Service Account Reporting Tool

How to Find Where Service Accounts is Being Used

Service accounts in Active Directory can be difficult to find because they often are not named correctly or look like regular accounts. This makes it very difficult to find and know where they are being used. Knowing which accounts are being used as a service is important to maintain security and compliance. Service accounts often have special privileges to run applications and access data.

With the AD Pro Toolkit, you can easily track down which accounts can be used as a service and where they are being used.

Step 1. Run the Service Account Management Tool

Click on Security Tools > Service Account Management.

Select a Path. You can run on all domain computers or select an OU.

Click “Run” to start the scan.

Tip: Select “Exclude Built-in Accounts” to exclude default accounts.

Step 2. Review Service Accounts List

When the scan is complete you will have a list of computers and all the scheduled tasks, windows services and the account its RunningAs. You can search the report, filter and export it to a CSV, Excel or PDF file. Below you can see the tool found a domain account running a Windows service on PC1.

Step 3. Scan and Review AD Accounts

Service accounts often are configured so their password never expires or do not require password changes. With the AD Pro Toolkit, you can easily find all accounts that have these special settings.

Click on User Reports > UserAccountControl for all users

In the userAccountControl column you can filter and quickly identify accounts that do not require a password, password does not expire and other configurations.

Find Specific Service Accounts

If you know the name of a service account, you can scan computers for that specific account.

Select the “Find” option and enter the service account name and click “Run”.

In the screenshot below, you can see the account is being used on multiple computers to run windows services and scheduled tasks.