Skip to content

Managing Windows Service Accounts and Dependencies

During the Windows discovery process, Securden fetches and displays the services, scheduled tasks and IIS App pools that are making use of any particular domain account. In the case of services, their respective dependencies are also displayed.

You can manage service accounts in two ways:

  1. Navigate to Accounts >> Click Service Accounts in the All Accounts drop-down.

Account Management

It will list down all the accounts that have dependencies. When you click a particular account, and then click the Dependencies tab in the right pane, you will see the list of all dependencies.

Account Management

  1. Alternatively, you can click any account available in the Accounts tab and then click the Dependencies tab in the right pane; you will see the list of all dependencies.

If you need to import recently added/configured dependencies to Securden, you can click Fetch Now. Securden will run the discovery process once again to fetch all the latest dependencies of the selected account.

Whenever the password of a domain account is changed, Securden propagates the change across all dependencies. This way, you can always have complete visibility and control over service accounts and dependencies.

If the password reset is not propagated to the services, you need to check and ensure the credentials provided for remote operations have admin privileges.

Troubleshooting Tips

Listed below are a few issues that could potentially arise when trying to import Windows dependencies, along with detailed steps for troubleshooting them. Should you still face difficulties in importing and managing Windows dependencies, please write to support@securden.com.

Issue 1: One or more devices remain unreachable when running discovery on a distributed network (Error: Computer not reachable.)

Possible Cause 1:

WMI service is not running on the remote computer, or the user might not have permission to access WMI services.

Troubleshooting Tips

Try starting WMI on the target computer. Follow the steps below: 1. Open the command prompt and execute the command net start winmgmt [/]. 2. Use credentials of an administrator or a member of an administrator group to run WMI.

Possible Cause 2:

Port 135 not opened on the remote computer.

Troubleshooting Tips

Navigate to Windows Firewall >> Advanced Settings and create a new Inbound rule to open port 135.

Issue 2: Username or Password Incorrect

Possible Cause:

When you provide the IP address, Securden can query the AD domain and check whether the specified credentials are correct. If they are found to be incorrect, then the error message is displayed.

Troubleshooting Tips

Provide the correct set of credentials for accessing the AD. The account should at least have READ permission in the AD.

If you want to randomize the passwords of accounts discovered at the time of discovery, you need to provide the credentials of an account with password reset and verification privileges. By default, a domain admin account carries all the required privileges. If providing a domain admin account for running Securden is not desired, you can use a standard user account and delegate the required privileges manually in AD.

Issue 3: While running discovery on Windows servers, IIS App pools are not populated into Securden.

Possible Cause 1:

Connectivity issues between the web server, jump host, and the Securden server.

Troubleshooting Tips

If you are running a separate web server using a jump host between the Securden server and the webserver, check whether connectivity exists between the servers using WIN RM.

If connectivity doesn’t exist, try enabling WIN RM 5985 port on your firewall and check whether connectivity is established. If established, try running the discovery process again.

Possible Cause 2: appcmd.exe is not enabled.

You can verify whether this is the cause if the following error message is displayed: Unable to fetch dependent AppPools - WinRM: 'C:\Windows\System32\inetsrv\appcmd' is not recognized as an internal or external command.

Troubleshooting Tips

To fetch dependent App Pools, the tool appcmd.exe is used, and it needs to be enabled. Follow the steps below to enable appcmd.

  1. Open Control Panel and navigate to Turn Windows features on or off.
  2. Navigate to Internet Information Service >> Web Management Tools and enable IIS Management Scripts and Tools.
  3. You can see appcmd.exe in the folder path C:\Windows\System32\inetsrv.
  4. Add the folder path to the PATH system environment variable.

Run the app discovery again to check if the problem is resolved. If the problem persists, please write to support@securden.com.