Skip navigation
Menu
End-User Platforms>Windows 7/8

JSI Tip 5721. Report all services on servers in your domain that match a specified context

Dean Wells, of MSEtechnology provides us with svccontext.bat, a script to query all services on all servers in your domain, and report those services that match, or partially match, a specified user context.

NOTE: svccontext.bat uses SC.EXE, either built-in to the OS you run the script from, or available from the resource kit.

NOTE: svccontext.bat uses LDIFDE.EXE, available from your server.

NOTE: Find.exe, SC.EXE, and LDIFDE.EXE must be in the System path.

The syntax for using svccontext.bat is:

SVCcontext FQDN UserName

where:

FQDN is the DNS domain name, like JSIINC.COM or Microsoft.COM.

UserName is the name or partial name of the service context you are querying, like Administrator, System, JSIINC\Service, or MICROSOFT\Admin.

When I typed:

svccontext JSIINC.COM System

I received the following display:

SVCcontext log, "D:\TEMP\SVCcontext.log" - 
  * created by "Jerry" at " 9:18:45.93" on "09/12/2002"
  * servers in domain "jsiinc.com" queried
  * queried for match or partial match on "system"
The D:\TEMP\SVCcontext.log file began with: 
BEGIN LOG 
 
+ SERVICE AppMgmt on SERVER jsi001.JSIINC.COM runs in the context of LocalSystem 
+ SERVICE AudioSrv on SERVER jsi001.JSIINC.COM runs in the context of LocalSystem 
+ SERVICE BITS on SERVER jsi001.JSIINC.COM runs in the context of LocalSystem
svccontext.bat contains: 
:: SVCcontent - Queries all services on all servers within a domain for a specified security context
:: Dean Wells - MSEtechnology - Sept. 2002

@echo off
setlocal ENABLEDELAYEDEXPANSION

:: Begin script body
echo.

:: Define initial environment
set fqdn=%1
set dn=dc=%fqdn:.=,dc=%
set principal=%2
set scriptname=SVCcontext
set log=%TEMP%\%scriptname%.log
set stdout=nul
set stderr=nul
set found=0

:: Determine if supplied arguments were sufficient
if "%2"
"" (
	echo ERROR - Insufficient arguments, "%*"
	goto :SYNTAX
)

:: Define extreme query buffer to cope with unfamiliar environment
set bufsize=50000

:: Locate critical executables
for %%e in (find.exe sc.exe ldifde.exe) do (
	set where="%%~$PATH:e"
	if "!where!"
"""" (
		echo ERROR - Required executable, "%%e", not located within the system path
		goto :END
	)
)

:: Cleanup existing temporary/log files and prepare log header
del %TEMP%\servers.log 1>%stdout% 2>%stderr%
del %log% 1>%stdout% 2>%stderr%
echo %scriptname% log, "%log%" - >>%log%
echo   * created by "%USERNAME%" at "%TIME%" on "%DATE%">>%log%
echo   * servers in domain "%fqdn%" queried>>%log%
echo   * queried for match or partial match on "%principal%" >>%log%
echo. >>%log%
echo BEGIN LOG >>%log%
echo. >>%log%

:: Determine servers to query
ldifde -j %TEMP% -s %fqdn% -d %dn% -r (objectClass=computer) -l dnshostname -f %TEMP%\servers.log 1>%stderr% 2>%stderr%
if errorlevel 1 (
	echo ERROR - LDAP query failed when enumerating server list
	goto :SYNTAX
)

:: Prepare display
echo STATUS - Working ...
echo.

:: Parse the servers
for /f "tokens=2 delims=: " %%h in ('type %TEMP%\servers.log ^| find /i "dnshostname: "') do (
	call :GETSVCS %%h
)

:: Clean up display and display log
if "%found%"=="1" (
	echo. >>%log%
	echo.
	echo STATUS - Done^^!
	start "" notepad %log%
) else (
	echo STATUS - No services located
	echo          * Queried domain "%fqdn%"
	echo          * Queried for match or partial match on "%principal%"
)
echo END LOG >>%log%

:: Script body ends
goto :END

:: Define functions and procedures

:GETSVCS
for /f "tokens=2 delims=: " %%s in ('sc \\%1 query state^= all bufsize^= %bufsize% ^| find "SERVICE_NAME"') do (
	call :QUERYSVCS %1 %%s
)
goto :EOF

:QUERYSVCS
for /f "tokens=2 delims=: " %%p in ('sc \\%1 qc %2 ^| find "SERVICE_START_NAME"') do (
	echo %%p | find /i "%principal%" 1>%stderr% 2>%stderr%
	if not errorlevel 1 (
		set found=1
		echo + SERVICE %2, SERVER %1, CONTEXT %%p
		echo + SERVICE %2 on SERVER %1 runs in the context of %%p >>%log%
	)
)
goto :EOF

:SYNTAX
echo.
echo SYNTAX - %scriptname% \[domain FQDN\] \[username\]
echo.
echo   * \[domain FQDN\] is the DNS domain name to query for servers
echo   * \[username\] is the name or partial name of the service account
echo.
echo     e.g. - %scriptname% microsoft.com Administrator
echo  or ...
echo     e.g. - %scriptname% microsoft.com MICROSOFT\Admin
echo.

:: End script and perform necessary cleanup
:END
del %TEMP%\servers.log 1>%stderr% 2>%stderr%


Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
PowerShell screenshot shows Where-Object cmdlet
How to Use the PowerShell Where-Object Cmdlet
Aug 04, 2022
shield_icon_laptop.jpg
What To Do When Windows Defender Is Not Working
Mar 15, 2022
Computer Screen Showing Password Dialog Box
Microsoft Edge Downloads Updated for Azure AD Sign-In & Sync
Aug 22, 2019
mktg-wp-nolabel5
How to Approach the Windows 7 to 10 Migration
Aug 01, 2019