Managing services includes the deep understanding of the Services console located under Administrative Tools. The Services snap-in is also included in the Computer Management and Server Manager consoles. You can also execute mmc services.mmc from a command prompt, Start Search box, or Run box. See Figure 1.
A service is a program, routine, or process that performs a specific system function to support other programs or to provide a network service. A service runs in the system background without a user interface. Some examples include web serving, event logging, and file serving.
To start, stop, pause, resume, or restart services, right-click on the service and click on the desired option. To the left of the service name is a description. To configure a service, right-click the service and click on the Properties option or double-click the service. See Figure 2. On the General tab, under the start-up type pull-down option, set the following:
• Automatic: Specifies that the service should start automatically when the system starts.
• Automatic (Delayed Start): Specifies that the service should start automatically after the services marked as automatic have started (which is approximately 2 minutes).
• Manual: Specifies that a user or a dependent service can start the service. Services with
manual start-up do not start automatically when the system starts.
• Disable: Prevents the service from being started by the system, a user, or any dependent service.
If you like doing things at the command prompt or you have a need use a script to start or stop a service, you would use the sc command to communicate with the Service Control Manager and Services. The scconfig command is used to modify a service entry in the registry and Service Database. You can also use the net start and net stop commands to start and stop services.
When you configure a service, you need to configure what account the service runs under. You can use the built-in accounts included with Windows or you can use a service account that you create locally or on the domain. The built-in accounts include:
• Local System: Highly privileged account that can access most resources on the local computer.
• NT AuthorityLocalService: Has the same privileges of the local Users group on the computer. When it accesses Network resources, it uses no credentials and a null session.
• NT AuthorityNetworkService: Has the same level of access as the Users group on the local computer. When it accesses network resources, it does so under the context of the local computer account.
You should always take care when changing the Startup parameters for a service including the Startup Type and Log On As settings because these changes might prevent key services from running correctly. In addition, Microsoft recommends that you do not change the Allow service to interact with desktop settings because this will allow the service to access any information displayed on the interactive user’s desktop. A malicious user can then take control of the service or attack it from the interactive desktop. If you specify an account that does not have permission to log on as a service, the Services snap-in automatically grants the appropriate permissions to that account on the computer that you are managing. If you use a local or domain account, make sure that you use a strong password and that the account uses a password that does not expire.
As a general rule, you should use the account with minimum rights and permissions for
the service to operate. In addition, you should use different service accounts for different
services. So if you install Exchange and SQL on a server, you should have a service account for Exchange and a different service account for SQL. SQL and Exchange should be on the same server only for small businesses that have a handful of employees.
If you enable or disable a service and a problem occurs, you can try to start the service
manually to see what happens. You can also check the Event Viewer for more information
on some of the errors. If the system does not boot because of the enabled or disabled service, you should try to start the computer in Safe mode, which starts only the core services needed to operate, load only the necessary drivers to operate, and load in 640×480 screen resolution with the minimum number of colors. By using Safe mode, you should have an opportunity to fix the problem.
If you are new to Windows, particularly in administering and configuring Windows, you should take some time, click on each service, and read the description. You will #learn that many service names are very descriptive. For now, let’s cover two specific services:
• Server: Supports file, print, and named-piped sharing over the network. If the Services
service is not started, you will not be able to access shared folders including administrative shares such as C$ and IPC$.
• Workstation: Creates and maintains client network connections to remove servers using the SMB protocol. Without this service, you will not be able to access shared folders on other computers.
This lesson is a part of Managing Windows Server 2008 R2 chapter from 98-365 Windows Server Administration Fundamentals Prep course. More lessons in this chapter are
The Practice tests included in this course are: