enumerating all of the services using the <fill-in-the-blank> Account for credentials (aka: StartName)

Good evening.

I am trying to determine what - if any - services are running under the
context of the 'Administrator account.  I have the following VERY basic
script:

'==================================================================================================
'
' VBScript Source File
'
' NAME: Services-Admin.VBS
' VERSION: 1.0
' COMPANY: outsourceIT
' CREATE DATE  : 02/05/2010
' LAST MODIFIED : n/a
'==================================================================================================
' COMMENT: This script will list all Services running under the context of
the Administrator on the local Server
'==================================================================================================

strComputer = "."

Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate,authenticationLevel=Pkt}!\\" &
strComputer & "\root\cimv2")
Set colServices = objWMIService.ExecQuery("SELECT * FROM Win32_Service WHERE
StartName = '.\\administrator'",,48)

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objTS = objFSO.CreateTextFile("C:\temp\#Services.txt")

objTS.WriteLine "........................................................"
objTS.WriteLine "....................SERVICES RUNNING...................."
objTS.WriteLine "........................................................"
objTS.WriteLine ()
objTS.WriteLine ()

For Each objService in colServices
objTS.WriteLine "Service name:    " & objService.Displayname
objTS.WriteLine "Start Mode:      " & objService.StartMode
objTS.WriteLine "Service State:   " & objService.State
objTS.WriteLine "Credentials:     " & objService.StartName
objTS.WriteLine ()
objTS.WriteLine ()
Next



This does not run correctly.  What does that mean?  It means that the output
file has the top five lines ("Services Running") but nothing underneath it
(no services listed).

If I change the following line:

Set colServices = objWMIService.ExecQuery("SELECT * FROM Win32_Service WHERE
StartName = '.\\administrator'",,48)

to

Set colServices = objWMIService.ExecQuery("SELECT * FROM Win32_Service WHERE
StartName = 'MYDOMAIN\\administrator'",,48)

it is golden.  I get the five services listed (with the four lines from the
script) that are using the Administrator account.

However, we have management software on all of the servers in all of the
environments that we manage.  I would prefer to have something 'generic'
that will work in all environments.

How do I accomplish this?

Thank you!

Cary

Will this work for you?

Will this work for you? You could add an "Input Box" to this script to charge
the variable "strDomain" with what ever domain you will be running it in.\

Option Explicit
Dim objWMIService, colServices, objFSO, objTS, objService, strComputer,
strDomain
strDomain = "MYDOMAIN"
strComputer = "."

Set objWMIService =
GetObject("winmgmts:{impersonationLevel=impersonate,authenticationLevel=Pkt}!\\" & strComputer & "\root\cimv2")
Set colServices = objWMIService.ExecQuery("SELECT * FROM Win32_Service")
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objTS = objFSO.CreateTextFile("C:\Services.txt")

objTS.WriteLine "........................................................"
objTS.WriteLine "....................SERVICES RUNNING...................."
objTS.WriteLine "........................................................"
objTS.WriteBlankLines(2)

For Each objService in colServices
If  objService.StartName = ".\Administrator" Then
objTS.WriteLine "Service name:    " & objService.Displayname
objTS.WriteLine "Start Mode:      " & objService.StartMode
objTS.WriteLine "Service State:   " & objService.State
objTS.WriteLine "Credentials:     " & objService.StartName
objTS.WriteBlankLines(2)
ElseIf objService.StartName = strDomain & "\Administrator" Then
objTS.WriteLine "Service name:    " & objService.Displayname
objTS.WriteLine "Start Mode:      " & objService.StartMode
objTS.WriteLine "Service State:   " & objService.State
objTS.WriteLine "Credentials:     " & objService.StartName
objTS.WriteBlankLines(2)
End If
Next
objTS.Close()
Set objFSO = Nothing
Set colServices = Nothing

LikeToCode,Normally, yes - it would work....Thank you for the tip.

LikeToCode,

Normally, yes - it would work....Thank you for the tip.

But, we install a small piece of software on all of the machines (servers
and workstations) that we manage and we have a "Scripting" center which
allows us to upload scripts that can then be run against all machines (if
desired).  Thus, the need for a generic script that does not require
specifics (we manage a lot of environments...).

Thanks,

Cary

Try replacing your query statement with the following.

Try replacing your query statement with the following.

Set colServices = objWMIService.ExecQuery("SELECT * FROM Win32_Service WHERE
StartName LIKE '%Administrator'",,48)

That did it....thank you very much. I just learned something today....

That did it....thank you very much.  I just learned something today....

WMI queries can use limited SQL syntax.

WMI queries can use limited SQL syntax.

Sorry my first post was off base, it was late and post Super Bowl. I should
have gone to bed!!
--
have been talking." ??? Aristotle

No worries....I did not disclose all details (my posts are long enough!

No worries....I did not disclose all details (my posts are long enough!) so
your first answer was a good one.  Your second answer was - for my
purposes - even better!

Thank you again.