The Core Technologies Blog

Our Software // Windows Services // 24×7 Operation

Manage Your Windows Services with Windows Admin Center

In April 2018, Microsoft released Windows Admin Center (WAC) — a new web-based tool for managing PCs remotely.

With Windows Admin Center, administrators can perform many routine tasks from the browser, including:

  • List all processes on your PC
  • Start a new program or terminate one already running
  • Start, stop or restart any windows service
  • Browse the event logs
  • Navigate the registry
  • Change an account’s password

Check out WAC’s left sidebar to get an idea of what is possible:

Windows Admin Center: Overview

As experts in Windows Services, we were very excited to see what Microsoft is doing in that area! This article highlights the functionality we discovered in the Services section.

Working with Windows Services

When you click Services in the left sidebar, a list of all windows services installed on your computer is displayed on the right. Here we see that there are a whopping 241 services available on our Windows 10 machine!

Windows Admin Center: Services

The ability to search comes in handy when you are looking for a specific service. Type in a few characters to match on the name, display name and description fields:

WAC: Search Windows Services

Select a service from the list to reveal its very basic details in the panel below. Only the service’s name, display name, description and a list of dependent services are shown:

WAC: Windows Service Details

You can start, stop, pause or resume the selected service using the buttons at the top. There is no button to restart the service, but obviously that can be achieved by stopping then starting again.

To show additional details and update the service, click the Settings button at the top. Here is what we see for the important Dhcp service:

WAC: DHCP Service: General Settings

In the General section, you can change the service’s startup mode to dictate when Windows launches the service. Curiously, Automatic (Delayed Start) is not an option!

WAC: No Automatic (Delayed Start) Startup Mode

Microsoft will surely rectify that oversight soon.

Another surprise: You can alter the service’s command line (path to executable)! In that respect, WAC is more powerful than the venerable Services Control Panel application, which shows the image path as read-only.

If you click over to the Log On section, you can set the account in which the service will run. No surprises there:

WAC: DHCP Service: Log On Settings

In the Recovery section, specify one of four actions to be taken if the service fails:

WAC: DHCP Service: Recovery Settings

Note that not all options available in Services.msc are configurable here. For example, you cannot append a fail count to the end of a command line or configure options when restarting the computer:

WAC: Missing Service Recovery Options

Be cautious when changing your service’s recovery settings from WAC!

Installing Windows Admin Center: The Fine Print

While we were clearly able to get WAC up and running, we encountered a few obstacles along the way. We mention them here for future travelers:

  • WAC only runs on Microsoft’s newest operating systems. We had to upgrade our Windows 10 machine to Build 1709 (the lone desktop OS supported).

    Windows 10 Build 1709
  • WAC has only been tested with the Microsoft Edge and Google Chrome browsers on Windows 10. Firefox fanatics and Safari supporters may be out of luck.

  • If you have trouble with authentication, make sure that the WinRM service is running. Despite being configured to start automatically, that service wasn’t running and we had to start it manually on our PC.

    Run NET START WinRM to do the honors.

  • After we added our PC to the list and tried to connect, WAC repeatedly told us that our credentials weren’t valid. We tried several accounts (all with admin access) to no avail.

    The problem? Our PC is in a Workgroup instead of a Domain and we’re not using the builtin admin account. Fortunately we came across this page which advised us to run this magical command (verbatim) from an elevated prompt:

    REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1

  • Check out the full list of admin center troubleshooting tips if you run into anything else.


Posted in Windows Services | Tagged , , , | Leave a comment

Q & A: What Setting will Help AlwaysUp Start my App at Boot?

Q & A - Restart Windows

I’m running on Windows Server 2016. I have noticed on my most recent install that AlwaysUp doesn’t start at boot, I have to do an interactive/RDP login and then open the AlwaysUp GUI to have the services started. Is there any setting that I need to change to make this happen please?

— Robert

Hi Robert. There could be many reasons why a generic Windows Service doesn’t start at boot. But when AlwaysUp is involved, the failure is usually because your service/application is trying to start too soon. Here are a couple of reasons why:

  1. Your application depends on a Windows Service

    System software will often be deployed as a windows service. Notable examples include the Apache web server, the MySQL relational database and the Redis memory store.

    If your application depends on a service, then you should configure the dependency on the Startup tab. Check the Ensure that the following services have started box and select your service from the list below:

    Set Dependent Services in AlwaysUp

    However, this setting may not work as expected. While it ensures that the critical service has started before AlwaysUp launches your application, there is no guarantee that the service will actually be ready.

    For example, suppose the Redis service takes a minute to initialize before connections are accepted. If your application tries to start before those 60 seconds have elapsed, it will fail to connect to Redis and will likely crash or exit with an error.

  2. You are running AlwaysUp on a Domain Controller (DC)

    Let’s say that your machine is a Domain Controller and you have specified a domain account on the AlwaysUp Logon tab. If Windows tries to kick off AlwaysUp before the DC is fully ready, the AlwaysUp service will fail to start because it can’t log in. You will see a cryptic message like this in the Windows/Application section of the Event Log:

    Windows Service Logon Failure

    To resolve this scenario, add a dependency on the “Workstation” service on the AlwaysUp Startup tab. Some customers have had success with that change but it hasn’t worked for others.

General Solution: Delayed Startup on Boot

Irrespective of the underlying problem, many customers have profited from a simple solution: delaying the startup of your AlwaysUp application. Your application is very likely to start properly once it avoids the “mad rush” of programs straining to start as your PC comes alive.

To delay startup, choose the Automatically, but shortly after the computer boots option on the General tab:

Delay startup on boot in AlwaysUp

With that modification, your application will start 1-2 minutes after your computer boots — when all critical components should be happily running.

Hopefully this easy change will do the trick. Please be sure to get in touch if the problem persists!

Posted in AlwaysUp | Tagged , , , | Leave a comment

Q & A: Can I Run Multiple Instances of OneDrive?

Q & A - OneDrive

I have tried AlwaysUp to let OneDrive run as a service. Everything works perfectly, but is it possible to create multiple OneDrive services? I have tried it and when I start the second service event logs suggest that the application crashed.

— Bernhard

Hi Bernhard. Here is what we have learned from experimenting with Microsoft OneDrive on our Windows Server 2016 machine:

You can run multiple copies of OneDrive on your PC

We created two user accounts and installed OneDrive in each. Setup went smoothly and both users were able to start OneDrive normally. Here you can see the two copies of the executable running in the Task Manager:

Two OneDrive Processes Running

Next, we installed OneDrive as a windows service in one of the accounts. That arrangement worked fine as well, with a copy of OneDrive.exe running in the isolated Session 0 and another in a regular, interactive login session (#3):

OneDrive Running in Session 0

Note that we had to turn off the “Stop all copies…” setting on the AlwaysUp Startup tab (to avoid terminating the non-service copy):

AlwaysUp Startup Tab - No stop copies

But you cannot run multiple copies of OneDrive in one Login Session

When we setup both users to run OneDrive as a windows service, the first copy started but the second one failed. AlwaysUp kept trying to launch OneDrive, but it simply refused to start:

OneDrive Fails to Start

It seems that multiple copies of OneDrive won’t run in Session 0.

Removing AlwaysUp from the equation, we see the same behavior in a regular login session. The first instance of OneDrive started fine, with the usual “clouds” tray icon showing up on the taskbar. However, when we launched a second copy:

  • A new OneDrive.exe process appeared in Task Manager (in the Details/Advanced tab)
  • A File Explorer window opened, listing the contents of our OneDrive folder
  • The new process exited, disappearing from Task Manager

It is very likely that the second copy of OneDrive, on detecting an instance already operating in the same session, sent an “activate yourself” message to the first before promptly quitting. As far as we can tell, this is how the folks at Microsoft have designed OneDrive to work. There is no way around it.

So no, you will not be able to run multiple copies of OneDrive as windows services in Session 0 with AlwaysUp. :(

However, all may not be lost, because…

You can run a single OneDrive with two cloud accounts

Instead of running two copies of the OneDrive application, you may be able to serve two online accounts with a single instance of OneDrive.

To set up a second account:

  • Right-click the OneDrive task tray icon ()and select Settings

  • In the window that appears, move to the Account tab

  • Click the Add an account button

  • Sign in to OneDrive with the email address and password of your second online account:

    Add a Second Account
  • Click OK to dismiss the settings window and save your changes.

You should now see two OneDrive cloud icons in your task tray. And when you start OneDrive as a windows service with AlwaysUp, both accounts should be synchronized.

We hope this solution works for you!

Posted in AlwaysUp | Tagged , , , , | Leave a comment

Wondering if Your Legacy Desktop Application Will Work as a Windows Service? Answer These 3 Questions to Find Out

3 Questions

Does your old (but important) desktop application need to run all the time?

Should it start immediately after a reboot, even when no one is there to log on and kick it off?

If so, you should consider installing your program as a Windows Service — the technology Microsoft invented to support mission-critical, 24×7 applications. Use a “service wrapper” (like our AlwaysUp) to install your application as a service in 5-10 minutes.

But not all legacy applications will operate smoothly when installed as a service. Here are three questions you should ask to determine if a windows service is a good fit for your situation:

  1. Do you need to see (or interact with) your program while it’s running?

    Windows services run in the background. Any windows displayed by a service appear on a “hidden desktop” called Session 0. When your legacy application is running as a service, you will not see its windows on your own desktop.

    As a consequence, it doesn’t make much sense to run an intensively interactive application (like a word processor) as a windows service. Indeed, any application that demands your constant attention will be a poor fit. Does yours?

    But if you only need to see your application from time to time, a service may still be an option because you can quickly switch to the Session 0 desktop whenever you need to see your application.

    For example, when running Apple’s iTunes as a windows service, here is what the Session 0 desktop looks like:

    iTunes as a Windows Service in Session 0

    Even though there is no taskbar and the usual desktop icons have vanished, we can interact with iTunes just fine in Session 0. For example, we were able to add tracks to iTunes, create a playlist, and even change settings — just as we would if iTunes was running on our regular desktop.

    (The only exception is on Windows 10 and Windows 2016, where a particularly annoying bug will prevent you from moving the mouse and keyboard in Session 0. Come on Microsoft! Please fix this defect soon.)

    So is occasionally switching to Session 0 good enough for your situation? If not, you should rule out a windows service.

  2. Will your application occasionally prompt for input?

    An application that periodically pops up windows and expects you to respond can be a problem when installed as a windows service. Those popups/windows will appear on the Session 0 desktop — effectively hidden from you. You will not know that your program is stuck waiting for you to enter a password or click the OK button!

    So a “needy” application is not a great candidate for running in the background as a windows service. Does your legacy application fit the mold?

    However, if you only have to get past one or two prompts, our AlwaysUp service wrapper may provide an elegant solution. Simply write an automation script that dismisses the prompt and plug the script into AlwaysUp. This page dives into the details.

    For example, when launching iTunes as a service, this error message is the first to appear:

    iTunes Startup Error

    Clicking the “X” in the title bar will expel the window and allow iTunes to start. To achieve the same effect when no one is around to click, we provided this simple one-line script (which sends the “ESC” key to the iTunes window) to AlwaysUp. Now AlwaysUp automatically dismisses the warning on our behalf whenever it appears!

  3. Does your application read from or write to files on a network drive?

    Like a regular application, a windows service can access remote/network devices. Permissions are granted based on the account running the service.

    However, a service can’t use a mapped drive — at least not without some extra work to explicitly map the drive letter.

    Mapping a Network Drive

    So if your legacy application references network files via their full UNC path (like “\\ServerName\ShareName\Path”) it will be fine as a windows service. But if your program uses files via a mapped drive (like “J:\Path”, where J is mapped to “\\ServerName\ShareName\”), a service may not be in your future.

    Mapped drives may not be an issue when using AlwaysUp though. Most drives will be mapped and available to your application if you check the “Attempt to automatically reconnect all network drives” box on the Startup tab when configuring your application.

Next step? Try it yourself!

If none of these questions have ruled out your legacy/desktop application, you should go ahead and try it as a windows service. Any service wrapper (like AlwaysUp) will do the trick in a few minutes. What have you got to lose?

Posted in Windows Services | Tagged , , , | Leave a comment

Q & A: Why does Dropbox Stop Syncing my Files?

Q & A - Dropbox

We are currently using AlwaysUp for one of our customers to run Dropbox (inside a terminal server). Lately we have been having an issue where items stop syncing to Dropbox however AlwaysUp says the state is running. In order to get this working again we need to restart the Dropbox service using AlwaysUp. Any support would be appreciated.

— Fulton @ Logical Solutions

Hi Fulton. Based on what we have seen with other customers, these are the likely culprits:

Dropbox is automatically upgrading itself

Dropbox is designed to automatically download and install new versions of itself. This feature does a great job of keeping your software up to date (applying necessary security patches as soon as possible), but it can lead to unexpected behavior when running in a 24×7 environment. What happens if something goes wrong? Suppose there is a “bad build”? And how do we prevent AlwaysUp from launching new copies of Dropbox as it goes up and down while the update is being applied?

This article on Dropbox auto-updates describes a solution. Please review and apply the recommended settings to avoid interruption in the face of automatic updates.

Your Dropbox folder was temporarily inaccessible

Dropbox will stop dead in its tracks if it is unable to access the folder holding shared files. It may throw up a message like this:

Is your Dropbox folder on a network drive? Perhaps there was a problem getting to the network as your machine booted. If that is the case, we recommend setting Dropbox to startup Automatically, but shortly after the computer boots. This will give critical services an extra 1-2 minutes to properly initialize before the software tries to access your network folder.

Dropbox is running into another transient problem

Problems are not limited to network drives. There are a host of other reasons why Dropbox will fail to start properly. These include:

In these situations, Dropbox may be trying to tell you what is wrong. But because it is running in the background as a windows service, you will not see any error popups on your desktop.

When you discover that Dropbox isn’t working, try switching to Session 0 to see if Dropbox is showing an error message:

A helpful error message may indicate how to resolve the problem.

Please be sure to get in touch if none of these tips help your situation!

Posted in AlwaysUp | Tagged , , , | Leave a comment

Q & A: Can AlwaysUp Kill & Restart my Idle Application?

Q & A

I’m using ncrack to monitor our network. I recently started running it as a windows service under AlwaysUp. Everything is working perfectly except that sometimes ncrack stops capturing traffic. The CPU goes to zero and nothing else is written to the log files. Is there some way to get AlwaysUp to terminate ncrack and start a fresh instance?

— Michael

Hi Michael. AlwaysUp doesn’t have an “idle CPU” monitor built in, but you can use a Sanity Check Plugin to solve your problem.

What is a “Sanity Check Plugin” you ask?

The Sanity Check feature allows AlwaysUp to detect arbitrary problems with your application running as a windows service. At its heart is a special plugin (a script or executable) that informs AlwaysUp when decisive action — such as restarting your application or rebooting the machine — is necessary. Dig into the technical details at the Sanity Check page.

Our pre-configured CheckForCPUActivity plugin will empower AlwaysUp to restart ncrack if it sits idle for too long. Here is how to set it up:

  1. First, make sure that you have AlwaysUp version 10.2 or later on your machine. That release (from June 2017) introduced important enhancements to the Sanity Check feature.

    Select Help > About AlwaysUp… to check what version of AlwaysUp you have installed:

  2. Next, download the CheckForCPUActivity utility from our web site. Save it in your AlwaysUp installation folder, usually C:\Program Files (x86)\AlwaysUp\

  3. Edit your application in AlwaysUp.

  4. Switch to the Monitor tab. Check the Whenever it fails a “sanity check” box and click the triple-dots button:

  5. Working with the “Configure Sanity Check” window that comes up:

    1. In the Run field, enter the following command line:

      "C:\Program Files (x86)\AlwaysUp
      \CheckForCPUActivity.exe" $ALWAYSUP_PID 60

      This will check ncrack for any CPU activity over 60 seconds.

    2. Using the Every controls, specify how often AlwaysUp should inspect ncrack. Every 10 minutes should be sufficient but feel free to tune as you like.

    3. Click the OK button.

  6. And finally, click the Save >> button to record your changes.

With these settings in place, AlwaysUp will launch CheckForCPUActivity every 10 minutes. Each run will watch ncrack for 60 seconds and if no CPU activity is detected over that period, AlwaysUp will restart ncrack.

A note to other customers: This approach will work with any application where minimal CPU usage indicates a failure. The solution presented is not specific to ncrack.

Best of luck with your windows service!

Posted in AlwaysUp | Tagged , , , , | Leave a comment

Q & A: Will Service Protector Start Automatically When My Server Reboots?

Q & A

Hello, I’m testing your Service Protector program and I was wondering if it starts automatically when my server reboots? I didn’t notice an option for that. I have my server restart every night, will this be an issue with the trial version?

— James

Hi James. Yes, Service Protector will automatically start to protect your service whenever your server reboots. Restarting your server every night will not pose a problem.

You can’t find an option to automatically restart because there isn’t one! That functionality is built in. And the desktop application you run to setup your windows service will not start because it doesn’t need to. Confused? Let me explain…

You see, Service Protector has a couple of parts:

  1. The desktop application you run to configure your windows services

    When you install Service Protector, a convenient shortcut will be created on your desktop:

    Service Protector Desktop Icon

    Double-clicking that shortcut will launch Service Protector:

    Service Protector Management Program

    But this application is merely a management utility, a “waiter/waitress” in the restaurant.

    You use this management utility to:

    • choose the windows service you wish to keep running 24/7
    • specify the options for monitoring the service
    • view daily and weekly performance reports, and more

    This GUI utility does not monitor your services (or do any cooking, if we keep the restaurant analogy going). Therefore it does not need to start when your computer boots. You run it on demand, whenever you need to interact with Service Protector.

  2. An invisible/background component that babysits each of your windows services

    Whenever you setup a service to be monitored (like the Print Spooler in the screenshot above), a background program is deployed to do the work. That program is completely invisible and the only way to see it is by using the Windows Task Manager (or a relative, like the excellent Process Explorer).

    Look for ServiceProtectorAgent.exe. Here it is watching the Print Spooler on Windows Server 2016:

    ServiceProtectorAgent.exe in Task Manager

    Note that this component is itself a windows service! If your service is named “Spooler”, you will find a new service called “ServiceProtector: Spooler” on your machine:

    Service Protector Spooler Service

    The service’s startup type will be “Automatic”, to ensure that the Agent starts as soon as your machine boots. You never have to start it yourself.

    So to complete the analogy, this background component is the restaurant chef — busy in the kitchen cooking the meals submitted by the waiter/waitress.

Hopefully it makes sense now! Please let us know if not. But the bottom line is that we’ve got you covered. :)

Posted in Service Protector | Tagged , , | Leave a comment

Q & A: How do I force my .NET console application to run 64-bit?

Q & A - .NET

We have installed AlwaysUp version (Sep. 2 2016) on Windows Server 2012 R2 Standard. We have multiple jobs that run a 64-bit .NET Console Application as a windows service, but we keep getting a SystemOutMemoryException error. What we found watching the Task Manager is that the EXE always runs as 32-bit. How do we get AlwaysUp to run the console app as 64-bit?

— Clayton

Hi Clayton. There are a couple of ways to force your .NET application to run in 64-bit mode:

  1. Build a 64-Bit .NET Version

    If you use Microsoft’s Visual Studio, the build configuration is likely be set to Any CPU (the default):

    Visual Studio Any CPU Configuration

    This will produce an executable that will run in either 32-bit or 64-bit mode, depending on the version of .NET available.

    To run your executable in 64-bit only, change the configuration to x64 and rebuild.

    If your project doesn’t have a x64 configuration, create one like this:

    1. Select Build > Configuration Manager…

    2. In the Configuration Manager,

    3. click the Active solution platform entry and select <New> from the menu that appears:

      Create a New Visual Studio Configuration

    4. In the New Solution Platform window, choose x64 in the top box. We recommend copying settings from Any CPU and creating new project platforms (the default):

      Create a New Visual Studio Configuration: Select x64

    5. Click the OK button to record your changes. Close the Configuration Manager

    6. You should now have x64 as a build option. Set it and recompile to produce a 64-bit only executable:

      Activate the x64 Configuration in Visual Studio

  2. Use CorFlags to Force .NET 64-Bit

    If your application is built with “Any CPU” but you can’t rebuild it in Visual Studio, Microsoft’s free CorFlags utility will come to the rescue.

    Corflags.exe is distributed with the Windows 10 SDK. Be sure to select the “.NET Development Tools” component when installing.

    We actually found the CorFlags exe file in a couple of places on our hard drive:

    C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6.1 Tools\Corflags.exe

    C:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\Bin\Corflags.exe

    You may find CorFlags in older .NET SDK installations as well — it has been around since the release of .NET 2.0 (2005).

    Once you have located CorFlags:

    1. Make a copy of the executable you want to run in 64-bit. The application we used for testing is called SystemInfoDotNet.exe, so we copied it to SystemInfoDotNet64.exe.

    2. Open a command prompt with admin rights.

    3. CD to the folder containing the copied application.

    4. Run CorFlags on the copied application file. Specify the /32BIT- option to strip away the ability to run in 32-bit mode:

      Run CorFlags /32BIT-

    The copied executable will always run in 64-bit mode.

    For example, our SystemInfoDotNet utility — which displays basic process and system information — normally runs in 32-bit mode:

    SystemInfoDotNet running before CorFlags

    But after running CorFlags on SystemInfoDotNet64, it magically runs in 64-bit mode:

    SystemInfoDotNet running after CorFlags

Best of luck with your .NET application Clayton!

Posted in AlwaysUp | Tagged , , , , , , | Leave a comment

Q & A: How Can I Generate a Crash Dump Before AlwaysUp Restarts my Application?

Q & A

Occasionally the application we’re running as a service stops responding, resulting in AlwaysUp restarting it. We would like to run a script prior to the restart to try to generate a crash-dump file so we can find out where the problem is. Is that possible?

— Kelly @ Sabre

Hi Kelly. Sorry to hear of the trouble! Please follow these steps to automatically generate a crash dump whenever your application terminates:

  1. Download & install Microsoft’s free ProcDump utility

    ProcDump — yet another excellent utility from the Sysinternals team — easily creates a dump file from any running process. It is our tool of choice when exploring application crashes.

    Download the ProcDump .Zip package and extract all files to a convenient location. We have placed the files in “C:\Apps\ProcDump” for this article.

    Be sure to run ProcDump at least once and accept the Sysinternals EULA. We don’t want the utility to hang when we run it unattended as a background service!

  2. Compose the command line to capture a crash dump when your application stops

    ProcDump features an impressive set of command line options. Please review and identify the flags that work best for your situation.

    For example, we use this command to dump the notepad.exe application whenever it stops running:

    c:\Apps\ProcDump\procdump.exe -t notepad

    Please ensure that this command works as expected. Start your application, run the command and then terminate your application. Is a dump file created? Troubleshot and fix if not.

  3. Setup your ProcDump command as a Windows Service in AlwaysUp

    Your application is running 24×7. To configure ProcDump to operate on the same schedule and capture the dump file at any time:

    1. Start AlwaysUp and select Application > Add… to bring up the Add Application window.

    2. On the General tab:

      In the Name field, enter a suitable name for this new service. We have used “ProcDump Notepad”.

      In the Application field, enter the full path to ProcDump.exe.

      In the Arguments field, provide the command line options you developed in step 2. Be sure to add the -w flag, which will cause ProcDump to wait for your app to launch if necessary.

      And in the Start in directory field, enter the folder where you want the dump files to be written. (Leaving this blank will cause dump files to be created in the ProcDump folder.)

      ProcDump Notepad Service Settings - General

    3. On the Logon tab, specify your windows account. ProcDump should run in this account since you know it works there (and that the EULA has been accepted).

      ProcDump Notepad Service Settings - Logon

    4. Click the Save >> button to record the ProcDump service.

    5. And finally, start your new service (from the Application menu).

      Here is what the finished setup looks like for us, with Notepad running as a service and ProcDump monitoring it (also as a service):

      ProcDump Notepad Service Settings - Logon

  4. Test

    Now that everything is in place, you should confirm that a crash dump will be created whenever your application stops.

    Open the Task Manager and kill your application. Does a new dump file appear in the expected location? If not, please review all the steps and ensure that nothing was missed.

Best of luck debugging your program!

Posted in AlwaysUp | Tagged , , , , | Leave a comment

Q & A: How Do I Turn Off Service Protector During Scheduled Maintenance?

Q & A

Wanted to know if there’s a way for Service Protector to not monitor a service during a patching period of time? Or any scheduled period of time without sending a million alerts?

— Mark @ Red Roof Inns

Hi Mark. Apologies for the barrage of unnecessary emails! Unfortunately Service Protector doesn’t know that it is OK for your service to be down while you are patching. It is diligently doing its job.

To avoid the false alarms, we recommend shutting down Service Protector at the start of your maintenance window and reactivating it once patching has concluded. These operations can be performed from the Service Protector GUI or with the standard Windows NET command.

You see, Service Protector creates a Windows Service for each service it monitors. If your service is named “MyService”, then Service Protector creates a service called “ServiceProtector: MyService” to watch your target service. Here is what it looks like for the “Print Spooler” service on our Windows Server 2016 machine:

Note that the service name may not be the same as the friendly “display name” you see in Service Protector (and Services.msc). For example, the service name of the “Print Spooler” service is actually “Spooler”:

This post shows how to find the service name.

How to Stop Protection at the Start of Maintenance

  • Stopping From the GUI

    Select Stop <ServiceName> from the Protector menu. This will shut down Service Protector but will leave your target service running:

    Stop Protecting your Windows Service

  • Stopping From the Command Line

    This command will stop the instance of Service Protector monitoring a service named “MyService”:

    NET STOP “ServiceProtector: MyService”

    Here is what the process looks like for the Spooler service:

    Run NET STOP

    Simply run the NET STOP command before patching starts.

How to Restart Protection at the End of Maintenance

  • Starting From the GUI

    Select Start <ServiceName> from the Protector menu. This will fire up Service Protector — and your target service if it’s idle:

    Start Protecting your Windows Service

  • Starting From the Command Line

    A slightly different version of the NET command will restart the instance of Service Protector monitoring a service named “MyService”:

    NET START “ServiceProtector: MyService”

    Restarting protection for the Spooler service looks like this:


    Run the NET START command once your system is back to normal.

How to Stop and Restart Service Protection Automatically

For patching that occurs at a defined time, we recommend using the Windows Task Scheduler to automate the process. Create a pair of scheduled tasks — one to stop protection and the other to restart it.

For example, if maintenance occurs every Saturdays from 1 AM to 3 AM, your first scheduled task could run NET STOP at 12:59 AM. The second task could be configured to run NET START at 3:01 AM.

Posted in Service Protector | Tagged , , , , , | Leave a comment