Are you a Windows administrator who handles Windows Services as a part of your everyday job? This article is for you as we show you how you can manage these services using PowerShell. But before that, let’s touch on the basics.
What are Windows Services?
Windows Services are computer programs that run in the background and are ideal for running executable applications in their own Windows sessions. A key characteristic of these services is that they don’t usually have a user interface, but you can start, stop, pause, or restart them at any time.
Often this is done through code in C# as a part of another application when you want certain services to start or stop at certain times or after the occurrence of specific events or triggers.
You can also open the Windows Service Manager to start and stop services manually.
As a third option, you can use PowerShell to handle Windows Services. This is easy if you know PowerShell, as there are many cmdlets for starting and stopping these services.
In this article, we will discuss the third option, which is using PowerShell cmdlets for handling Windows Services.
Using PowerShell to manage Windows Services
PowerShell offers eight cmdlets for managing Windows Services. They are as follows.
Get-Service
The Get-Service cmdlet tells you the status of a particular service on your computer.
If you use Get-Service without any parameters, it displays all the services running on your computer. You can also search for specific services using the complete name or wildcards. You can also use multiple search keywords.
Here’s a code snippet using a simple wild card.
The Get-Service cmdlet displays each process’s status, name, and display name in the system, including the, stopped and suspended ones. You can also filter the processes based on their status, such as running, stopped, and suspended. You can change the display format when needed as well.
A highlight of this cmdlet is its advanced sort capabilities. Besides using the asterisk wildcard, you can see use the following comparison operators to find the process you want.
- Lt: Less than
- Gt: Greater than
- Le: Less than or equal to
- Ge: Greater than or equal to
- Eq: Equal to
- Ne: Not equal to
- Like: Similar to wildcard, but can be used for pattern matching
- Match: Matches the exact regular expression
- Contains: Finds processes that contain a specific word or phrase. This returns a boolean true or false
- Replace: Changes the specific parts of a parameter
Other than advanced search capabilities, this cmdlet also has two important parameters to identify dependencies. The DependentServices parameter shows services that depend on a particular service, while the RequiredServices parameter displays the list of services that a specific process depends on.
Another flexibility with this cmdlet is you can pipe the results to a file or other applications or code snippets for further processing. For example, you can use the Out-File cmdlet to redirect and save the output to a text file. This can come in handy for logging and analyzing. Such measures could help with compliance as well.
All these aspects make the Get-Service powerful, and hence it is one of the most used cmdlets for managing Windows Services and for knowing more about what is running in your local system.
Stop-Service and Start-Service
As the name suggests, the Stop-Service cmdlet stops a particular Windows Service.
Stop-Service -Name Netlogon
Note that some critical Windows Services can’t be stopped, and to know what these critical services are, use the below code snippet.
Get-Service | Where-Object {$_.CanStop -eq $false}
This code displays a list of services that can’t be stopped so that you can alter your plan accordingly.
Moving on, you can start any service manually through the Start-Service PowerShell cmdlet.
Start-Service -Name Netlogon
Both these cmdlets come in handy when you want to stop and start specific services while running an application. These can be a part of a larger script as well.
Suspend-Service and Restart-Service
The Suspend-Service cmdlet suspends a running service. This is highly useful when you want to check on the performance of specific services or want to hold them off temporarily to get back resources for other important tasks.
Suspend-Service -Name Netlogon
Note that when a process is suspended, it is still running, but its action is stopped. This is the key difference between suspend and stop.
And to start them again, you can use the Restart-Service cmdlet, and it does more than just restart a suspended service.
You can use it effectively to restart multiple services. You can also use this command along with the Invoke-Command cmdlet to restart services from a remote computer
Invoke-Command -ComputerName Server01 {Restart-Service Spooler}
The advantage of the Restart-Service cmdlet is that it sends notifications until the said service is restarted. This way, you can stay on top of delays and issues as well.
Set-Service
The Set-Service cmdlet helps to change the properties of a service. Besides just starting, stopping, and suspending services, you can change a service’s startup type, credential, description, and display name.
With this cmdlet, you can either send the service name or object directly or through a pipeline.
Set-Service -Name NetLogon -DisplayName "Net Logging Service"
New-Service
This cmdlet is used to create a new Windows Service.
It takes the executable file for the service as a parameter and uses your inputs to create a new entry in the registry and database. You can use this cmdlet to set the display name, description, startup type, and dependencies of the new service.
$params = @{
Name = "TestService"
BinaryPathName = '"C:\WINDOWS\System32\svchost.exe -k netsvcs"'
DependsOn = "NetLogon"
DisplayName = "Test Service"
StartupType = "Manual"
Description = "This is a test service."
}
New-Service @params
You can also set the SecurityDescriptor of the service with the New-Service cmdlet. Remember, this value is always stored in the $SSDLToSet variable.
Remove-Service
As the name suggests, this cmdlet removes a service from the local computer. It also removes the corresponding entry from the registry and database.
This service is available only from PowerShell 6.0 and above.
You can remove a service with its name or display name.
Remove-Service -Name "TestService" Get-Service -DisplayName "Test Service" | Remove-Service
If you want confirmation before removing a service, add the -Confirm parameter to the cmdlet.
Note that both the New-Service and Remove-Service cmdlets work only on the Windows platform.
Thus, these are the different PowerShell cmdlets for managing Windows Services.
Windows Services and PowerShell: Final thoughts
Windows Services are programs that run in the background. While some are critical and can’t be stopped, you can start, stop, resume, and suspend the rest at any time. Likewise, you can create a new service or remove the existing one. You can also get information from the processes or can use them to set specific values for each.
Overall, these cmdlets are a simple way to manage Windows Services and can come in handy for integrating these actions with custom programs and their respective code.
We hope this opens up more choices to handle Windows Services. Please share your experience with us.
Featured image: Pixabay
