用於更改服務帳戶的Powershell腳本

Question

是否有人有Powershell腳本來更改Windows服務使用的憑據？

Answer 1

位 - 使用WMI。

$service = gwmi win32_service -computer [computername] -filter "name='whatever'" 
$service.change($null,$null,$null,$null,$null,$null,$null,"P@ssw0rd") 

在過濾器中正確更改服務名稱;適當地設置遠程計算機名稱。

Answer 2

考慮到whithin這個類：

$class=[WMICLASS]'\\.\root\Microsoft\SqlServer\ComputerManagement:SqlService' 

有一個名爲方法setserviceaccount()，可能是這個script會做你想要的：更容易

# Copyright Buck Woody, 2007 
# All scripts provided AS-IS. No functionality is guaranteed in any way. 
# Change Service Account name and password using PowerShell and WMI 
$class = Get-WmiObject -computername "SQLVM03-QF59YPW" -namespace 
root\Microsoft\SqlServer\ComputerManagement -class SqlService 

#This remmed out part shows the services - I'll just go after number 6 (SQL 
#Server Agent in my case): 
# foreach ($classname in $class) {write-host $classname.DisplayName} 
# $class[6].DisplayName 
stop-service -displayName $class[6].DisplayName 

# Note: I recommend you make these parameters, so that you don't store 
# passwords. At your own risk here! 
$class[6].SetServiceAccount("account", "password") 
start-service -displayName $class[6].DisplayName 

Answer 3

我創建一個文本文件「changeserviceaccount.ps1」包含以下腳本：

$account="domain\user" 
$password="passsword" 
$service="name='servicename'" 

$svc=gwmi win32_service -filter $service 
$svc.StopService() 
$svc.change($null,$null,$null,$null,$null,$null,$account,$password,$null,$null,$null) 
$svc.StartService() 

我一個窗口服務的開發過程中使用這種由生成後命令行的一部分：

Visual Studio中：項目屬性\生成事件

預生成事件命令行：

"C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\installutil.exe" myservice.exe /u 

生成後事件命令行：

"C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\installutil.exe" myservice.exe 
powershell -command - < c:\psscripts\changeserviceaccount.ps1 

Answer 4

我寫了PowerShell中改變用戶名，密碼功能，並重新啓動遠程計算機上的服務（你可以使用localhost，如果你想改變本地服務器）。我已經使用這個數字服務帳戶密碼在數百臺服務器上重置。

您可以在http://www.send4help.net/change-remote-windows-service-credentials-password-powershel-495

它還等待，直到該服務完全停止嘗試再次啓動它，不像其他的答案中尋找的原件及複印件。

Function Set-ServiceAcctCreds([string]$strCompName,[string]$strServiceName,[string]$newAcct,[string]$newPass){ 
    $filter = 'Name=' + "'" + $strServiceName + "'" + '' 
    $service = Get-WMIObject -ComputerName $strCompName -namespace "root\cimv2" -class Win32_Service -Filter $filter 
    $service.Change($null,$null,$null,$null,$null,$null,$newAcct,$newPass) 
    $service.StopService() 
    while ($service.Started){ 
    sleep 2 
    $service = Get-WMIObject -ComputerName $strCompName -namespace "root\cimv2" -class Win32_Service -Filter $filter 
    } 
    $service.StartService() 
} 

Answer 5

這裏的其他腳本略有不同，如下所示。這將爲給定登錄帳戶下運行的任何/所有服務設置憑據。它只會嘗試在服務已經運行的情況下重新啓動服務，以便我們不會意外啓動因某種原因而停止的服務。該腳本必須運行並提升shell（如果腳本開始告訴你關於ReturnValue = 2，你可能運行它未升級）。一些有用的例子是：在運行

• 所有服務作爲當前登錄的用戶，在本地主機上：

  .\set-servicecredentials.ps1 -password p@ssw0rd

• 所有服務運行的用戶：somedomain\someuser主機somehost.somedomain：

  .\set-servicecredentials.ps1 somehost.somedomain somedomain\someuser p@ssw0rd

集-ServiceCredentials.ps1：

param (
    [alias('computer', 'c')] 
    [string] $computerName = $env:COMPUTERNAME, 

    [alias('username', 'u')] 
    [string] $serviceUsername = "$env:USERDOMAIN\$env:USERNAME", 

    [alias('password', 'p')] 
    [parameter(mandatory=$true)] 
    [string] $servicePassword 
) 
Invoke-Command -ComputerName $computerName -Script { 
    param(
    [string] $computerName, 
    [string] $serviceUsername, 
    [string] $servicePassword 
) 
    Get-WmiObject -ComputerName $computerName -Namespace root\cimv2 -Class Win32_Service | Where-Object { $_.StartName -eq $serviceUsername } | ForEach-Object { 
    Write-Host ("Setting credentials for service: {0} (username: {1}), on host: {2}." -f $_.Name, $serviceUsername, $computerName) 
    $change = $_.Change($null, $null, $null, $null, $null, $null, $serviceUsername, $servicePassword).ReturnValue 
    if ($change -eq 0) { 
     Write-Host ("Service Change() request accepted.") 
     if ($_.Started) { 
     $serviceName = $_.Name 
     Write-Host ("Restarting service: {0}, on host: {1}, to implement credential change." -f $serviceName, $computerName) 
     $stop = ($_.StopService()).ReturnValue 
     if ($stop -eq 0) { 
      Write-Host -NoNewline ("StopService() request accepted. Awaiting 'stopped' status.") 
      while ((Get-WmiObject -ComputerName $computerName -Namespace root\cimv2 -Class Win32_Service -Filter "Name='$serviceName'").Started) { 
      Start-Sleep -s 2 
      Write-Host -NoNewline "." 
      } 
      Write-Host "." 
      $start = $_.StartService().ReturnValue 
      if ($start -eq 0) { 
      Write-Host ("StartService() request accepted.") 
      } else { 
      Write-Host ("Failed to start service. ReturnValue was '{0}'. See: http://msdn.microsoft.com/en-us/library/aa393660(v=vs.85).aspx" -f $start) -ForegroundColor "red" 
      } 
     } else { 
      Write-Host ("Failed to stop service. ReturnValue was '{0}'. See: http://msdn.microsoft.com/en-us/library/aa393673(v=vs.85).aspx" -f $stop) -ForegroundColor "red" 
     } 
     } 
    } else { 
     Write-Host ("Failed to change service credentials. ReturnValue was '{0}'. See: http://msdn.microsoft.com/en-us/library/aa384901(v=vs.85).aspx" -f $change) -ForegroundColor "red" 
    } 
    } 
} -Credential "$env:USERDOMAIN\$env:USERNAME" -ArgumentList $computerName, $serviceUsername, $servicePassword 

Answer 6

我不能在默認的PS堆棧發現了什麼，我發現它在Carbon實施：

http://get-carbon.org/help/Install-Service.html

http://get-carbon.org/help/Carbon_Service.html（碳2.0只）