Reputation: 5671
Check if user is service account
I try to decide with use of host command below if a given username is service account or not.
Get-ADUser $username -Properties PasswordNeverExpires |
where { $_.PasswordNeverExpires -eq "true" } |
where { $_.Enabled -eq "true"}
It should return only with one value, maybe with a True or False. How could I do this?
Upvotes: 0
Views: 8036
Answers (2)
Reputation: 3957
I do not believe Mathias's answer is correct. To determine whether a given sAMAccountName is a service account see the following:
The powershell command is:
Get-ADServiceAccount -Identity Service1
where 'Service1' is the sAMAccountName.
Update:
I have a similar posting to this question, but my goal was to get all managed service accounts through C# LDAP filter (see link below).
Active Directory: How to determine whether account is service account?
I hope this helps.
Upvotes: 1
Reputation: 174525
Cast the expression to a [bool] - if no user with those criteria exist it will be $false, otherwise $true:
$SAExists = [bool](Get-ADUser -Filter {SAMAccountName -eq $username -and PasswordNeverExpires -eq $true -and Enabled -eq $true})
Upvotes: 0
Related Questions
- Checking if a local user account/ group exists or not with Powershell
- How to check if an AD user exists
- How to validate if my user has an ADM account based on samaccountname
- How to get Log On As account for Windows Service via PowerShell
- Manager checking through powershell and Get-ADUser
- Check AD User for Logon Script(s)
- How can I check if a User Account group exists through powershell?
- Determine If Users Are In Active Directory With PowerShell
- How do I verify if a user has logon as a service right
- PowerShell - TRUE or FALSE returned If username exists in ActiveDirectory