In the environmental/network hardening projects I've been working on the last few months, there are (at least) two common needs we are seeing:

  1. The ability to enumerate where service accounts are used throughout the environment. I wrote a script that helps gather this info. P.S. if you're a Powershell guru I'd love some advice on automagically making this script PS2 compatible (see my notes in the script for more details)

  2. A list of local administrator accounts across the AD environment. I found that this free tool from Thycotic does a great job at that!