend you spin up at least one other ID, then start moving services/applications to it. That way when you think you got them all you can disable the account and see what breaks. Overall I am not a terrible fan of a single ID being shared by people or applications. All acocuntability goes straight out the window. As for the ID being a domain admin ID... Well that is just ridiculous and highlights some of the conversations on the list recently. Good luck cleaning it all up. joe -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of AdamT Sent: Tuesday, June 27, 2006 12:22 PM To: [email protected] Subject: [ActiveDir] Where's that account being used? Dear fountain of knowledge, We've inherited a particularly messy AD structure, and we're now trying to find out where a particular account is in use. There's around 80 servers in the domain and 3000 workstations, and this account appears to be used for pretty much anything that wants to log on as a service, or anyone who wants domain admin privs. Is there any kind of audit utility to scan servers and see which services are using the account, and ideally - any kind of monitoring package to flag up an alert each time the account is used to, say, map a drive or connect to a SQL db? -- AdamT "A casual stroll through the lunatic asylum shows that faith does not prove anything." - Nietzsche List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
