Sometimes, SOX regulations, customer agreement or your boss, forces you to have the password periodically changed for all service accounts and/or accounts running scheduled tasks. So either you have a detailed list of who (the user account) runs what (the service or scheduled task) where (on which computer), and manually change the password at the GUI, or you create a script to help you do the job.
A friend of mine, asked me to help him out and write the script he needed. I thought of creating a script that asks the user for input (account name, new password and a list of computers) and then runs against all the computers in the list and changes the password accordingly… but wouldn’t it be nicer to have a nifty application that does all that, and that you wouldn’t have to edit a text file, or type-in all the parameters each time you want to run the process but with a different set of arguments?
So I decided to write the application. The list of requirements included:
* The computer list should be easy to manage, and the user should be able to easily add a computer to the list, or a pre-created list from a text file, or even directly from an Active Directory container.
* The process results should be easy to understand, and even available to export and save for future references.
* Have an option to manage only services, only scheduled tasks or both.
* Have an option to restart the services after the password was changed.
* Have an option to change the user account running the services and/or scheduled tasks.
* Have a “dry-run” option that would only show the objects (services and scheduled tasks) that their credentials would have been changed.
* Have an option to quickly connect using Remote Desktop to a selected computer in the list, and to edit the properties of scheduled task listed in the results.
The result from this list, together with other ideas and suggestions that came along the way is SSTUM (Service and Scheduled Task User Manager).