Created
December 4, 2020 17:26
-
-
Save jurbanek/9ccd3411983439ba4a76e2805996c405 to your computer and use it in GitHub Desktop.
CONCEPT CODE ONLY to reset Palo Alto Networks Windows User-ID Agent service account credentials
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
CONCEPT CODE ONLY to reset Palo Alto Networks Windows User-ID Agent service account credentials | |
Modifies the service's "log on" credentials | |
The "new credentials" can be obtained via a password vault API, other automation, or simple | |
Get-Credential. This concept uses Get-Credential for concept ease | |
Assume running locally on Windows server running the Windows User-ID Agent. Can be adapted to run | |
remotely (consider replacing Get-WmiObject with Get-CimInstance and using the -ComputerName parameter) | |
Additional error handing and logic is advisable for production use cases | |
#> | |
$ServiceName = 'UserIdService' | |
# Obtain service account credentials via password vault API, automate, or use Get-Credential | |
$ServiceCred = Get-Credential -Message ('Provide {0} service account credentials' -f $ServiceName) | |
$Service = Get-WmiObject win32_service -filter ("name='{0}'" -f $ServiceName) | |
if($Service.Name -eq $ServiceName) { | |
Write-Host ('Found service {0}' -f $Service.Name) | |
if($Service.State -eq 'Running') { | |
Write-Host ('Stopping service {0}' -f $Service.Name) | |
Stop-Service -Name $Service.Name | |
} | |
Write-Host ('Updating service {0} "log on" (startup) credentials' -f $Service.Name) | |
Write-Host ('Username: ' -f $ServiceCred.Username) | |
Write-Host ('Password: <hidden>') | |
$Service.Change($null,$null,$null,$null,$null,$null,$ServiceCred.Username,$ServiceCred.GetNetworkCredential().Password) | |
Write-Host ('Starting service {0}' -f $Service.Name) | |
Write-Host ('Service start errors will arise if invalid credentials are provided. Review Windows System event log on service start failure') | |
Start-Service -Name $Service.Name | |
} | |
else { | |
Write-Error ('Failed to find service {0}' -f $ServiceName) | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment