Microsoft choose to run programs as 'services'. Novell's equivalent are NLM
(Netware Loadable modules), while Unix uses Daemons, but Microsoft choose
services as a vehicle to run their executables. Traditionally, you access
the services from the administrative tools folder, however, I prefer to add
services as a snap-in to my MMC.
Maleware, virus, Trojan horses, what ever you call these evil programs they
often install themselves as a service. On the other hand, my virus checker
AVG6 also installs itself as a service. So this is why you need the skill
to identify the good services from the baddies.
My best advice is to go through each service and decide if your server needs the
underlying feature. There are two advantages of this approach, firstly you
learn how Windows 2003's mind works, secondly your server will run faster and
more securely if you disable unwanted services.
Which Startup type to configure?
Each service has 3 settings, Automatic, Manual and Disabled. If in doubt leave the
Startup type as it is. However, if its a service that is not required for that
particular server, consider switching from Automatic to Manual. Manual
means that programs that need that service can start it on demand. Reserve
the Disabled setting for services you are pretty sure that you will never need.
The other factor with services is the 'Log on as' account. Most services
are configured for the built-in account called Local System. A few like SQL
require a regular user account. Take care that any user accounts
have the correct privileges, such as can act as part of the operating system or
can log on as a batch job. Check SQL setup guide for instructions on how
to configure such accounts. Beware of the trap, the account fails because
it cannot change its password, so always set the option 'Password Never
Expires'.
Only you can know or discover which are the top 10 services on your server. Each
of my choices was made on the basis that you can use services to learn about the
operating, while at the same time improving your servers' performances.
Dependencies are well worth a look, especially if want to see how services are
related. For instance, if DFS (Distributed File System) is not working, it
may be because the Server Service has failed and DFS relies on the Server
service.
Workstation and Server Service
Together these two services make the client / server technology work.
Workstation is your 'go-getter' or redirector. The workstation service makes request to other
servers, for example, for logon, DFS or printing.
The Server Service is the mirror image, the component that responds to requests
from Workstation services on other machines and supplies the files, information
or service requested. Naturally, the server service contacts the security
sub-system to check that the client does indeed have the necessary permissions
for the resource.
This reminds me that in Windows 2000 and 2003 that you can start and stop
services which have hung, rather than suffer a 10 minute wait while you reboot
the server. Print Spooler was the very first service that I used this
restart technique, but nowadays, I apply the principle to other services, for
example, Exchange System
Attendant. My reason is that I want to save that ten minute reboot.
More Information. As an MCT trainer, I can thoroughly endorse TrainSignal because they
deliver practical hands on training. In particular, I like the way that TrainSignal cover all learning methods, instructor lead, video and of course text material. You can either take one module,
for example File Server or go for a combination of modules.
See more about Windows 2003 training here
If you are using Exchange 2003 or 2000 then Outlook Web Access needs WWW to
render the pages. Alternatively, if you are publishing a website
using IIS then you need this service, otherwise disable it for security reasons.
Here is an example of understanding what the service does, such information
would help in troubleshooting OWA.
Firstly, watch out for spelling and alphabetical order, I keep looking down at
the bottom under 'U' for updates, whereas I should be looking under 'A' for
automatic.
Automatic Update service probably causes more debate than any other service.
Perhaps my greatest help is pointing out that you have control over those
irritating bubbles that pop-up and ask you to contact Microsoft for the latest
patch. However, others will tell you that these updates have been a life
saver in preventing, viruses attacking their servers.
Viruses target FTP as a service which will spread their evil to other machines.
So if you are not using FTP to copy files then I would disable FTP, if
you just set to Manual, the virus may be able to switch FTP to automatic.
Disable Telnet unless you have a business use. This is another favourite service
for viruses and hackers to hitch a ride and wreck havoc.
A great additional service for Windows Server 2003. Learning point, check
which services are new in Windows Server 2003.
Make sure that Volume Shadow Copy service is running because this permits true
online backups.
See more here.
Guy
recommends: The SolarWinds ipMonitor
My attraction to
ipMonitor is
because it inhabits that zone of part work, part
play; Guy just could not put the dashboard away. This excellent performance
monitor will get you started in the quest to remove bottlenecks on your network. SolarWinds provides this fully-functioning product free for 21 days. So
download
and install ipMonitor, then start scrutinizing your computers CPU, memory and disk
performance. You can also select from zillions more performance counters such as
fan temperature and battery level.
Installing ipMonitor is a breeze, but learn from gung-ho Guy's mistake and
install SNMP on each computer that you wish to monitor. What sealed my
unreserved recommendation of SolarWinds is their support team, you will get
expert help even when you are evaluating the ipMonitor.
I mention this service because many administrators overlook the fact that XP
machines can automatically synchronize with a domain controller.
Consequently, you do
not need 'NET TIME' commands in logon scripts. Administrators are rightly
concerned that machines clocks should be within a few minutes of the server,
otherwise Kerberos security will think that its packets have been hacked.
The result is that users will not be able to logon because Kerberos security
thinks that it has been compromised.
Some administrators use Group Policies to turn this off the Remote Desktop
services. But I think its a pity if they deny users access
to their own desktop from a distant machine. Learning point: you can use
Group Policy to configure the Startup type of any service.
Firstly be aware that there are two similar services for producing screen
messages. The distinction is not easy, however, the Alerter Service is
used by SQL and other server type programs, where as Messenger is used by client
type programs.
If you are setting performance monitor alerts then you will only receive
notification if the Alerter service is running. The Messenger service
delivers those 'Net Send' pop-up boxes. Here it's horses for courses, if
you are using perfmon or 'pop-up' programs then you need these services, else
set them to manual.
This is wonderful technology. The only slight surprise is that Terminal
Services is implemented as a service rather than a series of .exe files.
See more about Terminal Services here.
