Service Account information

  • Thread starter Thread starter Patrick Blanche
  • Start date Start date
P

Patrick Blanche

I am trying to secure our large corporate lan, and am having an issue with
the large number of service accounts that have special logon accounts
associated with them, is there any way to tell on a selected DC in my W2k
Domain what services are running under what accounts, and with what
privelages, instead of manually trawling the data by hand.

Thanks.

Patrick B
Sr. Network Administrator,
HBA@A2
 
Dear Patrick,

Thank you for your posting.

According to your post, you want to associate logon accounts with service
accounts in W2K domain.

If I have misunderstood your concern please don't hesitate to let me know.

1. Would you please confirm with me whether the service accounts are from
SQL, SMS, Exchange or any other program?

2. Based on my research, Windows 2000 does not have any tool or user-mode
mechanism to list service accounts and privileges corresponding with logon
accounts. However, once we know what the specific product service accounts
belong to, I will perform further analysis to try to find a workaround.

Sincerely,

Seaver Ren

Product Support Services
Microsoft Corporation

This posting is provided "AS IS" with no warranties, and confers no rights
Get Secure! - www.microsoft.com/security
 
Hey Patrick,

If you are just looking to quickly enumerate the security context services are running under on NT/W2K/W2K3 Servers go
grab svcutil off the free c++ win32 tools page of www.joeware.net. There is a viewx option to list the services, their
state, and what ID they are running under...

F:\Dev\cpp\SvcUtil>svcutil \\w2kasdc1\. viewx

SvcUtil V02.03.00cpp Joe Richards ([email protected]) May 2003

-------------------------------------------------
Service list for w2kasdc1
-------------------------------------------------
Alerter Alerter stopped DISABLED LocalSystem
AppMgmt Application Management stopped MANUAL LocalSystem
BITS Background Intelligent Transfer Service stopped MANUAL LocalSystem
Browser Computer Browser stopped DISABLED LocalSystem
cisvc Indexing Service stopped MANUAL LocalSystem
ClipSrv ClipBook stopped MANUAL LocalSystem
Dfs Distributed File System running AUTO LocalSystem
Dhcp DHCP Client stopped MANUAL LocalSystem
DHCPServer DHCP Server running AUTO LocalSystem
Diskeeper Diskeeper running AUTO LocalSystem
dmadmin Logical Disk Manager Administrative Servic stopped MANUAL LocalSystem
dmserver Logical Disk Manager running AUTO LocalSystem
DNS DNS Server running AUTO LocalSystem
Dnscache DNS Client stopped DISABLED LocalSystem
Eventlog Event Log running AUTO LocalSystem
EventSystem COM+ Event System running MANUAL LocalSystem
 
Back
Top