How to disable service

(imported topic written by bdoellefeld)

Is it possible to set a service as disabled using BigFix?

(imported comment written by ErnieF91)

You can use the regset command to set the key HKLM\System\CurrentControlSet\Services<service name here>\Start to a 4.

2 is Automatic, 3 is manual and 4 is disabled.

Ernie

(imported comment written by StacyLee)

For Windows all you have to do is find the service in the registry.

For example the messenger service is located at

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Messenger

Then edit the “Start” value to 4 for disabled. You can set up your own task in the Registry wizard. Don’t forget you’ll need to stop the service if it is started. You can add some relevance checking to see if the value is set to anything other than 4 so it can be set automatically reapplied or have the task become relevant again.

(imported comment written by jessewk)

If you have the Security Policy Manager site, you can use the ‘Service Baseline Wizard’ to create policies to require and prohibit services, as well as set the default startup mode.

(imported comment written by bdoellefeld)

Successful, thank you!

(imported comment written by bdoellefeld)

Found this action on another fixlet. Not sure what the other actions are, I assume demand = manual.

wait changeservicestartmode WHATEVER demand

(imported comment written by jessewk)

The options are ‘auto’ ‘demand’ and ‘disabled’.

If you are trying to call changeservicestartmode.exe, it lives in the BES support site so the syntax would be:

wait “{pathname of client folder of site “BESSupport”}/changeservicestartmode.exe” servicename startmode

(imported comment written by lukibest)

How to run service BESCLIENT? when i set up 2 (automatic) it’s change to automatic but it is not running? How to run service BESClient. I can use other software to change samething in register when client disable service besclient to run service but how to run this services?

(imported comment written by ErnieF91)

This is from a task we use to set the service to automatic and then start it without opening a DOS window:

regset "

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\InoTask

" “Start”=dword:00000002

delete __appendfile

delete netquiet.bat

appendfile @ECHO OFF

appendfile start “” /min /b net %1 %2 > NUL 2> NUL

move __appendfile netquiet.bat

wait “{pathname of client folder of site “BESSupport” & “\RunQuiet.exe”}” netquiet.bat start “InoTask”

delete netquiet.bat

(imported comment written by sheikh.shadab91)

Is there any other way, I can start or stop a service rather making use of the appendfile?

My requirement is: to set a service to “disabled” and stop the service instantly. So there are two actions, first one i can do it using

regset "

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Numara

" “Start”=dword:00000004

Can I make use of such simple command to change the service status to “Stop” instantly rather than using complex statements with appendfile?

(imported comment written by jessewk)

You could just call 'dos net stop ’ but you’ll get a DOS window that pops up on screen. If you use the script Ernie posted you won’t get a DOS window. Also there should be very little delay in writing out the netquiet script and then calling it. You’ll get virtually the same performance with either action.

Jesse

(imported comment written by pmullins91)

I like the following to run a single DOS command:

waithidden cmd.exe /c net stop “foo”

(imported comment written by sheikh.shadab91)

Thanks a lot. You saved a lot of overheads. I was trying the same thing with an external vbs. But was wondering how to attach the script with the action script. Now it clicked to me that the same can work directly as well.

waithidden wscript /e:vbs x.vbs

<x.vbs>

Set fso=CreateObject(“Scripting.FileSystemObject”)

Set WshShell=CreateObject(“Wscript.Shell”)

WshShell.Run “net stop Alerter”,0,True

</x.vbs>

One thing I would like to know, if we can embed the vbs within the action script itself using tags like …just exploring.

(imported comment written by jessewk)

The easiest way to embed and run a vb script in an action is something like this:

createfile until END_OF_SCRIPT

END_OF_SCRIPT

delete myscript.vbs
move __createfile myscript.vbs
wait wscript myscript.vbs

Please note that the action Ernie posted above is very well tested and known to work reliably. I’d recommended it over VBS (for example some machines will have WSH disabled).

Jesse

(imported comment written by tscott91)

Using the example: wait “{pathname of client folder of site “BESSupport”}/changeservicestartmode.exe” servicename disabled

what is the

exact

context you would use? Say the service name was “Messenger”

I’ve tried using: wait “{pathname of client folder of site “BESSupport”}/changeservicestartmode.exe” AutoMate6 disabled

as a test but I get “Singular expression refers to nonexistent object”… AutoMate6 is the “ServiceName” when I open it up in services.msc…

Thanks

(imported comment written by MattBoyd)

tscott,

Perhaps you should try this:

waithidden sc.exe config “AutoMate6† start= disabled

I can’t remember if SC.EXE is built into WinXP or if it’s in a Resource Kit. WinVista and Win7 should have it built-in.

(imported comment written by tscott91)

Thanks for the reply boyd… I’d rather have a universal solution that doesn’t require me to get extra files from CD’s etc…

I have Windows 2000, Windows 2003, XP, 7, 2008, and I want something that will work with all…

I’m not sure what the syntax is supposed to be or if it just flat out doesn’t work…

(imported comment written by SystemAdmin)

you could also do something like this to stop it, disable it, and lock it down so Only LocalSystem can start it back up

if 
{(exists service 
"Messenger" and state of service 
"Messenger" as lowercase = 
"running")
} WAITHIDDEN CMD.EXE /C NET STOP 
"Messenger" wait 
"{pathname of client folder of site "BESSupport
"}/changeservicestartmode.exe" 
"Messenger" disabled WAITHIDDEN CMD.EXE /C SC SDSET 
"Messenger" D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU) endif

(imported comment written by tscott91)

Mark Macherey

you could also do something like this to stop it, disable it, and lock it down so Only LocalSystem can start it back up

if {(exists service “Messenger” and state of service “Messenger” as lowercase = “running”)}
WAITHIDDEN CMD.EXE /C NET STOP "Messenger"
wait “{pathname of client folder of site “BESSupport”}/changeservicestartmode.exe” “Messenger” disabled
WAITHIDDEN CMD.EXE /C SC SDSET “Messenger” D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
endif

The “wait “{pathname of client folder of site “BESSupport”}/changeservicestartmode.exe” “Automate6” disabled” still isn’t working for me… I still get the “Singular expression refers to nonexistent object”.

(imported comment written by SystemAdmin)

try this… I had an error in the changeservicestartmode line

if {(exists service "Messenger" and state of service "Messenger" as lowercase = "running")}
WAITHIDDEN CMD.EXE /C NET STOP "Messenger"
wait "{pathname of client folder of site "BESSupport" & "\changeservicestartmode"}" "Messenger" disabled
WAITHIDDEN CMD.EXE /C SC SDSET "Messenger" D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
endif