Chapter 9. Services and processes
This chapter covers
- Discovering services and their load order
- Configuring services
- Managing processes through their lifecycle
- Working with process events
Operating system components and applications run as processes on Windows systems. Examples of operating system processes include the Local Security Authority Process (lsass.exe), Windows Explorer (explorer.exe), and the Desktop Window Manager (dwm.exe). Processes created by applications could include Word, Notepad, or PowerShell.
A service is a process that’s controlled by the Service Control Manager, such as DNS, Net Logon, Exchange, or SQL Server. Services usually start when the system boots up and runs in the background.
Tip
Run the scripts in this chapter from PowerShell, or the ISE, when it has been started with elevated privileges. You’ll get partial information returned or errors if you run with PowerShell started as normal.
This chapter opens by examining how you can interact with the services on local and remote machines. WMI enables you to discover information about services that you can’t get through the PowerShell cmdlets, and configuration can be simpler when working through WMI. Services, and their dependencies, have to be loaded in a particular order—the order and the list of dependencies form a useful troubleshooting tool when services won’t start.