locked
How to add a virtual service account to a local group via script? RRS feed

  • Question

  • I'm trying to add a virtual service account to a local group on Windows 7 Ent SP1 64-bit.

    My service installer installs the service with NT SERVICE\MyServiceQuiteLongOrEvenLongerName virtual service account.
    Service up and running.

    net localgroup MyGroup /add

    Group exists.

    net localgroup MyGroup "NT SERVICE\MyServiceQuiteLongOrEvenLongerName" /add

    Syntax error.

    I'm able to add the account to a local group via Computer/Manage/Local Users and Groups/Groups.

    How to add the virtual service account to a local group via script on Windows 7?

    Thanks for any suggestions.

    UPDATE ON CURRENT FINDINGS:

    Following LINQPad statement:

    var selectQuery1 = new WqlObjectQuery("SELECT * FROM Win32_GroupUser WHERE GroupComponent = \"Win32_Group.Domain='MYCOMPUTERNAME',Name='MyServiceQuiteLongOrEvenLongerName'\"");
    var searcher1 = new ManagementObjectSearcher(selectQuery1);
    
    foreach (ManagementObject obj in searcher1.Get())
    {
        obj.Dump();
    }

    produces PartComponent as reference to:

    \\MYCOMPUTERNAME\root\cimv2:Win32_SystemAccount.Domain="NT SERVICE",Name="MyServiceQuiteLongOrEvenLongerName"

    But I'm unable to locate the MyServiceQuiteLongOrEvenLongerName Win32_SystemAccount instance to update. LINQPad statement:

    var selectQuery2 = new WqlObjectQuery("SELECT * FROM Win32_SystemAccount WHERE Domain='NT SERVICE' OR Domain='MYCOMPUTERNAME'");
    var searcher2 = new ManagementObjectSearcher(selectQuery2);  
    
    foreach (ManagementObject obj2 in searcher2.Get())
    {
        obj2.Dump();
    }

    Produces any result but the virtual account.

    How to add the proper Win32_GroupUser to achieve what I want?

    Thanks.

    Friday, December 4, 2015 9:30 AM