Ezine 185 – PowerShell and Services

Custom Search

---

Guy recommends :
Free – WMI Monitor

Get more ideas for your PowerShell scripts with SolarWinds’ WMI Monitor.

Free WMI Monitor Download

---

---

Guy's Review of Computer Tools

 1) Belarc Advisor
 2) Network Perf Mon
 3) Freeping
 4) PuTTY
 5) Bandwidth Analyzer
 6) Secunia
 7) Net-SNMP
 8) Permission Analyzer
 9) DNS Stuff
10) WinDiff's Compare

---

Short computer jokes

Ezine 185 – PowerShell and Windows Services

PowerShell provides two ways of scripting Windows services.  In this ezine I will compare the plain get-Service with the WMI version: get-WmiObject win32_service.  When I want to deal with a particular service I choose get-Service followed by nameOfService, and when I want to analyze the whole list of services, I employ the WMI cmdlet and select the class win32_service.

Topics for Scripting Windows Services

• Update on get-WmiObject win32_service
• This Week’s Secret
• This Week’s Mission
• Preliminary Check of the Properties with Get-Member
• Investigating Security Accounts for Services
• Grouping and Counting the Windows Services

 ♣

This Week’s Secret

It’s so difficult to balance an article that helps beginners, yet is useful for more experienced scripters.  Another problem that I face is I don’t know whether you are prepared to experiment on your own.  I like to aim by scripts primarily at those who are new to PowerShell, however I keep in mind the needs of those who are experienced but may have forgotten the syntax or capabilities of a particular command.

There are numerous PowerShell authors who have more scripting knowledge than I, but none seem to share my penchant for comparing what I see in the Windows utility with the output of a script.  In this instance I recommend launching Services.msc so that you can make comparisons with the results of my PowerShell services script.  Firstly, this GUI always surprises me with the sheer number of services; moreover, each successive version of Windows spawns yet more services.  Secondly, be aware that the ‘Name’ column in the GUI corresponds to the ‘Caption’ property when you use win32_service.  Furthermore ‘Log on As’ corresponds to ‘StartName’ in the script.

This Week’s Mission

This week’s main mission is to produce scripts which return information about the Windows services.  In particular to count how many services operate under each of the three ‘StartName’ accounts: LocalSystem, LocalNetwork and LocalService.  I also want to draw your attention, or remind you, of three useful scripting techniques, | for Pipelining the output into a new command, `backtick for word-wrap.  Also how to control the output with group-Object, and format-Table.

Preliminary Check of the Properties with Get-Member

Let us start with a preliminary script which researches the properties of services with get-Member; from the results we can compare the lists of properties and decide whether to employ get-Service or get-WmiObject win32_service for a particular task.

Note 1:  Please remember that in addition to get-Service, there are other members of this family of cmdlets, namely, start-Service, stop-Service and restart-Service.

Note 2:  You could filter get-WmiObject win32_service by appending this command:
|where {$_.name -match "__"}

Note 3:  To digress into the world of WMI, get-WmiObject has zillions more classes.  If you are curious try this: get-WmiObject -list.

Conclusion:  Employing the WMI Object class win32_service yields more properties, for example, Started and StartMode.  I also find that Caption is useful to clarify the Name of many of my services.

Investigating Security Accounts for Services

Let us investigate StartName.  This property reveals that each service relies on one of three built-in security accounts: LocalSystem, LocalService and LocalNetwork.  Background research unearths that LocalSystem is the most powerful as it accesses system security privileges, which are not available to the other two accounts.

Note 1:  Any problems, simplify the script to:
get-WmiObject win32_service |format-table Name, StartName -auto

Note 2:  The tiny backtick at the end of the line `
means the same PowerShell command continues on the next line.  As with many scripting languages, there is no automatic word-wrap, thus end-of-line normally means that the command terminates, the backtick extends the commands to the next line.  Beware, there must be no space after the `backtick.

Note 3: You could add this pipeline to refine the command to include only "Running" services:
| Where-Object {$_.state -eq "Running"} `

Guy Recommends: The Free IP Address Tracker (IPAT)

Calculating IP Address ranges is a black art, which many network managers solve by creating custom Excel spreadsheets.  IPAT cracks this problem of allocating IP addresses in networks in two ways:

For Mr Organized there is a nifty subnet calculator, you enter the network address and the subnet mask, then IPAT works out the usable addresses and their ranges. 

For Mr Lazy IPAT discovers and then displays the IP addresses of existing computers. Download the Free IP Address Tracker

Grouping and Counting the Windows Services

Note 1:  The above script incorporates a filter.  Talking of filters, my friend ‘Mad’ Mick says that
 -filter "state = ‘running’"
is superior to | Where {$_.state -eq "Running"} ` Do you know, I think Mick is right, -filter is better than where-object in this case.

Note 2:  Strictly speaking, I should use where-Object rather than plain ‘Where’.  However PowerShell is forgiving, and providing there is no ambiguity it uses its built-in aliases for the shortened forms.  For instance you could use group rather than group-Object.

Guy Recommends: Tools4ever’s UMRA

Tired of writing scripts? The User Management Resource Administrator solution by Tools4ever offers an alternative to time-consuming manual processes.

It features 100% auto provisioning, Helpdesk Delegation, Connectors to more than 130 systems/applications, Workflow Management, Self Service and many other benefits. Click on the link for more information onUMRA.

Summary of Scripting Services with PowerShell

My main point is that there are two methods for scripting PowerShell services.  Plain get-Service has fewer properties than the WMI alternative.  From a practical point of view, these scripts show you how to group and count the local accounts under which, the Windows services operate.  Tip, where possible observe the built-in GUI alongside your PowerShell script, in this case launch Services.msc and make comparisons between the GUI’s columns and PowerShell’s properties.

See more PowerShell examples of process and service

• PowerShell Home   • Get-Process   • Stop-Process   • PowerShell Start-Process   • Set-Service

• Get-Service   • Start-Service   • Stop-Service   • Restart-Service   • Free WMI Monitor

• PowerShell Start-Sleep   • Get-WmiObject win32_service   • Windows PowerShell

Please email me if you have a better example script. Also please report any factual mistakes, grammatical errors or broken links, I will be happy to correct the fault.