With Windows Admin Center, administrators can perform many routine tasks from the browser, including:
List all processes on your PC
Start a new program or terminate one already running
Start, stop or restart any windows service
Browse the event logs
Navigate the registry
Change an account’s password
Check out WAC’s left sidebar to get an idea of what is possible:
As experts in Windows Services, we were very excited to see what Microsoft is doing in that area! This article highlights the functionality we discovered in the Services section.
Working with Windows Services
When you click Services in the left sidebar, a list of all windows services installed on your computer is displayed on the right. Here we see that there are a whopping 241 services available on our Windows 10 machine!
The ability to search comes in handy when you are looking for a specific service. Type in a few characters to match on the name, display name and description fields:
Select a service from the list to reveal its very basic details in the panel below. Only the service’s name, display name, description and a list of dependent services are shown:
You can start, stop, pause or resume the selected service using the buttons at the top. There is no button to restart the service, but obviously that can be achieved by stopping then starting again.
To show additional details and update the service, click the Settings button at the top. Here is what we see for the important Dhcp service:
In the General section, you can change the service’s startup mode to dictate when Windows launches the service. Curiously, Automatic (Delayed Start) is not an option!
Microsoft will surely rectify that oversight soon.
Another surprise: You can alter the service’s command line (path to executable)! In that respect, WAC is more powerful than the venerable Services Control Panel application, which shows the image path as read-only.
If you click over to the Log On section, you can set the account in which the service will run. No surprises there:
In the Recovery section, specify one of four actions to be taken if the service fails:
Note that not all options available in Services.msc are configurable here. For example, you cannot append a fail count to the end of a command line or configure options when restarting the computer:
Be cautious when changing your service’s recovery settings from WAC!
Installing Windows Admin Center: The Fine Print
While we were clearly able to get WAC up and running, we encountered a few obstacles along the way. We mention them here for future travelers:
WAC has only been tested with the Microsoft Edge and Google Chrome browsers on Windows 10. Firefox fanatics and Safari supporters may be out of luck.
If you have trouble with authentication, make sure that the WinRM service is running. Despite being configured to start automatically, that service wasn’t running and we had to start it manually on our PC.
Run NET START WinRM to do the honors.
After we added our PC to the list and tried to connect, WAC repeatedly told us that our credentials weren’t valid. We tried several accounts (all with admin access) to no avail.
The problem? Our PC is in a Workgroup instead of a Domain and we’re not using the builtin admin account. Fortunately we came across this page which advised us to run this magical command (verbatim) from an elevated prompt:
I’m running on Windows Server 2016. I have noticed on my most recent install that AlwaysUp doesn’t start at boot, I have to do an interactive/RDP login and then open the AlwaysUp GUI to have the services started. Is there any setting that I need to change to make this happen please?
If your application depends on a service, then you should configure the dependency on the Startup tab. Check the Ensure that the following services have started box and select your service from the list below:
However, this setting may not work as expected. While it ensures that the critical service has started before AlwaysUp launches your application, there is no guarantee that the service will actually be ready.
For example, suppose the Redis service takes a minute to initialize before connections are accepted. If your application tries to start before those 60 seconds have elapsed, it will fail to connect to Redis and will likely crash or exit with an error.
You are running AlwaysUp on a Domain Controller (DC)
Let’s say that your machine is a Domain Controller and you have specified a domain account on the AlwaysUp Logon tab. If Windows tries to kick off AlwaysUp before the DC is fully ready, the AlwaysUp service will fail to start because it can’t log in. You will see a cryptic message like this in the Windows/Application section of the Event Log:
To resolve this scenario, add a dependency on the “Workstation” service on the AlwaysUp Startup tab. Some customers have had success with that change but it hasn’t worked for others.
General Solution: Delayed Startup on Boot
Irrespective of the underlying problem, many customers have profited from a simple solution: delaying the startup of your AlwaysUp application. Your application is very likely to start properly once it avoids the “mad rush” of programs straining to start as your PC comes alive.
To delay startup, choose the Automatically, but shortly after the computer boots option on the General tab:
I have tried AlwaysUp to let OneDrive run as a service. Everything works perfectly, but is it possible to create multiple OneDrive services? I have tried it and when I start the second service event logs suggest that the application crashed.
Hi Bernhard. Here is what we have learned from experimenting with Microsoft OneDrive on our Windows Server 2016 machine:
You can run multiple copies of OneDrive on your PC
We created two user accounts and installed OneDrive in each. Setup went smoothly and both users were able to start OneDrive normally. Here you can see the two copies of the executable running in the Task Manager:
Next, we installed OneDrive as a windows service in one of the accounts. That arrangement worked fine as well, with a copy of OneDrive.exe running in the isolated Session 0 and another in a regular, interactive login session (#3):
Note that we had to turn off the “Stop all copies…” setting on the AlwaysUp Startup tab (to avoid terminating the non-service copy):
But you cannot run multiple copies of OneDrive in one Login Session
When we setup both users to run OneDrive as a windows service, the first copy started but the second one failed. AlwaysUp kept trying to launch OneDrive, but it simply refused to start:
It seems that multiple copies of OneDrive won’t run in Session 0.
Removing AlwaysUp from the equation, we see the same behavior in a regular login session. The first instance of OneDrive started fine, with the usual “clouds” tray icon showing up on the taskbar. However, when we launched a second copy:
A new OneDrive.exe process appeared in Task Manager (in the Details/Advanced tab)
A File Explorer window opened, listing the contents of our OneDrive folder
The new process exited, disappearing from Task Manager
It is very likely that the second copy of OneDrive, on detecting an instance already operating in the same session, sent an “activate yourself” message to the first before promptly quitting. As far as we can tell, this is how the folks at Microsoft have designed OneDrive to work. There is no way around it.
So no, you will not be able to run multiple copies of OneDrive as windows services in Session 0 with AlwaysUp.
However, all may not be lost, because…
You can run a single OneDrive with two cloud accounts
Instead of running two copies of the OneDrive application, you may be able to serve two online accounts with a single instance of OneDrive.
To set up a second account:
Right-click the OneDrive task tray icon ()and select Settings
In the window that appears, move to the Account tab
Click the Add an account button
Sign in to OneDrive with the email address and password of your second online account:
Click OK to dismiss the settings window and save your changes.
You should now see two OneDrive cloud icons in your task tray. And when you start OneDrive as a windows service with AlwaysUp, both accounts should be synchronized.
Does your old (but important) desktop application need to run all the time?
Should it start immediately after a reboot, even when no one is there to log on and kick it off?
If so, you should consider installing your program as a Windows Service — the technology Microsoft invented to support mission-critical, 24×7 applications. Use a “service wrapper” (like our AlwaysUp) to install your application as a service in 5-10 minutes.
But not all legacy applications will operate smoothly when installed as a service. Here are three questions you should ask to determine if a windows service is a good fit for your situation:
Do you need to see (or interact with) your program while it’s running?
Windows services run in the background. Any windows displayed by a service appear on a “hidden desktop” called Session 0. When your legacy application is running as a service, you will not see its windows on your own desktop.
As a consequence, it doesn’t make much sense to run an intensively interactive application (like a word processor) as a windows service. Indeed, any application that demands your constant attention will be a poor fit. Does yours?
But if you only need to see your application from time to time, a service may still be an option because you can quickly switch to the Session 0 desktop whenever you need to see your application.
Even though there is no taskbar and the usual desktop icons have vanished, we can interact with iTunes just fine in Session 0. For example, we were able to add tracks to iTunes, create a playlist, and even change settings — just as we would if iTunes was running on our regular desktop.
So is occasionally switching to Session 0 good enough for your situation? If not, you should rule out a windows service.
Will your application occasionally prompt for input?
An application that periodically pops up windows and expects you to respond can be a problem when installed as a windows service. Those popups/windows will appear on the Session 0 desktop — effectively hidden from you. You will not know that your program is stuck waiting for you to enter a password or click the OK button!
So a “needy” application is not a great candidate for running in the background as a windows service. Does your legacy application fit the mold?
However, if you only have to get past one or two prompts, our AlwaysUp service wrapper may provide an elegant solution. Simply write an automation script that dismisses the prompt and plug the script into AlwaysUp. This page dives into the details.
For example, when launching iTunes as a service, this error message is the first to appear:
Clicking the “X” in the title bar will expel the window and allow iTunes to start. To achieve the same effect when no one is around to click, we provided this simple one-line script (which sends the “ESC” key to the iTunes window) to AlwaysUp. Now AlwaysUp automatically dismisses the warning on our behalf whenever it appears!
Does your application read from or write to files on a network drive?
Like a regular application, a windows service can access remote/network devices. Permissions are granted based on the account running the service.
However, a service can’t use a mapped drive — at least not without some extra work to explicitly map the drive letter.
So if your legacy application references network files via their full UNC path (like “\\ServerName\ShareName\Path”) it will be fine as a windows service. But if your program uses files via a mapped drive (like “J:\Path”, where J is mapped to “\\ServerName\ShareName\”), a service may not be in your future.
Mapped drives may not be an issue when using AlwaysUp though. Most drives will be mapped and available to your application if you check the “Attempt to automatically reconnect all network drives” box on the Startup tab when configuring your application.
Next step? Try it yourself!
If none of these questions have ruled out your legacy/desktop application, you should go ahead and try it as a windows service. Any service wrapper (like AlwaysUp) will do the trick in a few minutes. What have you got to lose?
We are currently using AlwaysUp for one of our customers to run Dropbox (inside a terminal server). Lately we have been having an issue where items stop syncing to Dropbox however AlwaysUp says the state is running. In order to get this working again we need to restart the Dropbox service using AlwaysUp. Any support would be appreciated.
Hi Fulton. Based on what we have seen with other customers, these are the likely culprits:
Dropbox is automatically upgrading itself
Dropbox is designed to automatically download and install new versions of itself. This feature does a great job of keeping your software up to date (applying necessary security patches as soon as possible), but it can lead to unexpected behavior when running in a 24×7 environment. What happens if something goes wrong? Suppose there is a “bad build”? And how do we prevent AlwaysUp from launching new copies of Dropbox as it goes up and down while the update is being applied?
Dropbox will stop dead in its tracks if it is unable to access the folder holding shared files. It may throw up a message like this:
Is your Dropbox folder on a network drive? Perhaps there was a problem getting to the network as your machine booted. If that is the case, we recommend setting Dropbox to startup Automatically, but shortly after the computer boots. This will give critical services an extra 1-2 minutes to properly initialize before the software tries to access your network folder.
Dropbox is running into another transient problem
Problems are not limited to network drives. There are a host of other reasons why Dropbox will fail to start properly. These include:
I’m using ncrack to monitor our network. I recently started running it as a windows service under AlwaysUp. Everything is working perfectly except that sometimes ncrack stops capturing traffic. The CPU goes to zero and nothing else is written to the log files. Is there some way to get AlwaysUp to terminate ncrack and start a fresh instance?
Hi Michael. AlwaysUp doesn’t have an “idle CPU” monitor built in, but you can use a Sanity Check Plugin to solve your problem.
What is a “Sanity Check Plugin” you ask?
The Sanity Check feature allows AlwaysUp to detect arbitrary problems with your application running as a windows service. At its heart is a special plugin (a script or executable) that informs AlwaysUp when decisive action — such as restarting your application or rebooting the machine — is necessary. Dig into the technical details at the Sanity Check page.
Our pre-configured CheckForCPUActivity plugin will empower AlwaysUp to restart ncrack if it sits idle for too long. Here is how to set it up:
First, make sure that you have AlwaysUp version 10.2 or later on your machine. That release (from June 2017) introduced important enhancements to the Sanity Check feature.
Select Help > About AlwaysUp… to check what version of AlwaysUp you have installed:
Next, download the CheckForCPUActivity utility from our web site. Save it in your AlwaysUp installation folder, usually C:\Program Files (x86)\AlwaysUp\
Edit your application in AlwaysUp.
Switch to the Monitor tab. Check the Whenever it fails a “sanity check” box and click the triple-dots button:
Working with the “Configure Sanity Check” window that comes up:
In the Run field, enter the following command line:
This will check ncrack for any CPU activity over 60 seconds.
Using the Every controls, specify how often AlwaysUp should inspect ncrack. Every 10 minutes should be sufficient but feel free to tune as you like.
Click the OK button.
And finally, click the Save >> button to record your changes.
With these settings in place, AlwaysUp will launch CheckForCPUActivity every 10 minutes. Each run will watch ncrack for 60 seconds and if no CPU activity is detected over that period, AlwaysUp will restart ncrack.
A note to other customers: This approach will work with any application where minimal CPU usage indicates a failure. The solution presented is not specific to ncrack.
Hello, I’m testing your Service Protector program and I was wondering if it starts automatically when my server reboots? I didn’t notice an option for that. I have my server restart every night, will this be an issue with the trial version?
Hi James. Yes, Service Protector will automatically start to protect your service whenever your server reboots. Restarting your server every night will not pose a problem.
You can’t find an option to automatically restart because there isn’t one! That functionality is built in. And the desktop application you run to setup your windows service will not start because it doesn’t need to. Confused? Let me explain…
You see, Service Protector has a couple of parts:
The desktop application you run to configure your windows services
When you install Service Protector, a convenient shortcut will be created on your desktop:
Double-clicking that shortcut will launch Service Protector:
But this application is merely a management utility, a “waiter/waitress” in the restaurant.
You use this management utility to:
choose the windows service you wish to keep running 24/7
specify the options for monitoring the service
view daily and weekly performance reports, and more
This GUI utility does not monitor your services (or do any cooking, if we keep the restaurant analogy going). Therefore it does not need to start when your computer boots. You run it on demand, whenever you need to interact with Service Protector.
An invisible/background component that babysits each of your windows services
Whenever you setup a service to be monitored (like the Print Spooler in the screenshot above), a background program is deployed to do the work. That program is completely invisible and the only way to see it is by using the Windows Task Manager (or a relative, like the excellent Process Explorer).
Look for ServiceProtectorAgent.exe. Here it is watching the Print Spooler on Windows Server 2016:
Note that this component is itself a windows service! If your service is named “Spooler”, you will find a new service called “ServiceProtector: Spooler” on your machine:
The service’s startup type will be “Automatic”, to ensure that the Agent starts as soon as your machine boots. You never have to start it yourself.
So to complete the analogy, this background component is the restaurant chef — busy in the kitchen cooking the meals submitted by the waiter/waitress.
Hopefully it makes sense now! Please let us know if not. But the bottom line is that we’ve got you covered.
We have installed AlwaysUp version 220.127.116.11 (Sep. 2 2016) on Windows Server 2012 R2 Standard. We have multiple jobs that run a 64-bit .NET Console Application as a windows service, but we keep getting a SystemOutMemoryException error. What we found watching the Task Manager is that the EXE always runs as 32-bit. How do we get AlwaysUp to run the console app as 64-bit?
Hi Clayton. There are a couple of ways to force your .NET application to run in 64-bit mode:
Occasionally the application we’re running as a service stops responding, resulting in AlwaysUp restarting it. We would like to run a script prior to the restart to try to generate a crash-dump file so we can find out where the problem is. Is that possible?
Hi Mark. Apologies for the barrage of unnecessary emails! Unfortunately Service Protector doesn’t know that it is OK for your service to be down while you are patching. It is diligently doing its job.
To avoid the false alarms, we recommend shutting down Service Protector at the start of your maintenance window and reactivating it once patching has concluded. These operations can be performed from the Service Protector GUI or with the standard Windows NET command.
You see, Service Protector creates a Windows Service for each service it monitors. If your service is named “MyService”, then Service Protector creates a service called “ServiceProtector: MyService” to watch your target service. Here is what it looks like for the “Print Spooler” service on our Windows Server 2016 machine:
Note that the service name may not be the same as the friendly “display name” you see in Service Protector (and Services.msc). For example, the service name of the “Print Spooler” service is actually “Spooler”:
How to Stop Protection at the Start of Maintenance
Stopping From the GUI
Select Stop <ServiceName> from the Protector menu. This will shut down Service Protector but will leave your target service running:
Stopping From the Command Line
This command will stop the instance of Service Protector monitoring a service named “MyService”:
NET STOP “ServiceProtector: MyService”
Here is what the process looks like for the Spooler service:
Simply run the NET STOP command before patching starts.
How to Restart Protection at the End of Maintenance
Starting From the GUI
Select Start <ServiceName> from the Protector menu. This will fire up Service Protector — and your target service if it’s idle:
Starting From the Command Line
A slightly different version of the NET command will restart the instance of Service Protector monitoring a service named “MyService”:
NET START “ServiceProtector: MyService”
Restarting protection for the Spooler service looks like this:
Run the NET START command once your system is back to normal.
How to Stop and Restart Service Protection Automatically
For patching that occurs at a defined time, we recommend using the Windows Task Scheduler to automate the process. Create a pair of scheduled tasks — one to stop protection and the other to restart it.
For example, if maintenance occurs every Saturdays from 1 AM to 3 AM, your first scheduled task could run NET STOP at 12:59 AM. The second task could be configured to run NET START at 3:01 AM.