CreateService参数介绍
SC_HANDLE CreateService(

SC_HANDLE hSCManager, //服务控制管理程序维护的登记数据库的句柄,由系统函数OpenSCManager 返回

LPCTSTR lpServiceName, //以NULL 结尾的服务名,用于创建登记数据库中的关键字

LPCTSTR lpDisplayName, //以NULL 结尾的服务名,用于用户界面标识服务

DWORD dwDesiredAccess, //指定服务返回类型

DWORD dwServiceType, //指定服务类型

DWORD dwStartType, //指定何时启动服务

DWORD dwErrorControl, //指定服务启动失败的严重程度

LPCTSTR lpBinaryPathName, //指定服务程序二进制文件的路径

LPCTSTR lpLoadOrderGroup, //指定顺序装入的服务组名

LPDWORD lpdwTagId, //忽略,NULL

LPCTSTR lpDependencies, //指定启动该服务前必须先启动的服务或服务组

LPCTSTR lpServiceStartName, //以NULL 结尾的字符串,指定服务帐号。如是NULL,则表示使用LocalSystem 帐号

LPCTSTR lpPassword //以NULL 结尾的字符串,指定对应的口令。为NULL表示无口令。但使用LocalSystem时填NULL

);

其中dwStartType取值类型如下:
共有五种启动类型。前三种类型是:SERVICE_AUTO_START、SERVICE_DISABLED 和 SERVICE_DEMAND_START。对应的标准启动类型:自动、禁用和手动,通常使用“计算机管理”管理工具中的“服务”进行配置。后两种类型是:SERVICE_BOOT_START 和 SERVICE_SYSTEM_START,通常用于配置加载设备驱动程序的方式。例如,在启动计算机时或启动 Windows 2000 时加载。

CreateService function

 

Creates a service object and adds it to the specified service control manager database.

Syntax

 
SC_HANDLE WINAPI CreateService(
_In_      SC_HANDLE hSCManager,
_In_      LPCTSTR   lpServiceName,
_In_opt_  LPCTSTR   lpDisplayName,
_In_      DWORD     dwDesiredAccess,
_In_      DWORD     dwServiceType,
_In_      DWORD     dwStartType,
_In_      DWORD     dwErrorControl,
_In_opt_  LPCTSTR   lpBinaryPathName,
_In_opt_  LPCTSTR   lpLoadOrderGroup,
_Out_opt_ LPDWORD   lpdwTagId,
_In_opt_  LPCTSTR   lpDependencies,
_In_opt_  LPCTSTR   lpServiceStartName,
_In_opt_  LPCTSTR   lpPassword
);

Parameters

hSCManager [in]

A handle to the service control manager database. This handle is returned by the OpenSCManager function and must have theSC_MANAGER_CREATE_SERVICE access right. For more information, see Service Security and Access Rights.

lpServiceName [in]

The name of the service to install. The maximum string length is 256 characters. The service control manager database preserves the case of the characters, but service name comparisons are always case insensitive. Forward-slash (/) and backslash (\) are not valid service name characters.

lpDisplayName [in, optional]

The display name to be used by user interface programs to identify the service. This string has a maximum length of 256 characters. The name is case-preserved in the service control manager. Display name comparisons are always case-insensitive.

dwDesiredAccess [in]

The access to the service. Before granting the requested access, the system checks the access token of the calling process. For a list of values, see Service Security and Access Rights.

dwServiceType [in]

The service type. This parameter can be one of the following values.

Value Meaning
SERVICE_ADAPTER
0x00000004

Reserved.

SERVICE_FILE_SYSTEM_DRIVER
0x00000002

File system driver service.

SERVICE_KERNEL_DRIVER
0x00000001

Driver service.

SERVICE_RECOGNIZER_DRIVER
0x00000008

Reserved.

SERVICE_WIN32_OWN_PROCESS
0x00000010

Service that runs in its own process.

SERVICE_WIN32_SHARE_PROCESS
0x00000020

Service that shares a process with one or more other services. For more information, see Service Programs.

If you specify either SERVICE_WIN32_OWN_PROCESS or SERVICE_WIN32_SHARE_PROCESS, and the service is running in the context of the LocalSystem account, you can also specify the following value.

Value Meaning
SERVICE_INTERACTIVE_PROCESS
0x00000100

The service can interact with the desktop.

For more information, see Interactive Services.

dwStartType [in]

The service start options. This parameter can be one of the following values.

Value Meaning
SERVICE_AUTO_START
0x00000002

A service started automatically by the service control manager during system startup. For more information, see Automatically Starting Services.

SERVICE_BOOT_START
0x00000000

A device driver started by the system loader. This value is valid only for driver services.

SERVICE_DEMAND_START
0x00000003

A service started by the service control manager when a process calls the StartService function. For more information, seeStarting Services on Demand.

SERVICE_DISABLED
0x00000004

A service that cannot be started. Attempts to start the service result in the error code ERROR_SERVICE_DISABLED.

SERVICE_SYSTEM_START
0x00000001

A device driver started by the IoInitSystem function. This value is valid only for driver services.

dwErrorControl [in]

The severity of the error, and action taken, if this service fails to start. This parameter can be one of the following values.

Value Meaning
SERVICE_ERROR_CRITICAL
0x00000003

The startup program logs the error in the event log, if possible. If the last-known-good configuration is being started, the startup operation fails. Otherwise, the system is restarted with the last-known good configuration.

SERVICE_ERROR_IGNORE
0x00000000

The startup program ignores the error and continues the startup operation.

SERVICE_ERROR_NORMAL
0x00000001

The startup program logs the error in the event log but continues the startup operation.

SERVICE_ERROR_SEVERE
0x00000002

The startup program logs the error in the event log. If the last-known-good configuration is being started, the startup operation continues. Otherwise, the system is restarted with the last-known-good configuration.

lpBinaryPathName [in, optional]

The fully qualified path to the service binary file. If the path contains a space, it must be quoted so that it is correctly interpreted. For example, "d:\\my share\\myservice.exe" should be specified as "\"d:\\my share\\myservice.exe\"".

The path can also include arguments for an auto-start service. For example, "d:\\myshare\\myservice.exe arg1 arg2". These arguments are passed to the service entry point (typically the main function).

If you specify a path on another computer, the share must be accessible by the computer account of the local computer because this is the security context used in the remote call. However, this requirement allows any potential vulnerabilities in the remote computer to affect the local computer. Therefore, it is best to use a local file.

lpLoadOrderGroup [in, optional]

The names of the load ordering group of which this service is a member. Specify NULL or an empty string if the service does not belong to a group.

The startup program uses load ordering groups to load groups of services in a specified order with respect to the other groups. The list of load ordering groups is contained in the following registry value:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ServiceGroupOrder

lpdwTagId [out, optional]

A pointer to a variable that receives a tag value that is unique in the group specified in the lpLoadOrderGroup parameter. Specify NULL if you are not changing the existing tag.

You can use a tag for ordering service startup within a load ordering group by specifying a tag order vector in the following registry value:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\GroupOrderList

Tags are only evaluated for driver services that have SERVICE_BOOT_START or SERVICE_SYSTEM_START start types.

lpDependencies [in, optional]

A pointer to a double null-terminated array of null-separated names of services or load ordering groups that the system must start before this service. Specify NULL or an empty string if the service has no dependencies. Dependency on a group means that this service can run if at least one member of the group is running after an attempt to start all members of the group.

You must prefix group names with SC_GROUP_IDENTIFIER so that they can be distinguished from a service name, because services and service groups share the same name space.

lpServiceStartName [in, optional]

The name of the account under which the service should run. If the service type is SERVICE_WIN32_OWN_PROCESS, use an account name in the formDomainName\UserName. The service process will be logged on as this user. If the account belongs to the built-in domain, you can specify .\UserName.

If this parameter is NULL, CreateService uses the LocalSystem account. If the service type specifies SERVICE_INTERACTIVE_PROCESS, the service must run in the LocalSystem account.

If this parameter is NT AUTHORITY\LocalService, CreateService uses the LocalService account. If the parameter is NT AUTHORITY\NetworkService,CreateService uses the NetworkService account.

A shared process can run as any user.

If the service type is SERVICE_KERNEL_DRIVER or SERVICE_FILE_SYSTEM_DRIVER, the name is the driver object name that the system uses to load the device driver. Specify NULL if the driver is to use a default object name created by the I/O system.

A service can be configured to use a managed account or a virtual account. If the service is configured to use a managed service account, the name is the managed service account name. If the service is configured to use a virtual account, specify the name as NT SERVICE\ServiceName. For more information about managed service accounts and virtual accounts, see the Service Accounts Step-by-Step Guide.

Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP:  Managed service accounts and virtual accounts are not supported until Windows 7 and Windows Server 2008 R2.

lpPassword [in, optional]

The password to the account name specified by the lpServiceStartName parameter. Specify an empty string if the account has no password or if the service runs in the LocalService, NetworkService, or LocalSystem account. For more information, see Service Record List.

If the account name specified by the lpServiceStartName parameter is the name of a managed service account or virtual account name, the lpPasswordparameter must be NULL.

Passwords are ignored for driver services.

Return value

If the function succeeds, the return value is a handle to the service.

If the function fails, the return value is NULL. To get extended error information, call GetLastError.

The following error codes can be set by the service control manager. Other error codes can be set by the registry functions that are called by the service control manager.

Return code Description
ERROR_ACCESS_DENIED

The handle to the SCM database does not have the SC_MANAGER_CREATE_SERVICE access right.

ERROR_CIRCULAR_DEPENDENCY

A circular service dependency was specified.

ERROR_DUPLICATE_SERVICE_NAME

The display name already exists in the service control manager database either as a service name or as another display name.

ERROR_INVALID_HANDLE

The handle to the specified service control manager database is invalid.

ERROR_INVALID_NAME

The specified service name is invalid.

ERROR_INVALID_PARAMETER

A parameter that was specified is invalid.

ERROR_INVALID_SERVICE_ACCOUNT

The user account name specified in the lpServiceStartName parameter does not exist.

ERROR_SERVICE_EXISTS

The specified service already exists in this database.

ERROR_SERVICE_MARKED_FOR_DELETE

The specified service already exists in this database and has been marked for deletion.

Remarks

The CreateService function creates a service object and installs it in the service control manager database by creating a key with the same name as the service under the following registry key:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services

Information specified by CreateServiceChangeServiceConfig, and ChangeServiceConfig2 is saved as values under this key. The following are examples of values stored for a service.

Value Description
DependOnGroup Load-ordering groups on which this service depends, as specified by lpDependencies.
DependOnService Services on which this service depends, as specified by lpDependencies.
Description Description specified by ChangeServiceConfig2 .
DisplayName Display name specified by lpDisplayName.
ErrorControl Error control specified by dwErrorControl.
FailureActions Failure actions specified by ChangeServiceConfig2 .
Group Load ordering group specified by lpLoadOrderGroup. Note that setting this value can override the setting of the DependOnService value.
ImagePath Name of binary file, as specified by lpBinaryPathName.
ObjectName Account name specified by lpServiceStartName.
Start When to start service, as specified by dwStartType.
Tag Tag identifier specified by lpdwTagId.
Type Service type specified by dwServiceType.

Setup programs and the service itself can create additional subkeys for service-specific information.

The returned handle is only valid for the process that called CreateService. It can be closed by calling the CloseServiceHandle function.

If you are creating services that share a process, avoid calling functions with process-wide effects, such as ExitProcess. In addition, do not unload your service DLL.

Examples

For an example, see Installing a Service.

Requirements

Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]

Header

Winsvc.h (include Windows.h)

Library

Advapi32.lib

DLL

Advapi32.dll

Unicode and ANSI names

CreateServiceW (Unicode) and CreateServiceA (ANSI)

See also

ChangeServiceConfig
ChangeServiceConfig2
CloseServiceHandle
ControlService
DeleteService
EnumDependentServices
OpenSCManager
QueryServiceConfig
QueryServiceDynamicInformation
QueryServiceObjectSecurity
QueryServiceStatusEx
Service Accounts Step-by-Step Guide
Service Functions
Service Installation, Removal, and Enumeration
SetServiceObjectSecurity
StartService

Local System、Local Service與Network Service

同事詢問Windows服務執行身分的預設選項:Local System、Local Service、Network Service,權限各有何不同?這問題多年前我彷彿知道答案,如今大腦卻不爭氣地只有殘缺印象,爬文時習之,不亦悅乎。

Local System、Local Service、Network Service都是Windows預先定義的本機帳號,但跟一般帳號不同(LookupAccountName查不到),使用時不需密碼,可用於CreateServiceChangeServiceConfig(密碼隨便給)。

Local System

在本機具備最高權限(使用時務必小心),與BUILTIN\Administrators具備相同權限,可存取本機大部分資源,與遠端主機溝通時則使用該主機電腦帳號(<domain_name>\<computer_name>$) 。做為授權對象時,LocalSystem帳號可寫成NT AUTHORITY\SYSTEM、LocalSystem、<computer name>\LocalSystem。執行時期將使用預設使用者機碼(HKET_USERS\.DEFAULT)。

Local Service

在本機的權限相當於Users群組,目的在減小服務或程序遭入侵的損害範圍,存取遠端資源時使用匿名身分。做為授權對象時,Local Service可寫成NT AUTHORITY\LOCAL SERVICE。Local Service有自已的HKEY_USERS機碼(HKEY_USERS\S-1-5-19)

Network Service

在本機的權限相當於Users群組,旨在控制服務程序遭惡意操控時的損害範圍,對外存取遠端資源時使用該主機電腦帳號(<domain_name>\<computer_name>$)。做為授權對象時,Network Service帳號可寫成NT AUTHORITY\NETWORK SERVICE 。Network Service也有自已的HKEY_USERS機碼(HKEY_USERS\S-1-5-20)

Local System、Local Service與Network Service的更多相关文章

  1. 关于Local System/Local Service/Network Service账户

    部署或安装系统服务时需要指定服务运行的账户.一般地,可选择Local System.Local Service或Network Service账户. Local System/Local Servic ...

  2. 数据库无法访问,用户 NT AUTHORITY/SYSTEM或NT AUTHORITY\NETWORK SERVICE登录失败的解决办法

    问题:win7中的在IIS 7.0中,在 Default Web Site 目录下挂一虚拟目录. 在相应的应用程序池 DefaultAppPool 设置标识设置成NetworkService. 但是打 ...

  3. 【解决】Failed to restart network.service: Unit network.service not found.

    问题:使用systemctl restart network 或 service network restart 命令重启网卡失败. 分析:原因其实也很简单,命令用错了,造成了找不到相应的网卡服务. ...

  4. (转)内置系统账户:Local system/Network service/Local Service 区别

    最近会转载一些 MSSQL 基础相关的文章. 参考文献: http://www.cnblogs.com/xianspace/archive/2009/04/05/1429835.html 前言 今天在 ...

  5. [转帖]内置系统账户:Local system/Network service/Local Service 区别

    内置系统账户:Local system/Network service/Local Service 区别 学习使用 xp_cmdshell 的时候 发现必须 sqlserver 的服务运行在local ...

  6. 内置系统账户:Local system/Network service/Local Service 区别

    参考文献: http://www.cnblogs.com/xianspace/archive/2009/04/05/1429835.html 前言 今天在安装sqlserver2008 r2的时候,在 ...

  7. Local System/Network Service/Local Service

    // The name of the account under which the service should run// 1 NT AUTHORITY\\SYSTEM 2 NT AUTHORIT ...

  8. Windows内置系统账户:Local system/Network service/Local Service 区别

    LocalSystem 账户  LocalSystem是预设的拥有本机所有权限的本地账户,这个账户跟通常的用户账户没有任何关联,也没有用户名和密码之类的凭证.这个服务账户可以打开注册表的HKEY_LO ...

  9. Residential Gateway System for Home Network Service

    Disclosed herein is a Residential Gateway (RG) system for home network service. The RG system receiv ...

随机推荐

  1. golang中channel的超时处理

    并发中超时处理是必不可少的,golang没有提供直接的超时处理机制,但可以利用select机制来解决超时问题. func timeoutFunc() { //首先,实现并执行一个匿名的超时等待函数 t ...

  2. iOS应用内支付(内购)的个人开发过程及坑!

    本文会给大家详细介绍iOS内购,这是本人16年5月底的开发过程,希望对看完此篇文章的人有所帮助. 本文基于XcodeVersion 7.3 (7D175)版本,手机是iPhone 6,9.3系统. 部 ...

  3. Java笔试题二:读程序

    public class SopResult { public static void main(String[] args) { int i = 4; System.out.println(&quo ...

  4. Windows Azure上的Odoo(OpenERP)

    OpenERP 改名为 Odoo 了,感觉名字怪怪的.Windows Azure也进入国内了,学习了一段时间的Azure,把它门结合在一起搞搞吧!本系列文章不涉及开发,纯属环境搭建及Odoo 系统功能 ...

  5. display:inline、block、inline-block的区别(转)

    display:block就是将元素显示为块级元素. block元素的特点是: 总是在新行上开始: 高度,行高以及顶和底边距都可控制: 宽度缺省是它的容器的100%,除非设定一个宽度 <div& ...

  6. Linq101-Quantifiers

    using System; using System.Collections.Generic; using System.Linq; namespace Linq101 { class Quantif ...

  7. ASP.NET生成压缩文件(rar打包)

    首先引用ICSharpCode.SharpZipLib.dll,没有在这里下载:http://files.cnblogs.com/files/cang12138/ICSharpCode.SharpZi ...

  8. JavaScript--Date函数

    1. Date函数 var now = new Date(); 获取当前日期对象 now对象->Date.prototype->Object.prototype 将一个字符串转换为Date ...

  9. js apply

    1.作用 函数的apply方法的作用与call方法类似,也是改变this指向,然后再调用该函数.唯一的区别就是,它接收一个数组作为函数执行时的参数 Fn.apply(obj, [arg1, arg2, ...

  10. 跟我学android-Android应用结构分析(四)

    自动生成的R.java文件说明 public final class R { public static final class attr { } public static final class ...