Tracking service accounts in ChangeAuditor

We have been required to change our service accounts that have never been changed since I started. I know I can pull a list of service accounts in EnterpriseReporter. My problem is finding out who an what is using these accounts. Especially application wise this is a huge concern obviously. Can anyone help or have done this in the past in CahangeAuditor with the help of a scrip maybe? Appreciate the help.

0 JohnnyQuest 3 months ago

This is always a tough question to answer.

Logon information for those accounts as captured by Change Auditor (assuming you tracking logon activity) might be helpful. But then again, it might not.

I would suggest you use Reporter to get a list of all Windows services from all your servers and see where these accounts are in use.

Also, getting a list of local groups memberships from your servers could give you a clue as to where these accounts are in use.

Once in the Reporter database, from a pure reporting point of view, the distinction between AD and server local groups disappears so getting a consolidated view of this would not be that difficult.

'Hope this is useful food for thought.
Cancel
Up 0 Down

Reply

Verify Answer

Cancel