Managing Windows ServicesServices are programs that are started independently of your logging on. For the most part, they are started up in a specific sequence when Windows boots up, and they perform their jobs without directly interacting with the keyboard, mouse, or display. Services are used to perform such tasks as indexing your hard disk for faster searching, managing various types of storage devices, providing networking functions and more. On other operating systems, they might be called daemons or background processes . Services are described in detail in Chapter 4. Here, I'll cover the tools used to manage them. Managing Services with the GUIFigure 6.19 shows the Services management tool, from which you can manage the services available on your computer. (The services themselves are described in Chapter 4.) You must be logged on as a Computer Administrator, or on Windows XP, as a Power User . Figure 6.19. The Services management tool allows you to monitor and change the status of services.To open the Services management tool, right-click My Computer and select Manage; then in the left-hand pane, open Services and Applications and select Services. Alternatively, you can type services.msc at the command prompt or the run dialog. The columns in the management display list the name of each service, a description of its purpose, its current status, its startup type, and its logon account. The Status column can display any of the following values:
The startup type can have any of the following values:
Services can run in the context of a user account in order to control the privileges they have; for best security, a service should run with only the privileges it absolutely needs and no more, in order to limit the damage it could do should it crash or get compromised by a hacker. Most of the standard services run under the Local System context, which means they have total privileges, but some are run using the special built-in Network Service or Local Service user accounts. These accounts do not appear in the account manager. Other special services could conceivably be configured to standard user accounts. Note Each installed service registers with Windows the names of any services that it requires to get its job done. These are called dependencies , and as it starts services during the boot process, Windows first starts services that have no dependencies, and only when depended-upon services are operational does it start up dependent services. This process is automatic. Current Status and Startup OptionsTo manage or monitor a service, double-click it in the Services list, or right-click and select Properties (see Figure 6.20). Figure 6.20. A Service's Properties page lets you specify startup, logon, and failure recovery settings.
On the General tab, shown in Figure 6.20, you can perform the following maintenance tasks:
Caution Disabling a service also disables any dependent services, which you can view using the Dependencies tab. Note Some services don't accept the Stop or Restart functions; they'll be grayed out. If such a service is not functioning correctly, you will probably have to restart Windows itself to get it going again. Log On AccountOn the Log On tab, you can define the login account used for the service. This is most useful when you are configuring additional third-party services or services for a very specific task where you want to confine the service to an account that has only the specific privileges it requires to perform its function. Do not change the logon account for standard services. Note If you specify an account and password to be used by a service, and later change the account's password, you must come back to the Services snap-in and re-enter the logon password for the service. From this tab you can also specify whether the service is to be run in each of the computer's hardware profiles. Crash Recovery OptionsThe Recovery tab, shown in Figure 6.21, lets you specify actions to be taken if the service fails, that is, it crashes or stops unexpectedly. The options for the first, second, and subsequent crashes can be set separately, and the following choices are available:
Figure 6.21. The Recovery tab lets you determine what Windows should do if the service crashes.
In addition, you can specify the time frame over which successive failures are considered sequential. This configuration scheme is meant primarily for servers or computers that run unattended and perform some critical function. It might be reasonable to attempt to restart a service once, but if it fails again shortly afterward, something is probably seriously wrong, and it may make more sense than to try something else, perhaps reboot Windows, or perhaps run a program that invokes a repair procedure or sends a text page to a network administrator. View DependenciesFinally, on the Dependencies tab, you can view the service's dependency tree. This is the list of other services that a given service requires to do its job, and the list of services that depend on this service to do their jobs. If you start a service that has dependencies, the other services will be started first. If you shut down a service that has dependents, the dependents will be shut down first. Managing Services on Another ComputerNetwork managers frequently have to manage large numbers of computers, and it's often inefficient to have to physically visit them when there's trouble. Like most Windows management utilities, the Services management console can request to manage services for a remote computer over the network. To manage another computer's services using the GUI, right-click the icon at the top of the list in the upper-left pane of the management window (it will be labeled Computer Management or Services, depending on how you opened the window), and select Connect to Another Computer. Enter the name of the other computer, or click Browse to select it from your workgroup or domain. You must have an account on the remote computer with the same login name and password as the account you're currently using, or you must have a domain logon valid on that computer. You can also manage services on other computers using the sc command discussed in the next section. Managing Services from the Command LineYou can manage services through the command-line interface as well as the GUI; in some cases, the command line can be faster and easier. There are two ways to do this. The first is with the net command. The commands net start servicename and net stop servicename start and stop a service on the local computer. If the service name has spaces in it, you must enclose the name in quotation marks ( " ), and you can specify either the service's Display Name (the name listed in the Services management display), or the shorter Service Key name.
These commands can be used to quickly and easily restart a service. For example, if you had recently accessed a network host by its DNS name and the host's IP address is now changed, or if the host was offline but is now online, your computer's DNS cache will still hang on to the out-of-date address or the failure result for several minutes. Restarting the DNS service will make it discard the old, incorrect information and refresh itself. You can do this with net stop dns net start dns A more powerful command-line service management utility is sc , which can manage services on other computers, change service settings, and list information about installed services. However, to manage services with sc , you must know the service's "Service Key name", which is usually not the name displayed in the Services management window. You can use sc to get a list of all installed services and their Service Key names, or you can refer to Table 4.8 for the names of common Windows services; the key names are printed in boldface. Here are some sample uses of the sc utility:
To get a listing of sc 's full command syntax, type these three lines in a command prompt window: sc ? >x.txt y notepad x.txt (You will not be prompted for the y line.) Open the Windows Help and Support Center and search for sc for details on each subcommand. Running Your Own Program as a ServiceDeveloping a Windows service program requires a fair bit of effort and programming skill. In addition to writing code to do whatever job the service has to do, you must add extra code that lets the service program communicate with the Windows Service Manager, so that the service can be started, stopped, and can communicate its status and dependencies to the manager. Still, in some cases it's nice to be able to have a program run when Windows boots up and have it stay running 24x7, whether you're logged on or not, and no matter what else is going on. And, in fact you can do this, using a utility program from the Windows 2000 Resource Kit that runs a program of your choice as if it were a service; the utility takes care of communicating with the Service manager, and runs your program using a specified command-line when the service manager starts it up. Your program can be a Windows application, command-line program, batch file, Windows Script Host script, database application, or a program written in another scripting language such as Perl. I've used this method to create a web server database back-end written in the FoxPro database language, and an interface to the SpamAssassin spam-filtering program written in Perl. A program that is to act as a service needs to function with no interaction from the keyboard, mouse, or screen. To communicate with the outside world, it can create and listen on network sockets, or it can scan a specified directory every so many seconds for the appearance of files. It should not run in an endless loop waiting for work to do, or it will slow performance of your computer. Instead, it should use Windows synchronization tools like Events, or at least it should "sleep" for periods of time in order not to consume any CPU power when it's idle. Test the program from the command line to be sure it works before trying to run it as a service. Then, when you are ready to install it as a service, follow these steps. Caution Running a program as a service this way has some risks. In fact, the Windows AntiSpyware program reports the presence of Srvany as a risk every time it runs. If a hacker replaces the program that the service manager starts up, the bogus program will run with whatever privileges the service would have run with. You should follow the steps listed here to ensure that your service is safe from hacking.
Now, you should be able to start the service and press Ctrl+Alt+Del to see that the associated program appears in the Windows Task Manager's Processes display. If it doesn't, it may be exiting prematurely, or there may be a problem starting the service. In the latter case there should be a record in the Event log. |