Managing Windows Services


Managing Windows Services

Services are programs that are started independently of your logging on. For the most part, they are started up in a specific sequence when Windows boots up, and they perform their jobs without directly interacting with the keyboard, mouse, or display. Services are used to perform such tasks as indexing your hard disk for faster searching, managing various types of storage devices, providing networking functions and more. On other operating systems, they might be called daemons or background processes . Services are described in detail in Chapter 4. Here, I'll cover the tools used to manage them.

Managing Services with the GUI

Figure 6.19 shows the Services management tool, from which you can manage the services available on your computer. (The services themselves are described in Chapter 4.) You must be logged on as a Computer Administrator, or on Windows XP, as a Power User .

Figure 6.19. The Services management tool allows you to monitor and change the status of services.

To open the Services management tool, right-click My Computer and select Manage; then in the left-hand pane, open Services and Applications and select Services. Alternatively, you can type services.msc at the command prompt or the run dialog.

The columns in the management display list the name of each service, a description of its purpose, its current status, its startup type, and its logon account. The Status column can display any of the following values:

(blank)

The service is not running (is stopped ).

Starting

The service is starting up but is not yet operational.

Started

The service is operational.

Stopping

The service is in the process of shutting down.

Pausing

The service is in the process of suspending its activity.

Paused

The service is running, but has been instructed to suspend activity.

Continuing

The service is resuming normal activity after having been paused.


The startup type can have any of the following values:

Automatic

The service is started automatically as Windows boots up. Services with no dependencies are started first, followed by any services that depend on them.

Manual

The service is not started unless requested to by an application, another service, or by a Services management tool.

Disabled

The service has been designated as disabled and will not be started under any circumstances.


Services can run in the context of a user account in order to control the privileges they have; for best security, a service should run with only the privileges it absolutely needs and no more, in order to limit the damage it could do should it crash or get compromised by a hacker. Most of the standard services run under the Local System context, which means they have total privileges, but some are run using the special built-in Network Service or Local Service user accounts. These accounts do not appear in the account manager. Other special services could conceivably be configured to standard user accounts.

Note

Each installed service registers with Windows the names of any services that it requires to get its job done. These are called dependencies , and as it starts services during the boot process, Windows first starts services that have no dependencies, and only when depended-upon services are operational does it start up dependent services. This process is automatic.


Current Status and Startup Options

To manage or monitor a service, double-click it in the Services list, or right-click and select Properties (see Figure 6.20).

Figure 6.20. A Service's Properties page lets you specify startup, logon, and failure recovery settings.


On the General tab, shown in Figure 6.20, you can perform the following maintenance tasks:

  • Start, stop, pause, resume, or restart the service. Restarting a service stops it and then immediately starts it again. It's like "rebooting" the service. This can be especially useful in cases where you need to restart a service that either is not working, which has failed and is consuming 100% of the CPU doing nothing (I have seen the Printer Spooler service do this), or is working with corrupt data (for example, restarting the DNS Client clears stale entries from the local DNS cache).

  • View the command line that is used to run the service. You will see that many services use the program svchost .exe ; this is a "shell" program that interacts with the service management system. The real work is performed by a Dynamic Link Library (DLL) whose name is stored in the Registry. See Chapter 4 for more information on svchost.exe .

  • Set the startup type to automatic, manual, or disabled. This can be useful in cases where you want to prevent a service from starting for one reason or another.

Caution

Disabling a service also disables any dependent services, which you can view using the Dependencies tab.


Note

Some services don't accept the Stop or Restart functions; they'll be grayed out. If such a service is not functioning correctly, you will probably have to restart Windows itself to get it going again.


Log On Account

On the Log On tab, you can define the login account used for the service. This is most useful when you are configuring additional third-party services or services for a very specific task where you want to confine the service to an account that has only the specific privileges it requires to perform its function. Do not change the logon account for standard services.

Note

If you specify an account and password to be used by a service, and later change the account's password, you must come back to the Services snap-in and re-enter the logon password for the service.


From this tab you can also specify whether the service is to be run in each of the computer's hardware profiles.

Crash Recovery Options

The Recovery tab, shown in Figure 6.21, lets you specify actions to be taken if the service fails, that is, it crashes or stops unexpectedly. The options for the first, second, and subsequent crashes can be set separately, and the following choices are available:

Take No Action A note will be written to the Event Log, but that's all. The service will be left unavailable.

Restart the Service Windows will attempt to restart the service.

Run a Program Windows will run the program specified in the properties dialog that can take any action you want.

Restart the Computer Windows will shut down and restart.

Figure 6.21. The Recovery tab lets you determine what Windows should do if the service crashes.


In addition, you can specify the time frame over which successive failures are considered sequential.

This configuration scheme is meant primarily for servers or computers that run unattended and perform some critical function. It might be reasonable to attempt to restart a service once, but if it fails again shortly afterward, something is probably seriously wrong, and it may make more sense than to try something else, perhaps reboot Windows, or perhaps run a program that invokes a repair procedure or sends a text page to a network administrator.

View Dependencies

Finally, on the Dependencies tab, you can view the service's dependency tree. This is the list of other services that a given service requires to do its job, and the list of services that depend on this service to do their jobs. If you start a service that has dependencies, the other services will be started first. If you shut down a service that has dependents, the dependents will be shut down first.

Managing Services on Another Computer

Network managers frequently have to manage large numbers of computers, and it's often inefficient to have to physically visit them when there's trouble. Like most Windows management utilities, the Services management console can request to manage services for a remote computer over the network.

To manage another computer's services using the GUI, right-click the icon at the top of the list in the upper-left pane of the management window (it will be labeled Computer Management or Services, depending on how you opened the window), and select Connect to Another Computer. Enter the name of the other computer, or click Browse to select it from your workgroup or domain. You must have an account on the remote computer with the same login name and password as the account you're currently using, or you must have a domain logon valid on that computer.

You can also manage services on other computers using the sc command discussed in the next section.

Managing Services from the Command Line

You can manage services through the command-line interface as well as the GUI; in some cases, the command line can be faster and easier.

There are two ways to do this. The first is with the net command. The commands net start servicename and net stop servicename start and stop a service on the local computer. If the service name has spaces in it, you must enclose the name in quotation marks ( " ), and you can specify either the service's Display Name (the name listed in the Services management display), or the shorter Service Key name.

For a list of Service Key names, see Table 4.5 on p. 143.



These commands can be used to quickly and easily restart a service. For example, if you had recently accessed a network host by its DNS name and the host's IP address is now changed, or if the host was offline but is now online, your computer's DNS cache will still hang on to the out-of-date address or the failure result for several minutes. Restarting the DNS service will make it discard the old, incorrect information and refresh itself. You can do this with

 net stop dns net start dns 

A more powerful command-line service management utility is sc , which can manage services on other computers, change service settings, and list information about installed services.

However, to manage services with sc , you must know the service's "Service Key name", which is usually not the name displayed in the Services management window. You can use sc to get a list of all installed services and their Service Key names, or you can refer to Table 4.8 for the names of common Windows services; the key names are printed in boldface.

Here are some sample uses of the sc utility:

  • Print a list of all services installed on the local computer, including their Automatic/Manual/Disabled setting and their Service Key names (labeled SERVICE_NAME)

     sc query 

  • Print a list of services installed on another computer named otherhost :

     sc \otherhost query 

  • Restart the IIS web server service on computer otherhost

     sc \otherhost w3svc stop sc \otherhost w3svc start 

To get a listing of sc 's full command syntax, type these three lines in a command prompt window:

 sc ? >x.txt y notepad x.txt 

(You will not be prompted for the y line.) Open the Windows Help and Support Center and search for sc for details on each subcommand.

Running Your Own Program as a Service

Developing a Windows service program requires a fair bit of effort and programming skill. In addition to writing code to do whatever job the service has to do, you must add extra code that lets the service program communicate with the Windows Service Manager, so that the service can be started, stopped, and can communicate its status and dependencies to the manager.

Still, in some cases it's nice to be able to have a program run when Windows boots up and have it stay running 24x7, whether you're logged on or not, and no matter what else is going on. And, in fact you can do this, using a utility program from the Windows 2000 Resource Kit that runs a program of your choice as if it were a service; the utility takes care of communicating with the Service manager, and runs your program using a specified command-line when the service manager starts it up. Your program can be a Windows application, command-line program, batch file, Windows Script Host script, database application, or a program written in another scripting language such as Perl. I've used this method to create a web server database back-end written in the FoxPro database language, and an interface to the SpamAssassin spam-filtering program written in Perl.

A program that is to act as a service needs to function with no interaction from the keyboard, mouse, or screen. To communicate with the outside world, it can create and listen on network sockets, or it can scan a specified directory every so many seconds for the appearance of files. It should not run in an endless loop waiting for work to do, or it will slow performance of your computer. Instead, it should use Windows synchronization tools like Events, or at least it should "sleep" for periods of time in order not to consume any CPU power when it's idle. Test the program from the command line to be sure it works before trying to run it as a service.

Then, when you are ready to install it as a service, follow these steps.

Caution

Running a program as a service this way has some risks. In fact, the Windows AntiSpyware program reports the presence of Srvany as a risk every time it runs. If a hacker replaces the program that the service manager starts up, the bogus program will run with whatever privileges the service would have run with. You should follow the steps listed here to ensure that your service is safe from hacking.


1.
Log on as a Computer Administrator.

2.
Download the Windows 2000 Server or Windows Server 2003 Resource Kit Tools package from microsoft.com, as discussed in Appendix A. Install the package.

3.
Click Start, All Programs, and find the new Resource Kit Tools entry. Open the Resource Kit Tools help file, and search for srvany . On the srvany page, there are several links to other pages that you'll need to read: Installing Srvany, Running an Application as a Service, Starting and Stopping a Service, and Srvany Notes. You may want to print these documents.

4.
Create a special user account to be used just for your service, and set a password for it.

5.
Create a special folder for the service's files on a drive that is formatted with the NTFS file system (do not use a FAT-formatted disk). For these instructions, I'll assume that the folder is C:\myservice .

6.
In the Resource Kit tools folder under Program Files, locate files instsrv.exe and srvany.exe . Copy instsrv.exe , srvany.exe , the program file(s) for your service, and any data files it needs to the service's folder ( c:\myservice in this example).

7.
Set NTFS permissions for this folder so that only Administrator and the new user account have access to it. Use the Advanced button to reset permissions on all objects in the folder. (Simple File Sharing must be disabled in order to set permissions.)

8.
Open a command prompt window and change to the service's folder, for example, with cd /d c:\myservice .

9.
Choose a name for your service; it must be different than any other service, and should describe in a word or two what the service does.

10.
Follow the instructions for installing srvany as a service, and for creating the Application and AppParameters values that specify your program and its command line parameters. Table 6.4 lists the correct Application values for various types of programs; replace the filename in italics with the appropriate filename for your program.

Table 6.4. Application and AppParameters Values for Various Types of Service Programs

Program Type

Registry Values

Standard .EXE
AppParameters any needed parameters

Application myprogram.exe

Batch file
AppParameters /c mybatch.bat

Application c:\windows\system32\cmd.exe

Script
AppParameters myscript.vbs

Application c:\windows\system32\cscript.exe


11.
Create the AppDirectory value and set it to the full path of your service's folder.

12.
When the service has been installed, open the Services management tool, locate your service, and use the Log On tab to specify that it's to run under the special user account.

Now, you should be able to start the service and press Ctrl+Alt+Del to see that the associated program appears in the Windows Task Manager's Processes display. If it doesn't, it may be exiting prematurely, or there may be a problem starting the service. In the latter case there should be a record in the Event log.




Upgrading and Repairing Microsoft Windows
Upgrading and Repairing Microsoft Windows (2nd Edition)
ISBN: 0789736950
EAN: 2147483647
Year: 2005
Pages: 128

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net