How to change the windows account to localsystem account using Powershell command Set-Service SwitchAccount

Question

I wan to change the windows seervice account for a service using the set-service command only and using SwitchServiceAccount Parameter but getting error that "A parameter cannot be found that matches with "SwitchServiceAccount". What is the correct switchservice command? Im using PowerShell 5.1 version.

score 3 · Accepted Answer · answered Nov 04 '20 at 15:02

3

sc.exe config "ServiceName" obj="Localsystem"

answered Nov 04 '20 at 15:02

Yogesh Kulkarni

339
6
24

2

Please add a little explanation – Sabito stands with Ukraine Nov 04 '20 at 15:08

score 2 · Answer 2 · answered Sep 17 '21 at 14:57

I used this method to change the service login to local system for about 40 machines. Your server list file could be .txt, .csv or some other powershell get function.

$svcobj.change relies on these these values in this sequence below. Each value here corresponds to a specific portion of the service configuration. There are 11 values and $svcobj.change needs to have all of them configured in order to work properly. Ensure you put them in the proper order, otherwise you could corrupt the service configuration. To change to LocalSystem, StartName should be changed to "LocalSystem" and all other values remain as $null.

<# WMI Win32_Service values
uint32 Change(
  [in] string  DisplayName,
  [in] string  PathName,
  [in] uint32  ServiceType,
  [in] uint32  ErrorControl,
  [in] string  StartMode,
  [in] boolean DesktopInteract,
  [in] string  StartName,
  [in] string  StartPassword,
  [in] string  LoadOrderGroup,
  [in] string  LoadOrderGroupDependencies[],
  [in] string  ServiceDependencies[]
);
#>

#Configure Runas LocalSystem
$svcname = "WindowsService"
foreach ($source in get-content "Some_Path_to_Server_List") {
    $source
    $svcobj = Get-WmiObject -ComputerName $source -Class Win32_Service -Filter "Name='$svcname'"
    $svcobj.StopService | out-null
    $svcobj.Change($null,$null,$null,$null,$null,$null,"LocalSystem",$null,$null,$null,$null) | out-null
    $svcobj.StartService | out-null
    Get-WmiObject -ComputerName $source -Class Win32_Service -Filter "Name='$svcname'"
}

Or you can use this code below to run as a specific user with username and password. $svccred prompts for username and password and stores it encrypted in memory.

#Configure Runas AD User
$svccred = Get-Credential -Message "Enter Service Account Credentials"
$svcname = "WindowsService"

foreach ($source in get-content "Some_Path_to_Server_List") {
    $source
    $svcobj = Get-WmiObject -ComputerName $source -Class Win32_Service -Filter "Name='$svcname'"
    $svcobj.StopService | out-null
    $svcobj.Change($null,$null,$null,$null,$null,$null,$svccred.Username,$svccred.Password,$null,$null,$null) | out-null
    $svcobj.StartService | out-null
    Get-WmiObject -ComputerName $source -Class Win32_Service -Filter "Name='$svcname'"
}

marsze · Answer 3 · 2020-10-27T16:03:56.170

1

According to the docs, the Set-Service command does not have such a parameter. (You can also use Get-Help Set-Service -Full to see the available parameters with explanation and examples.)

In PowerShell Core (v6+) you can set the service credentials with the -Credentials parameter:

Set-Service -Name Schedule -Credential $credential

In PowerShell 5.1 try a solution from this SO post:

$service = Get-WmiObject win32_service -Filter "name='YourService'"
$service.Change($null,$null,$null,$null,$null,$null,"user","password")

or this:

Get-CimInstance win32_service -filter “name=’some_service_name'” | Invoke-CimMethod -Name Change -Arguments @{StartName=”LocalSystem”}

edited Oct 27 '20 at 16:03

answered Oct 27 '20 at 13:52

marsze

15,079
5
45
61

Thanks Marsze. I want to change service log on from "NT SERVICE\DIAHostService" to localsystem Local Log On using PowerShell without providing the password as it works in the UI/dialog box. PFA screenshot. Can I put username and password as null here - $service.Change($null,$null,$null,$null,$null,$null,"user","password")? – Yogesh Kulkarni Oct 27 '20 at 15:47
Thanks Marsze. I tried the second option and Im getting output as Return Value 2 and also the account is not changing to Local System. Can you please assist here. - Get-CimInstance win32_service -filter "name='DIAHostService'" | Invoke-CimMethod -Name Change -Arguments @{StartName="LocalSystem"} ReturnValue PSComputerName ----------- -------------- 2 – Yogesh Kulkarni Oct 28 '20 at 06:23
@YogeshKulkarni This is all theoretical for me. I have never done this, my answer is solely based on internet research. I would kindly ask you to do some research of your own. – marsze Oct 28 '20 at 10:12
Thanks Marsze. Will try the options and update the thread accordingly. – Yogesh Kulkarni Oct 28 '20 at 14:47
1

sc.exe config "ServiceName" obj="Localsystem" worked for me. – Yogesh Kulkarni Nov 04 '20 at 15:02

score 1 · Answer 4 · answered Nov 04 '20 at 15:33

@Yogesh

This cannot work :

Get-CimInstance win32_service -filter "name='DIAHostService'" | Invoke-CimMethod `
    -Name Change -Arguments @{StartName="LocalSystem"}

Because Change method needs to have the start password to be set even there is none (if StartName is defined), so this call shall succeed :

Get-CimInstance win32_service -filter "name='DIAHostService'" | Invoke-CimMethod `
    -Name Change -Arguments @{StartName="LocalSystem";StartPassword=""}

How to change the windows account to localsystem account using Powershell command Set-Service SwitchAccount

4 Answers4