0

Using Powershell I need to find check if the "NT Service\MSSQL$nameofServer" has the propery trustfordelegatin set to true at the domain Controller.

If this was a user account I would just do this:

get-ADuser userdummy -Properties trustedfordelegation|select trustedfordelegation

For a user this works perfectly. I need to do the equivalent for the sql service account to see if the property is set to true.

Leo Torres
  • 673
  • 1
  • 6
  • 18
  • NT Service would be a local account, so I think you'll need get-localuser, but there doesn't appear to be an equivalent property. See properties with `get-localuser -name 'NT Service' | select *` or `get-localuser |?{$_.name -like 'NT Serv*'}| select-object -Property *` – Dallas Dec 04 '21 at 01:19
  • I am not getting any results. Also linked server transactions are failing because the service account on the server does not have this setting to true. But I need to be able to query its value so I can prove my case. – Leo Torres Dec 04 '21 at 03:21
  • 1
    This may help... https://social.technet.microsoft.com/Forums/ie/en-US/a736f3a4-a477-4cbf-91e2-8237d0e7a4cb/sql-server-not-show-as-a-service-for-delegation?forum=sharepointadmin – Dallas Dec 04 '21 at 06:43
  • Or [this](https://blog.sqlauthority.com/2018/06/24/how-to-find-service-account-for-sql-server-and-sql-server-agent-interview-question-of-the-week-179/) – Theo Dec 04 '21 at 12:03

0 Answers0