Saturday, February 13, 2016

Change username/password configured on logon tab of Windows Service - Powershell

This my another part of List account configured on logon of Windows Service and in this there is a recipe to (Setup service account) change or replace account username/ password on windows service logon tab. Before running make sure your account has permissions or admin rights to change into windows service. Also make sure you open powershell as administrator. 

You can check my earlier post List account configured on logon of Windows Service, how to use this script, if you still have any issue drop a comment on this post I will try to resolve it.
 function Set-ServiceLogonAccount {  
 <#  
  .Synopsis  
   Change or set username password on Service logon Account  
  .Description  
   Make sure you open powershell with as administrator and you have appropriate permissions to modify service settings. You must specify Service name instead of display name.  
  .Example  
   Set-ServiceLogonAccount -ComputerName 192.168.33.51 -LogonUserName vcloud\vkunal -LogonPassword Computer@1 -Service lanmanserver -Credential (Get-Credential)  
     
   It make changes on service lanmanserver on remote computer 192.168.33.51, logon username is changed to vcloud\vkunal and password is set to Computer@1, credential is your remote login credentials.  
  .Example  
   Set-ServiceLogonAccount -LogonUserName .\test -LogonPassword Computer@1  
   By default if only logonusername and logonpassword paramter given it make changes to localhost and service is lanmanserver.  
   
  .OutPuts  
   ∞ JUMBOPC is pinging, attempting to connect...  
   
   PSComputerName : JUMBOPC  
   Name      : LanmanServer  
   DisplayName  : Server  
   StartMode   : Auto  
   State     : Running  
   Started    : True  
   StartName   : .\test  
   
  .Notes  
   NAME: Set-ServiceLogonAccount  
   AUTHOR: Kunal Udapi  
   LASTEDIT: 13th February 2015  
   KEYWORDS: Service log on accounts  
  .Link  
   #Check Online version: Http://kunaludapi.blogspot.com   
   #Requires -Version 3.0  
  #>  
 #requires -Version 3   
 [CmdletBinding(SupportsShouldProcess)]  
 Param(  
   [Parameter(<#Mandatory=$true,#>Position=1,  
     ValueFromPipeline=$true,  
     ValueFromPipelineByPropertyName=$true)]  
   [AllowNull()]  
   [alias("ComputerName", "Computer")]  
   [string]$Name = $env:COMPUTERNAME,   
   
   [Parameter(Mandatory=$true,Position=3)]  
   [string]$LogonUserName,   
     
   [Parameter(Mandatory=$true,Position=4)]  
   [string]$LogonPassword,   
      
   [Parameter(Position=2)]  
   [AllowNull()]    
   [alias("ServiceName")]  
   [string]$Service = 'LanmanServer',  
   
   #[Parameter(Mandatory=$true)]  
   [System.Management.Automation.PSCredential]$Credential,  
   $Protocol = 'DCOM'  
 ) #Param  
 Begin {  
   #$TempFolder = Split-Path $CSVfile  
   #if (-not (Test-Path $TempFolder)) {  
   #  [void](New-Item -Path $TempFolder -Force)  
   #} #if (-not (Test-Path $TempFolder)) {  
 #region Ping  
   Function Get-Ping {  
     Test-Connection -ComputerName $Name -Quiet -Count 2 -ErrorAction SilentlyContinue  
   } # Function Ping-Server  
 #endregion  
   $CIMoption = New-CimSessionOption -Protocol $protocol  
 } #Begin  
 Process {  
   $query = "Select * from Win32_Service Where Name = `'$service`'"  
   if ($(Get-Ping $Name) -eq $true) {  
     Write-Host "$([char]8734) $Name is pinging, attempting to connect..." -ForegroundColor Green  
     if ($Credential -eq $null) {  
       Try {  
         $CIMsession = New-CimSession -ComputerName $Name -SessionOption $CIMoption -ErrorAction SilentlyContinue  
         $cimresult = Get-CimInstance -CimSession $CIMsession -Query $query | Invoke-CimMethod -Name Change -Arguments @{StartName=$LogonUserName;StartPassword=$LogonPassword}  
         #$ServiceDetails = Get-CimInstance -CimSession $CIMsession -Query $query  
       } #Try  
       Catch {  
         Write-Host "`t $([char]215) Server $Name cannot be contacted, skipped it" -ForegroundColor Red  
         Continue  
       } #Catch  
     } #if ($Credential -eq $null)  
     else {  
       Try {  
         #$ServiceDetail = Get-WmiObject -Query $query -ComputerName $Name -Credential $Credential -ErrorAction SilentlyContinue  
         $CIMsession = New-CimSession -ComputerName $Name -SessionOption $CIMoption -Credential $Credential -ErrorAction SilentlyContinue  
         $cimresult = Get-CimInstance -CimSession $CIMsession -Query $query |Invoke-CimMethod -Name Change -Arguments @{StartName=$LogonUserName;StartPassword=$LogonPassword}  
       } #Try  
       Catch {  
         Write-Host "`t $([char]215) Server $Name cannot be contacted, skipped it" -ForegroundColor Red  
         Continue  
       } #Catch  
     } #else ($Credential -eq $null)  
   } #if ($(Ping-Server $Name) -eq $true  
   else {  
     Write-Host "$([char]8734) $Name is not pinging, but Still trying to connect..." -ForegroundColor Yellow  
     if ($Credential -eq $null) {  
       Try {  
         #$ServiceDetail = Get-WmiObject -Query $query -ComputerName $Name -ErrorAction SilentlyContinue  
         $CIMsession = New-CimSession -ComputerName $Name -SessionOption $CIMoption -ErrorAction SilentlyContinue  
         $cimresult = Get-CimInstance -CimSession $CIMsession -Query $query |Invoke-CimMethod -Name Change -Arguments @{StartName=$LogonUserName;StartPassword=$LogonPassword}  
       } #Try  
       Catch {  
         Write-Host "`t $([char]215) Server $Name cannot be contacted, skipped it" -ForegroundColor Red  
         Continue  
       } #Catch  
     } #if ($Credential -eq $null)  
     else {  
       Try {  
         #$ServiceDetail = Get-WmiObject -Query $query -ComputerName $Name -Credential $Credential -ErrorAction SilentlyContinue  
         $CIMsession = New-CimSession -ComputerName $Name -SessionOption $CIMoption -Credential $Credential -ErrorAction SilentlyContinue  
         $cimresult = Get-CimInstance -CimSession $CIMsession -Query $query |Invoke-CimMethod -Name Change -Arguments @{StartName=$LogonUserName;StartPassword=$LogonPassword}  
       } #Try  
       Catch {  
         Write-Host "`t $([char]215) Server $Name cannot be contacted, skipped it" -ForegroundColor Red  
         Continue  
       } #Catch  
     } #else ($Credential -eq $null)  
   } #else ($(Ping-Server $Name) -eq $false)  
   if (-not ($cimresult -eq $null)) {  
     Get-CimInstance -CimSession $CIMsession -Query $query | Select-Object PSComputerName, Name, DisplayName, StartMode, State, Started, StartName  
   } #if ($ServiceDetails -eq $null)  
   else {  
     Write-Host "`t $([char]215) Please check Server $Name manually" -ForegroundColor Red  
   } #else ($ServiceDetail -eq $null)  
 } #Process  
 End {  
   
 } #End  
 } $function  
In the first screenshot I am setting local account on local machine,
In this screenshot I am modifying logon account on remote server, service is lanmanserver, also I have mention credential which will popup for username password to connect to remote server.
Here is parameters information
-ComputerName: If not specified default is localhost (this syntex can take value from pipe as well)
-LogonUserName:  Service account username

-LogonPassword:  Service Account password
-Service: if not specified default is lanmanserver, you have mention service name not display name
This is final result from both local and remote computer from services.msc
-Credential: Incase if remote computer in another domain or if you are not administrator you can use "-credential (get-credential)" to connect. otherwise for same domain this parameter doesn't required.
-Protocol: By default it uses legacy wmi dcom protocol to connect, there is another option wsman which use PSRemoting protocol.

Check on earlier useful script:
Get members from Remote Groups
List account configured on logon of Windows Service - Powershell

3 comments:

Sam Web said...

Thank you so much for sharing this post, I appreciate your work.It was a great informative post.Go so many useful and informative links. Loved your writings also. Concept of the topic was well discussed. Love to come here again.
To Know how to change Yahoo Password Please Visit Manage Yahoo Password

http://bit.ly/2VTLZbZ said...

this is a too much informative and inspiring blog for me and i really love with itand we are happy to tell you that we deals in this serviceContact Yahoo, yahoo customer service phone number, yahoo customer care phone number, yahoo mail customer service number usa

Anonymous said...

Changing the username and password on the logon tab of a Windows Service enhances security, much like how the Ryan Gosling Officer K Jacket adds a sharp, futuristic edge to any outfit. Both involve making key updates that improve functionality and style with precision and confidence.