How to get Log On As account for Windows Service via PowerShell

Question

New to powershell and I'm guessing this exists but I cannot find. I am looking for a powershell command that will show me the account being used to run a Windows Service? I am first as going to check it is running, then make sure it is running using the correct AD account. I have the following so far...

$serviceName = '<my service name>'

If (Get-Service $serviceName -ErrorAction SilentlyContinue) {

    If ((Get-Service $serviceName).Status -eq 'Running') {
        $status = "$serviceName found and is running."

    } Else {
        $status = "$serviceName found, but it is not running."
    }

    #Here is where I should check Log On As name

} Else {

    $status = "$serviceName not found."
}

write-host "Status: $status`n"

pause

Most of my searches lead me to Get-WmiObject, but I did not find what I was looking for. Thanks in advance for any help.

Answer 1

You could also use the more recent CIM cmdlets. Which is which is really where MS wants and is directing folsk to use.

Get-CimInstance -ClassName CIM_Service | Select-Object Name, StartMode, StartName

What is CIM and Why Should I Use It in PowerShell? https://blogs.technet.microsoft.com/heyscriptingguy/2014/01/27/what-is-cim-and-why-should-i-use-it-in-powershell

Update for WMI

In Windows PowerShell 4.0 and Windows PowerShell 3.0, Microsoft offered an updated method for interacting with WMI: the CIMCmdlets module for Windows PowerShell. With this new Windows PowerShell module release, Microsoft also released an entirely new Application Programming Interface (API) for Windows called Management Infrastructure (MI).

The new MI API more closely aligns to the DMTF standards, as laid out on MSDN in Why Use MI? MI allows software developers and hardware manufacturers to expose information, and it allows IT professionals to interact with hardware, using standards-based mechanisms. As this technology continues to evolve, I believe that we will see more cross-platform integration between Microsoft Windows and competing platforms.

Should I use CIM or WMI with Windows PowerShell? https://blogs.technet.microsoft.com/heyscriptingguy/2016/02/08/should-i-use-cim-or-wmi-with-windows-powershell

Get-WmiObject is one of the original PowerShell cmdlets. (As a quick quiz, how many of the 137 original cmdlets can you name?). It was enhanced in PowerShell 2.0 when the other WMI cmdlets were introduced. In PowerShell 1.0, Get-WmiObject was the only cmdlet with the option to access another system.

The big drawback to the WMI cmdlets is that they use DCOM to access remote machines. DCOM isn’t firewall friendly, can be blocked by networking equipment, and gives some arcane errors when things go wrong.

The CIM cmdlets appeared in PowerShell 3.0 as part of the new API for working with CIM classes, which is more standards based. The CIM cmdlets were overshadowed by PowerShell workflows, but they are (to my mind) the most important thing to come out of that release.

The other major CIM-related advance was the introduction of CDXML, which enables a CIM class to be wrapped in some simple XML and published as a PowerShell module. This is how over 60% of the cmdlets in Windows 8 and later are produced.

Answer 2

(Get-WmiObject Win32_Service -Filter "Name='$serviceName'").StartName. (Yes, the name of this property is rather counter-intuitive, but the docs don't lie).