On-Prem Active directory service accounts

saras chander 1 Reputation point
2022-09-16T05:16:06.62+00:00

Hi,

Is there a way to identify an windows Active Directory service account and where it is been used and for which service?

Regards,

Saras.

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,424 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Anonymous
    2022-09-16T12:37:35.237+00:00

    Maybe this one helps.
    https://learn.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/group-managed-service-accounts-overview

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    0 comments No comments

  2. Limitless Technology 44,221 Reputation points
    2022-09-16T14:14:35.237+00:00

    Hi,

    Thank you for your question and reaching out.

    I understand that you wanted to identify a Windows Active Directory service account and where it is been used and for which service. However, Microsoft is strict when it comes to accounts and we cannot double-check that on our end. Instead, your option here is to check it on your end using the steps from this link: https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/service-accounts-on-premises

    -------------------------------------------------------------------------------------------

    If the reply was helpful, please don’t forget to Upvote or Accept as answer. Thank you!

    0 comments No comments

  3. Gary Reynolds 9,416 Reputation points
    2022-09-17T01:12:34.543+00:00

    Hi,

    From an AD object stand point there is no difference between a normal user and a service account. Depending on your environment, usually the naming convention for the accounts is used to identify them, or a separate OU for service accounts.

    Using only the native AD tools the only way to identify where accounts have logged on from is the event logs on the domain controllers and you will need to enable auditing to see this information, see this page - https://learn.microsoft.com/en-us/windows/security/threat-protection/auditing/basic-audit-logon-events

    Gary.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.