Manage Windows Services

Getting started with PowerShell Using PowerShell in practice Manage Windows Services

I. Introduction

In this chapter, we will use PowerShell to manage Windows services so that you can list services, configure them, and also start and stop them, from the console or a PowerShell script.

To manipulate Windows services with PowerShell, we can use several cmdlets present in the “Microsoft.PowerShell.Management” module natively integrated into Windows:

  • Get-Service: list Windows services
  • New-Service: create a new service
  • Remove-Service: delete a service
  • Set-Service: modify the configuration of an existing service
  • Restart-Service: restart a service
  • Suspend-Service: suspend a service
  • Resume-Service: resume a (suspended) service
  • Start-Service: start a service
  • Stop-Service: stop a service

If we disregard PowerShell, managing Windows services from the command line is done via the “sc.exe” (Service Control) tool natively integrated into the operating system.

II. List Services

To list services with PowerShell, we must use the “Get-Service” cmdlet. Without parameters or filters, it will return the list of all parameters present on the local machine with three properties: Status, Name, and DisplayName. Each service has a set of properties. 

Get-Service

Using Where-Object, we can filter this output. For example, we can list only the services currently running: 

Get-Service | Where-Object { $_.Status -eq "Running" }

Furthermore, you can search for a service using a keyword. This is useful when you're looking for a service but have forgotten its exact name. Here, we'll get a list of all services whose display name contains the keyword “firewall”. 

Get-Service | Where-Object { $_.DisplayName -like "*firewall*" }

Thus, we obtain a list with one or more services, depending on the query.

III. Configure a Service

Within the Windows operating system, each service has its own configuration with several parameters: a startup type, a state, an associated account to run the service, startup parameters, etc. With the “Set-Service” cmdlet in PowerShell, we can modify a service's configuration.

We will modify the configuration of the Windows “Fax” service, as it is rarely used, so we won't affect the proper functioning of the system in case of mishandling.

We can modify the service startup type. Currently, it is set to “Manual” startup type; we will disable it. There are several possible values: Automatic, Boot, Disabled, Manual, System. You must run a PowerShell console as an administrator to execute the command below, as it requires elevated privileges. 

Set-Service -Name Fax -StartupType Disabled

We could even change the display name of this service. This would allow us to use the display name “Fax (Facsimile)” instead of “Fax”. Similarly, with the “-Description” parameter, we could modify the description of this service. 

Set-Service -Name Fax -DisplayName "Fax (Facsimile)"

Each time, we identify the service to modify with the “-Name” parameter.

Additionally, we can specify the “-PassThru” parameter, which we find on different cmdlets. It is practical because it displays in the console the object created, modified, or affected by the previous command, whereas by default, this command does not return its result. 

Set-Service -Name Fax -DisplayName "Fax (Facsimile)" -PassThru

Here is the result obtained:

IV. Change the State of a Service

As we mentioned in the introduction, PowerShell provides us with a set of cmdlets to manage the state of a Windows service. They are particularly useful for stopping, starting, or restarting a service, as these are the three most frequently performed actions when we administer a Windows server or workstation.

Each time, we can use the parameter “-Name” or “-DisplayName” to act on the service, depending on the information we have.

  • Start a service:
Start-Service -Name <Service name>
Start-Service -DisplayName <Service Display Name>
  • Restart a service:
Restart-Service -Name <Service name>
Restart-Service -DisplayName <Service Display Name>
  • Stop a service:
Stop-Service -Name <Service name>
Stop-Service -DisplayName <Service Display Name>

It should be noted that this cmdlet has the “-Force” parameter to force the stopping of a service, which can be useful in certain situations if a service refuses to stop.

Furthermore, you should know that the Get-Service cmdlet contains several methods allowing you to act on the state of a service. For example, we have the Start() method to start a service and the Stop() method to stop a service.

Here's how to act on the “wuauserv” service which corresponds to Windows Update (this service is stopped, except when you're searching for updates on your machine or updates are being installed):

(Get-Service -Name wuauserv).Start()
(Get-Service -Name wuauserv).Stop()

V. Remove a service

PowerShell 6.0 introduced the “Remove-Service” cmdlet whose objective is to remove a Windows service. It complements the family of cmdlets dedicated to service management.

This cmdlet is used as follows:

Remove-Service -Name "<Service Name>"

Caution, this action is irreversible. This cmdlet removes the Windows service from the Registry and from the service database. If you delete a service by mistake, you must recreate it from scratch. If you're not using PowerShell 6 or 7, but your machine only has Windows PowerShell 5.1 (or a lower version), know that you can remove a service with the sc.exe tool:

sc.exe delete "<Service Name>"

VI. Conclusion

After reading this chapter, you should be able to use the PowerShell cmdlets related to Windows service management.

Previous Topic
Back to Lesson
Next Topic
Share on X Share on Facebook Share on Linkedin Send by e-mail

You May Also Like

Linux - How to Forward Logs to Graylog Using Rsyslog

Linux : send logs to Graylog with rsyslog

Florian Burnel 0
Linux - Master File Permissions with the chmod Command

Linux : how to manage permissions with the chmod command?

Florian Burnel 0