用于更改服务帐户的Powershell脚本

Question

是否有人有Powershell脚本来更改Windows服务使用的凭据？

Answer 1

位 - 使用WMI。

$service = gwmi win32_service -computer [computername] -filter "name='whatever'" 
$service.change($null,$null,$null,$null,$null,$null,$null,"P@ssw0rd") 

在过滤器中正确更改服务名称;适当地设置远程计算机名称。

Answer 2

考虑到whithin这个类：

$class=[WMICLASS]'\\.\root\Microsoft\SqlServer\ComputerManagement:SqlService' 

有一个名为方法setserviceaccount()，可能是这个script会做你想要的：更容易

# Copyright Buck Woody, 2007 
# All scripts provided AS-IS. No functionality is guaranteed in any way. 
# Change Service Account name and password using PowerShell and WMI 
$class = Get-WmiObject -computername "SQLVM03-QF59YPW" -namespace 
root\Microsoft\SqlServer\ComputerManagement -class SqlService 

#This remmed out part shows the services - I'll just go after number 6 (SQL 
#Server Agent in my case): 
# foreach ($classname in $class) {write-host $classname.DisplayName} 
# $class[6].DisplayName 
stop-service -displayName $class[6].DisplayName 

# Note: I recommend you make these parameters, so that you don't store 
# passwords. At your own risk here! 
$class[6].SetServiceAccount("account", "password") 
start-service -displayName $class[6].DisplayName 

Answer 3

我创建一个文本文件“changeserviceaccount.ps1”包含以下脚本：

$account="domain\user" 
$password="passsword" 
$service="name='servicename'" 

$svc=gwmi win32_service -filter $service 
$svc.StopService() 
$svc.change($null,$null,$null,$null,$null,$null,$account,$password,$null,$null,$null) 
$svc.StartService() 

我一个窗口服务的开发过程中使用这种由生成后命令行的一部分：

Visual Studio中：项目属性\生成事件

预生成事件命令行：

"C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\installutil.exe" myservice.exe /u 

生成后事件命令行：

"C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\installutil.exe" myservice.exe 
powershell -command - < c:\psscripts\changeserviceaccount.ps1 

Answer 4

我写了PowerShell中改变用户名，密码功能，并重新启动远程计算机上的服务（你可以使用localhost，如果你想改变本地服务器）。我已经使用这个数字服务帐户密码在数百台服务器上重置。

您可以在http://www.send4help.net/change-remote-windows-service-credentials-password-powershel-495

它还等待，直到该服务完全停止尝试再次启动它，不像其他的答案中寻找的原件及复印件。

Function Set-ServiceAcctCreds([string]$strCompName,[string]$strServiceName,[string]$newAcct,[string]$newPass){ 
    $filter = 'Name=' + "'" + $strServiceName + "'" + '' 
    $service = Get-WMIObject -ComputerName $strCompName -namespace "root\cimv2" -class Win32_Service -Filter $filter 
    $service.Change($null,$null,$null,$null,$null,$null,$newAcct,$newPass) 
    $service.StopService() 
    while ($service.Started){ 
    sleep 2 
    $service = Get-WMIObject -ComputerName $strCompName -namespace "root\cimv2" -class Win32_Service -Filter $filter 
    } 
    $service.StartService() 
} 

Answer 5

这里的其他脚本略有不同，如下所示。这将为给定登录帐户下运行的任何/所有服务设置凭据。它只会尝试在服务已经运行的情况下重新启动服务，以便我们不会意外启动因某种原因而停止的服务。该脚本必须运行并提升shell（如果脚本开始告诉你关于ReturnValue = 2，你可能运行它未升级）。一些有用的例子是：在运行

• 所有服务作为当前登录的用户，在本地主机上：

  .\set-servicecredentials.ps1 -password p@ssw0rd

• 所有服务运行的用户：somedomain\someuser主机somehost.somedomain：

  .\set-servicecredentials.ps1 somehost.somedomain somedomain\someuser p@ssw0rd

集-ServiceCredentials.ps1：

param (
    [alias('computer', 'c')] 
    [string] $computerName = $env:COMPUTERNAME, 

    [alias('username', 'u')] 
    [string] $serviceUsername = "$env:USERDOMAIN\$env:USERNAME", 

    [alias('password', 'p')] 
    [parameter(mandatory=$true)] 
    [string] $servicePassword 
) 
Invoke-Command -ComputerName $computerName -Script { 
    param(
    [string] $computerName, 
    [string] $serviceUsername, 
    [string] $servicePassword 
) 
    Get-WmiObject -ComputerName $computerName -Namespace root\cimv2 -Class Win32_Service | Where-Object { $_.StartName -eq $serviceUsername } | ForEach-Object { 
    Write-Host ("Setting credentials for service: {0} (username: {1}), on host: {2}." -f $_.Name, $serviceUsername, $computerName) 
    $change = $_.Change($null, $null, $null, $null, $null, $null, $serviceUsername, $servicePassword).ReturnValue 
    if ($change -eq 0) { 
     Write-Host ("Service Change() request accepted.") 
     if ($_.Started) { 
     $serviceName = $_.Name 
     Write-Host ("Restarting service: {0}, on host: {1}, to implement credential change." -f $serviceName, $computerName) 
     $stop = ($_.StopService()).ReturnValue 
     if ($stop -eq 0) { 
      Write-Host -NoNewline ("StopService() request accepted. Awaiting 'stopped' status.") 
      while ((Get-WmiObject -ComputerName $computerName -Namespace root\cimv2 -Class Win32_Service -Filter "Name='$serviceName'").Started) { 
      Start-Sleep -s 2 
      Write-Host -NoNewline "." 
      } 
      Write-Host "." 
      $start = $_.StartService().ReturnValue 
      if ($start -eq 0) { 
      Write-Host ("StartService() request accepted.") 
      } else { 
      Write-Host ("Failed to start service. ReturnValue was '{0}'. See: http://msdn.microsoft.com/en-us/library/aa393660(v=vs.85).aspx" -f $start) -ForegroundColor "red" 
      } 
     } else { 
      Write-Host ("Failed to stop service. ReturnValue was '{0}'. See: http://msdn.microsoft.com/en-us/library/aa393673(v=vs.85).aspx" -f $stop) -ForegroundColor "red" 
     } 
     } 
    } else { 
     Write-Host ("Failed to change service credentials. ReturnValue was '{0}'. See: http://msdn.microsoft.com/en-us/library/aa384901(v=vs.85).aspx" -f $change) -ForegroundColor "red" 
    } 
    } 
} -Credential "$env:USERDOMAIN\$env:USERNAME" -ArgumentList $computerName, $serviceUsername, $servicePassword 

Answer 6

我不能在默认的PS堆栈发现了什么，我发现它在Carbon实施：

http://get-carbon.org/help/Install-Service.html

http://get-carbon.org/help/Carbon_Service.html（碳2.0只）