vbscript
sethayes
·
Get-ServiceAccount
·
VBScript
·
Total Size: 5.16 KB
·
·
Created: 5 years ago
·
Edited: 5 years ago
strSearchFor = "administrator,svc-acct"
strExclude = "server1,OU=Computers"
Dim rootDSE, domainObject
Set rootDSE = GetObject("LDAP://RootDSE")
domainContainer = rootDSE.Get("defaultNamingContext")
Set domainObject = GetObject("LDAP://" & domainContainer)
Set fs = CreateObject ("Scripting.FileSystemObject")
Set resFile = fs.CreateTextFile (".\Results.csv")
resFile.WriteLine "Computer,Service Type,Name,State,Run As"
arrSearchFor = Split(strSearchFor, ",")
arrExclude = Split(strExclude, ",")
Dim arrTextLine(9)
const crlf="<BR>"
Set objExplorer = WScript.CreateObject("InternetExplorer.Application")
objExplorer.Navigate "about:blank"
objExplorer.ToolBar = 0
objExplorer.StatusBar = 0
objExplorer.Width = 400
objExplorer.Height = 300
objExplorer.Left = 100
objExplorer.Top = 100
Do While (objExplorer.Busy)
Wscript.Sleep 200
Loop
objExplorer.Visible = 1
scanComputers(domainObject)
strNull = MsgBox("Scan completed, check the results.csv file in this directory for the output of this script",vbOK,"Scan Completed")
Wscript.Quit
Sub scanComputers(oObject)
Dim oComputer
For Each oComputer in oObject
Select Case oComputer.Class
Case "computer"
bFound = False
For x = 0 to UBound(arrExclude)
'wscript.echo oComputer.distinguishedName & ":" & arrExclude(x)
If InStr(UCase(oComputer.distinguishedName), Trim(UCase(arrExclude(x)))) > 0 Then
bFound = True
End If
Next
If bFound = False Then
bPing = Ping(oComputer.cn)
If bPing = True Then
scanTasks(oComputer.cn)
scanServices(oComputer.cn)
End If
End If
Case "organizationalUnit" , "container"
scanComputers(oComputer)
End select
Next
End Sub
Sub scanTasks(strComputer)
progressText strComputer,"Scanning Scheduled Tasks for"
Set oShell = CreateObject("WScript.Shell")
strPath = fs.GetParentFolderName(wscript.ScriptFullName)
strReturn = oShell.Run("cmd /c schtasks.exe /Query /S " & strComputer & " /v /fo csv > " & strPath & "\task.txt", 2, true)
Set oShell = Nothing
If Not fs.FileExists(".\task.txt") Then
Exit Sub
End If
Set getFile = fs.OpenTextFile(".\task.txt")
If getFile.AtEndOfStream Then
Exit Sub
End If
strLine = getFile.ReadLine
If strLine = "" or IsNull(strLine) then
strLine = getFile.ReadLine
End If
If Left(strLine, 1) = chr(34) Then
Do Until getFile.AtEndOfStream
strLine = getFile.ReadLine
arrLine = Split(strLine, chr(34) & "," & chr(34))
strAs = arrLine(18)
bFound = False
For x = 0 to UBound(arrSearchFor)
If InStr(UCase(strAs), Trim(UCase(arrSearchFor(x)))) > 0 Then
bFound = True
End If
Next
If bFound = True Then
strName = arrLine(1)
strTask = arrLine(8)
strState = arrLine(11)
resFile.WriteLine strComputer & ",Scheduled Task," & strName & "," & strState & "," & strAs
End If
Loop
End If
End Sub
Sub scanServices(strComputer)
progressText strComputer,"Scanning Services for"
On Error Resume Next
Err.Clear
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
If Err.Number <> 0 Then
'wscript.echo Err.Number
Exit Sub
End If
Set colListOfServices = objWMIService.ExecQuery("Select * from Win32_Service")
If Err.Number <> 0 Then
'wscript.echo Err.Number
Exit Sub
End If
For Each objService in colListOfServices
bFound = False
For x = 0 to UBound(arrSearchFor)
If InStr(UCase(objService.StartName), Trim(Ucase(arrSearchFor(x)))) > 0 Then
bFound = True
End If
Next
If bFound = True Then
If objService.Started = True Then
strState = "Started"
Else
strState = "Not Running"
End If
strState = objService.StartMode & "/" & strState
resFile.WriteLine strComputer & ",Service," & objService.DisplayName & "," & strState & "," & objService.StartName
End If
Next
Set objWMIService = Nothing
End Sub
Function Ping(strHost)
Dim objPing, objRetStatus
progressText strHost, "Pinging"
Set objPing = GetObject("winmgmts:{impersonationLevel=impersonate}").ExecQuery("select * from Win32_PingStatus where address = '" & strHost & "' AND ResolveAddressNames = TRUE")
For Each objRetStatus in objPing
If IsNull(objRetStatus.StatusCode) or objRetStatus.StatusCode <> 0 then
Ping = False
Else
Ping = True
End if
Next
End Function
Sub progressText(strComputer, strTask)
intTop = UBound(arrTextLine)
For z = 0 to intTop - 1
arrTextLine(z) = arrTextLine(z + 1)
Next
arrTextLine(intTop) = Trim(strTask) & " " & strComputer & "..."
For z = 0 to intTop
strText = strText & "<BR>" & arrTextLine(z)
Next
objExplorer.Document.Body.InnerHTML = strText
End Sub
Will query all devices in a domain to determine which services are being ran by the provided user account. Goal is to run this prior to changing the password(s), so that we we can know whether or not services will break, and which ones.
1 bit
•
463 views
Are you sure you want to delete?