Service Control Programs that Ship with Windows

[Previous] [Next]

Before I delve into how to write a service, you must at least know how an SCP can control a service. So I'll start off by examining a few SCP applications that ship with Windows.

Services Snap-In

The SCP application with which you should become most familiar is the Services snap-in, shown in Figure 3-2. This snap-in shows the list of all services installed on the target machine. The Name and Description columns identify each service's name and offer an informative description of the service's function. The Status column indicates whether the service is Started, Paused, or Stopped (blank entries indicate "stopped"). The Startup Type column indicates when the SCM should invoke the service, and the Log On As column indicates the security context used by the service when it is running.

This information is kept in the SCM's database, which lives inside the registry under the following subkey:

 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services 

You should never access this subkey directly; instead, an SCP should call the Windows functions (discussed in the next chapter) that manipulate the database in this subkey. Directly modifying the contents of this key will yield unpredictable results. When you install a product that includes a service, the setup program for that product is an SCP that adds the service's information to the SCM's database.

You can view a remote SCM's service database by selecting the Computer Management node in the left pane of the Computer Management console and then choosing Connect To Another Computer from the Action menu.

click to view at full size.

Figure 3-2. Services snap-in

NOTE
All services that ship with Windows log on as the LocalSystem security context. This is a highly privileged account, and it is strongly recommended that any services you write also use the LocalSystem account.

So now that you're looking at the Services snap-in, you're probably wondering about all the tasks you can perform with it. Here are the most common operations:

  • Start a service The administrator starts a service by selecting the service from the list and clicking the Start toolbar button. Only services with a Startup Type of Automatic or Manual can be started; disabled services cannot. Disabling a service is useful for troubleshooting problems with a machine.
  • Stop a service The administrator stops a service by selecting the service and clicking the Stop toolbar button. Note that some services do not allow themselves to be stopped after they are started. The Event Log service is an example; it stops only when the machine shuts down.
  • Pause and resume a service The administrator pauses a service by selecting a running service and clicking the Pause toolbar button. Note that most services do not allow themselves to be paused. Also note that "pause" has no exact definition. For one service, pausing can mean that the service won't accept client requests until it finishes processing the outstanding requests. For another service, pausing can mean that the service can no longer process any of its operations. Paused services can be resumed by clicking the Start toolbar button.
  • Restart a service The administrator restarts a service by selecting a running or paused service and clicking the Restart toolbar button. Restarting a service causes the snap-in to stop the service and then start the service. This is simply a convenience feature and is very useful when debugging your own service.

The preceding list certainly accounts for 99 percent of what administrators do with the Services snap-in, but the snap-in can also be used to reconfigure a service. To change a service's settings, you select the service and then display its Properties dialog box. This dialog box contains four tabs; each tab allows the administrator to reconfigure parts of the selected service. The configurable settings are discussed in the following sections.

General Properties

The General tab (shown in Figure 3-3) allows the administrator to examine and reconfigure general information about the service. The first fact you need to know is that each service goes by two string names: an internal name (used for programmatic purposes) and a display name (a pretty string presented to administrators and users). After being added to the machine's service database, a service's internal name cannot be altered, but the administrator can modify the service's display name and description. The General tab also shows the service's pathname but does not allow the administrator to change it. (This is a limitation imposed by the tab, not by the system.) The administrator can change the service's Startup Type to one of the following:

  • Automatic One of the features of a service is that the SCM can automatically start it for you. If the service has a Startup Type of Automatic, the SCM spawns the service when the operating system boots. It is important to note that automatic services run before any user interactively logs on to the machine. In fact, many machines that run Windows are set up to run only services—no one ever logs on to the machine interactively. For example, machines running Windows and the Server service allow clients to access subdirectories, files, and printers on a networked machine.
  • Manual A manual service tells the SCM not to start the service when the machine boots. An administrator can start this service manually using an SCP. A manual service (alternately known as a demand-start service) will also start when another service that depends on the manual service is started. I'll talk about service dependencies more in the next chapter.
  • Disabled A disabled service tells the SCM not to start it under any circumstance. You disable the DHCP Client service when you manually assign an IP address to your machine rather than have it dynamically obtain an IP address from a machine running the DHCP Server service. Disabling a service is also quite useful when troubleshooting a system by allowing you to take a specific service out of the equation.

click to view at full size.

Figure 3-3. General tab for the Windows Installer service

Log On Properties

In addition to configuring the actual service, the administrator can reconfigure the security context under which the service will execute on the Log On tab, shown in Figure 3-4. The security context can be one of the following:

  • LocalSystem Account A service running under the LocalSystem account can do just about anything on the computer: open any file, shut down the machine, change the system time, and so on. A service running under the LocalSystem account can optionally be allowed to interact with the desktop. Most services don't require this option, and you are strongly discouraged from using it.
  • This Account A service can also execute under a specific security context (identified by a user's name and password). This restricts the service to accessing the resources accessible to the specified account.

I'll talk more about LocalSystem and user accounts in the "Service Issues" section later in this chapter.

The Log On tab also allows the administrator to specify which hardware profiles the service is enabled in. Hardware profiles allow you to configure services according to your hardware configuration. For example, you might want the fax service to run when your laptop computer is docked and not run when it is undocked.

click to view at full size.

Figure 3-4. Log On tab for the Distributed Link Tracking service

Recovery Properties

The Recovery tab, shown in Figure 3-5, allows the administrator to tell the SCM what actions to perform should the service terminate abnormally. Abnormal termination means that the service stopped without reporting a status of SERVICE_STOPPED (discussed later in this chapter). For the first, second, and subsequent attempts, the SCM can do nothing, automatically restart the service, run an executable, or reboot the computer. Note that running an executable and rebooting the computer can fail if the account under which the service is running doesn't have the appropriate privileges or permissions.

click to view at full size.

Figure 3-5. Recovery tab for the Fax Service service

Dependencies Properties

The Dependencies tab, shown in Figure 3-6, shows the services on which the selected service depends and also what services depend on the selected service. In the figure, you'll see six services dependent on the Workstation service. If the administrator attempts to stop the Workstation service and any dependent services are running, the SCM fails the call. Many SCP programs are written to notify the user that dependent services are running, and to allow the user to choose whether to also stop the dependent services. The Dependencies tab does not allow an administrator to modify any of these dependencies. (I'll discuss service dependencies more in the next chapter.)

click to view at full size.

Figure 3-6. Dependencies tab for the Workstation service

Net.exe and SC.exe

In addition to the Services snap-in, Windows ships with a command-line SCP tool named Net.exe. This tool is limited in that it allows you to control only those services residing on the local machine. Using Net.exe, you can start, stop, pause, and continue services using the following syntax:

 NET START    servicename NET STOP     servicename NET PAUSE    servicename NET CONTINUE servicename 

You can also use Net.exe to display a list of services running on the local machine by simply typing the following, without specifying a servicename:

 NET START 

For debugging, the Net.exe tool is quite handy because you can place calls to it in a batch file or other script file.

Another SCP application that Microsoft offers is a command-line tool named SC.exe. This tool ships as part of the Microsoft Windows 2000 Resource Kit. Running this tool without passing it any parameters displays its usage syntax, as shown here:

 DESCRIPTION:    SC is a command line program used for communicating with the     NT Service Controller and services. USAGE:    sc <server> [command] [service name] <option1> <option2>...    The option <server> has the form \\ServerName    Further help on commands can be obtained by typing: "sc [command]"    Commands:      query-----------Queries the status for a service, or                       enumerates the status for types of services.      queryex---------Queries the extended status for a service, or                       enumerates the status for types of services.      start-----------Starts a service.      pause-----------Sends a PAUSE control request to a service.      interrogate-----Sends an INTERROGATE control request to a service.      continue--------Sends a CONTINUE control request to a service.      stop------------Sends a STOP request to a service.      config----------Changes the configuration of a service (persistant)      description-----Changes the description of a service.      failure---------Changes the actions taken by a service upon failure      qc--------------Queries the configuration information for a service      qdescription----Queries the description for a service.      qfailure--------Queries the actions taken by a service upon failure      delete----------Deletes a service (from the registry).      create----------Creates a service. (adds it to the registry).      control---------Sends a control to a service.      sdshow----------Displays a service's security descriptor.      sdset-----------Sets a service's security descriptor.      GetDisplayName--Gets the DisplayName for a service.      GetKeyName------Gets the ServiceKeyName for a service.      EnumDepend------Enumerates Service Dependencies.    The following commands don't require a service name:    sc <server> <command> <option>       boot------------(ok | bad) Indicates whether the last boot should                      be saved as the last-known-good boot configuration      Lock------------Locks the Service Database      QueryLock-------Queries the LockStatus for the SCManager Database EXAMPLE:    sc start MyService Would you like to see help for the QUERY and QUERYEX commands?  [ y | n ]: y QUERY and QUERYEX OPTIONS :     If the query command is followed by a service name, the status    for that service is returned.  Further options do not apply in    this case.  If the query command is followed by nothing or one of    the options listed below, the services are enumerated.    type=    Type of services to enumerate (driver, service, all)             (default = service)    state=   State of services to enumerate (inactive, all)             (default = active)    bufsize= The size (in bytes) of the enumeration buffer             (default = 1024)    ri=      The resume index number at which to begin the enumeration             (default = 0)    group=   Service group to enumerate             (default = all groups) SYNTAX EXAMPLES sc query                - Enumerates status for active services &                           drivers sc query messenger      - Displays status for the messenger service sc queryex messenger    - Displays extended status for the messenger                           service sc query type= driver   - Enumerates only active drivers sc query type= service  - Enumerates only Win32 services sc query state= all     - Enumerates all services & drivers sc query bufsize= 50    - Enumerates with a 50 byte buffer. sc query ri= 14         - Enumerates with resume index = 14 sc queryex group= ""    - Enumerates active services not in a group sc query type= service type= interact - Enumerates all interactive                                         services sc query type= driver group= NDIS     - Enumerates all NDIS drivers 

While developing and debugging a service, this tool can help tremendously since it offers a rich command-line interface to all the service control options and can easily be used in a script file.



Programming Server-Side Applications for Microsoft Windows 2000
Programming Server-Side Applications for Microsoft Windows 2000 (Microsoft Programming)
ISBN: 0735607532
EAN: 2147483647
Year: 2000
Pages: 126

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net