Here's one that I use to find scheduled tasks and services using a specific account. Should be fairly simple to modify to find all tasks and services configured to use any account:
Import-Module ActiveDirectory $srvs = get-adcomputer -Filter 'OperatingSystem -like "Server"' -properties IPv4Address | select Name, IPv4Address, Enabled | where {$.Enabled -eq "True"} | where {$.IPv4Address -gt 0}
function get-remotetasks($srv) { $SystemName=$srv.Name $ST = new-object -com Schedule.Service try { $ST.connect($srv.Name) $RootFolder = $ST.getfolder("\") $ScheduledTasks = $RootFolder.GetTasks(0) $ScheduledTasks | select @{Name="SystemName";Expression={$SystemName}},Name,LastRunTime,NextRunTime,@{Name="RunAs";Expression={[xml]$xml = $_.xml ; $xml.Task.Principals.principal.userID}} } catch [system.exception] { write-host "Error connecting to Task Scheduler on $SystemName" } }
function get-remoteservices($srv) { try { gwmi -computer $srv.name win32service -ErrorAction "Stop" | where {$.StartName -like 'domainname*'} ` } catch [Exception] { write-host "Error connecting to enumerate WMI services on $srv.name" } }
$today = get-date -f yyyyMMdd $Tasks = $srvs | foreach-object { get-remotetasks $ } $Services = $srvs | foreach-object { get-remoteservices $_ } $AdminTasks = $Tasks | where {$.RunAs -like "domainname\accountname*"} $AdminServices = $Services | where {$.StartName -like 'domainname\accountname*'} $AdminTasks | select * | export-csv -notype AdminTasks.$today.csv $AdminServices | select * | export-csv -notype AdminServices.$today.csv
$AdminTasks
| select SystemName, Name, RunAs
| ft -auto
$AdminServices
| select SystemName,name,startname,startmode,status,displayname
| ft -auto