PowerShell Script: ServiceAccouts

I’ve got a long one for you today.

In my day to day work life I  work with a lot of services that I have to change from a Local Service to a Service Account. In order to do this most efficiently, I use the following script:

$SAuseraccount='DOMAIN\SERVICEACCOUNT'
$SAuserpassword='PASSWORD'
$DSName='SERVICE'
 
Function PowerShell-PrintErrorCodes ($strReturnCode){
#This function will print the right value. The error code list was extracted using the MSDN documentation for the change method as December 2014
Switch ($strReturnCode) 
    {
    0{ write-host  "    0 The request was accepted." -foregroundcolor "white" -BackgroundColor "Red" } 
    1{ write-host  "    1 The request is not supported." -foregroundcolor "white" -BackgroundColor "Red" } 
    2{ write-host  "    2 The user did not have the necessary access."-foregroundcolor "white" -BackgroundColor "Red"} 
    3{ write-host  "    3 The service cannot be stopped because other services that are running are dependent on it." -foregroundcolor "white" -BackgroundColor "Red"} 
    4{ write-host  "    4 he requested control code is not valid, or it is unacceptable to the service." -foregroundcolor "white" -BackgroundColor "Red"} 
    5{ write-host  "    5 The requested control code cannot be sent to the service because the state of the service (Win32_BaseService State property) is equal to 0, 1, or 2." -foregroundcolor "white" -BackgroundColor "Red"} 
    6{ write-host  "    6 The service has not been started." -foregroundcolor "white" -BackgroundColor "Red"} 
    7{ write-host  "    7 The service did not respond to the start request in a timely fashion." -foregroundcolor "white" -BackgroundColor "Red"} 
    8{ write-host  "    8 Unknown failure when starting the service."-foregroundcolor "white" -BackgroundColor "Red" } 
    9{ write-host  "    9 The directory path to the service executable file was not found." -foregroundcolor "white" -BackgroundColor "Red"} 
    10{ write-host  "    10 The service is already running."-foregroundcolor "white" -BackgroundColor "Red" } 
    11{ write-host  "    11 The database to add a new service is locked."-foregroundcolor "white" -BackgroundColor "Red" } 
    12{ write-host  "    12 A dependency this service relies on has been removed from the system."-foregroundcolor "white" -BackgroundColor "Red" } 
    13{ write-host  "    13 The service failed to find the service needed from a dependent service."-foregroundcolor "white" -BackgroundColor "Red" } 
    14{ write-host  "    14 The service has been disabled from the system."-foregroundcolor "white" -BackgroundColor "Red" } 
    15{ write-host  "    15 The service does not have the correct authentication to run on the system."-foregroundcolor "white" -BackgroundColor "Red" } 
    16{ write-host  "    16 This service is being removed from the system."-foregroundcolor "white" -BackgroundColor "Red" }
    17{ write-host  "    17 The service has no execution thread." -foregroundcolor "white" -BackgroundColor "Red"} 
    18{ write-host  "    18 The service has circular dependencies when it starts."-foregroundcolor "white" -BackgroundColor "Red" } 
    19{ write-host  "    19 A service is running under the same name."-foregroundcolor "white" -BackgroundColor "Red" } 
    20{ write-host  "    20 The service name has invalid characters."-foregroundcolor "white" -BackgroundColor "Red" } 
    21{ write-host  "    21 Invalid parameters have been passed to the service."-foregroundcolor "white" -BackgroundColor "Red" } 
    22{ write-host  "    22 The account under which this service runs is either invalid or lacks the permissions to run the service."-foregroundcolor "white" -BackgroundColor "Red" } 
    23{ write-host  "    23 The service exists in the database of services available from the system."-foregroundcolor "white" -BackgroundColor "Red" } 
    24{ write-host  "    24 The service is currently paused in the system."-foregroundcolor "white" -BackgroundColor "Red" } 
    }
}

Function Add-DomainUserToLocalGroup { 
$de = [ADSI]“WinNT://$env:computername/Administrator,group” 
$de.psbase.Invoke(“Add”,([ADSI]“WinNT://$domain/$user”).path)
}

Function ServiceAccount {
$svcD=gwmi win32_service  -filter "name like '%$DSName%'" 
$svcD | ForEach-Object {

write-host "Service to change user and pasword: "   $_.name -foregroundcolor "green"

write-host "----------------------------------------------------------------"  


       if ($_.state -eq 'Running')
       {
          
           write-host "    Attempting to Stop de service..."
           $Value = $_.StopService()
            if ($Value.ReturnValue -eq '0') 

               {
                $Change = 1       
                $Starts = 1      
                write-host "    Service stopped" -foregroundcolor "white" -BackgroundColor "darkgreen"
                }
               Else 
               {
                    write-host "    The stop action returned the following error: " -foregroundcolor "white" -BackgroundColor "Red"
                    PowerShell-PrintErrorCodes ($Value.ReturnValue)
                     $Change = 0
                     $Starts = 0
                }
       }
       Else
       {
         write-host "    As the service is not running before, is not going to be started after the change." -foregroundcolor "green"
         $Starts = 0
         $Change = 1
        
       }
       
           if ($Change -eq 1 ) 
           {
             write-host "    Attemtping to change the service..."
               #this is the method that will do the user and pasword change
               $Value = $_.change($null,$null,$null,$null,$null,$null,$SAuseraccount,$SAuserpassword,$null,$null,$null) 
               if ($Value.ReturnValue -eq '0') 
                {
                   write-host "    Pasword and user changed" -foregroundcolor "white" -BackgroundColor "darkgreen"
                   if ($Starts -eq 1) 
                        {
                            write-host "    Attemtping to start the service, waiting 5 seconds..."
                            [System.Threading.Thread]::Sleep(5*1000)
                            $Value =  $_.StartService()
                            if ($Value.ReturnValue -eq '0') 
                                {
                                    write-host "    Service started sucsesfully" -foregroundcolor "white" -BackgroundColor "darkgreen"
                                }
                             Else
                                {
                                write-host "    Error while starting the service: " -foregroundcolor "red" 
                                 PowerShell-PrintErrorCodes ($Value.ReturnValue)
                                }
                        }                                                           
                    }
                Else 
                 {
                 write-host "    The change action returned the following error: "  -foregroundcolor "red" 
                  PowerShell-PrintErrorCodes ($Value.ReturnValue)
                 }
                }                      

   write-host "----------------------------------------------------------------"    
}

write-host "PROCESS COMPLETED"  -foregroundcolor "green"

}
Add-DomainUserToLocalGroup
ServiceAccount

PowerShell Script: List all Users in a Security Groups

A question that’s been popping up here and there is “How can I list all users in a security group?” This script is part of a larger script, but this part might be helpful to showcase how we can solve this using powershell.

Import-Module ActiveDirectory
$date = get-date -UFormat "%Y%m%d"
##Example ="OU=Company,DC=Cisco,DC=local"
$Groupaccountpath = "OU=Company,DC=Cisco,DC=local"
$Groups = (Get-AdGroup -filter * -SearchBase $Groupaccountpath | Where {$_.name -like "**"} | select name -ExpandProperty name)
$Table = @()
$Record = @{
  "Group Name" = ""
  "Name" = ""
  "Username" = ""
}

Foreach ($Group in $Groups) {
  $Arrayofmembers = Get-ADGroupMember -identity $Group -recursive | get-aduser | Where {$_.Enabled -eq $true}  | select name,samaccountname
  foreach ($Member in $Arrayofmembers) {
    $Record."Group Name" = $Group
    $Record."Name" = $Member.name
    $Record."UserName" = $Member.samaccountname
    $objRecord = New-Object PSObject -property $Record
    $Table += $objrecord
  }
}
$Table | export-csv "C:\temp\SecurityGroups_$date.csv" -NoTypeInformation