Contents x
    Ribbon Bar
    • 05 Feb 2024
    • Print
    • PDF
    Contents

    Ribbon Bar

    • Updated on 05 Feb 2024
    • Print
    • PDF
    Article summary

    The main ribbon bar to Fire Daemon has many options for use of the services listed.

     New

    To create a new service in Fire Daemon, select New. There are multiple tabs that can be customized. This section will go over the basic and standard tabs that Capstone uses to setup a service. Information about the other tabs can be found at www.firedaemon.com/manual/.

    Ribbon Bar

    Reset: Resets the fields.

    Open: Opens the Windows File Browser to find an XML file to use for the service definition.

    Save: Saves the service definition as an XML file.

    Save As: Opens the Windows File Browser to save the service definition as an XML file.

    View XML: View the XML code for the service.

    Program: Defines the major service parameters.

    Short Name: An abbreviated name for the service. This is the unique name by which the service is known in Windows. Whitespace (with the exception of hyphen and underscore) is not permitted in this field. The name must begin with an alphabetic character.

    Display Name: A more descriptive name for the service. This name will initially default to the Short Name. This value may contain spaces and punctuation.

    Custom Prefix String: When checked, the prefix can be modified or omitted entirely. By default, the prefix “FireDaemon Service” is prepended to the Short Name.

    Description: A long description of the service. It may remain blank. Referencing messages with pre-existing DLLs is also allowed.

    Executable: The full path and name of the executable to be run as the service

    Working Directory: The working directory of the application to be run as a service. This must be a valid mapped drive path or Universal/Uniform Naming Convention.

    Parameters: An optional list of parameters that can be passes to the executable.

    Startup Mode: Determines how the Service Control Manager treats the service when it is first created, and whenever the machine boots up.

    Startup Time: The number of milliseconds that the service will take to start as reported to the Service Control Manager. This value is required so that FireDaemon Pro can "checkpoint" the service startup process with the Windows Service Control Manager (SCM). If this amount of time elapses prior to the service entering a fully running state then the SCM will consider the service hung. Setting this value to a very low value is not recommended. Note that this value is NOT the total amount of time the service takes to initialize - it is only the amount of time required for the SCM to launch firedaemon.exe and not any application that FireDaemon Pro launches. You should only change this value if direct to by Technical Support or if you have an exceptionally slow computer

    Settings:

    Defines many of the service options.

    Interact with Desktop: When checked, this allows the service to interact with the desktop of the currently logged in user.

    Show Window: Choose the display mode of the Interactive Service: Normal, Hidden (silently causes the Interact with Desktop field to have no effect), Minimized and Maximized. Some applications may not respond to this setting.

    Ignore Control Flags: FireDaemon Pro can be controlled via writing directly to the registry. Stops any process it is running if the Control registry key is set. Can be set globally or on a per-service basis. Monitors the control flags as follows (remember the relationship is inverse so if no control flags are ignored then both will be monitored):

    • None – Both service level and global level

    • Service – Global level only

    • Global – Service level only

    • Both – None

    The registry keys that can be modified are as follows:

    Global Level (32-bit FireDaemon Pro on x86 hardware or 64-bit FireDaemon Pro on x64 hardware):

    HKLM\Software\

           FireDaemon Technologies\FireDaemon\Control

                   DWORD 0 or 1

    Global Level (32-bit FireDaemon Pro on x64 hardware):

    HKLM\Software\Wow6432Node\

           FireDaemon Technologies\FireDaemon\Control

                   DWORD 0 or 1

    Service Level (both x86 and x64) (0 = Process running 1 = Process will stop):

    HKLM\SYSTEM\

           CurrentControlSet\Services\<Service>\Parameters

                   \Control

                           DWORD 0 or 1

    Job Type: Determines whether the sub-process is to be placed in a Job Group. By placing the sub-process in either a Local or Global group, any child processes spawned by the sub-process will be terminated when the service is stopped. Further, the Process Priority is propagated to all processes in the Job. The actual scope of the Job Type is only relevant when the Windows Terminal Services server component is installed. A Terminal Services server has multiple namespaces for a variety of named kernel objects including job objects. By default, all services are created in Global scope. Local Jobs exist in the current client session namespace only so as to not interfere with other instances of the same application in other sessions. Generally, choose No Job if your service runs a single application instance. Choose Global Job if your service spawns multiple sub-processes or you have Windows Terminal Services running. Local Job scope is of dubious use and has been only included for the sake of completeness.

    Load Order Group: Places the service in a Load Order Group with other services so that other services can be dependent on it. The naming conventions relating to Short Name apply here.

    Logon Account: The name of the Windows user account that will own the sub-process when it is run. This can either be a local or domain account. The account will be automatically granted Logon As A Service rights. Local accounts take the form.\account. Domain accounts take the form DOMAIN\account (legacy NetBIOS parlance), domain.com\account (Active Directory parlance) ordomain.com\account$ (Managed Service Account - 2008 R2 or later only). If this is left blank the service will run as the LocalSystem user. A service may run as a user other than LocalSystem and interact with the desktop providing it is a member of domain or local Administrators group. Note: Where an account other than LocalSystem is used to run the service, FireDaemon Proautomatically grants that account certain security privileges, namely SeServiceLogonRight, and SeTcbPrivilege. If the application is configured to interact with the desktop, a further four privileges are also granted, these being SeCreateTokenPrivilege, SeAssignPrimaryTokenPrivilege, SeIncreaseQuotaPrivilege, and SeDebugPrivilege.

    Password: Password for the local or domain user’s account. If the user's password is changed locally or on the Domain Controller, then you will need to modify this field and reinstall the service to reflect the change otherwise the service will fail to start due to incorrect authorization credentials. No password is required for Managed Service Accounts.

    Confirm Password: Used to verify that the password entered in the field above is correct. If the passwords don’t match, the service will not install.

    Priority: The scheduling priority of the sub-process, its threads and all child processes. The use of Real Time priority should be avoided as it actually pre-empts the kernel scheduler.

    CPU Bindings (Dec): Allows the sub-process to be bound to specific cores on multi-CPU, multi-core machines. You can directly enter the Affinity Mask as a binary, decimal, or hexadecimal value. The base is specified in the Service Manager Options. If no CPUs are checked or all are checked then the sub-process can potentially run on any CPU and the CPU actually in use will be decided by the Windows scheduler from one moment to the next.

    Pre-Launch Delay: The number of milliseconds after the FireDaemon Pro service has entered the running state before the sub-process is launched.

    Dependencies: Service Dependencies allow services to be started (and stopped) in order. They specify which services or load order groups must be running on the machine before this service can run. For example, if the service ServiceA depends on the pre-requisite service ServiceB, then Windows will always start ServiceB before ServiceA during a machine boot-up. Similarly, if both ServiceA and ServiceB are stopped, then manually starting ServiceA will firstly cause ServiceB to be automatically started. Similarly, stopping ServiceB manually will force ServiceA to stop. Interestingly, services dependencies are not used during machine shutdown.

    Click on the drop down lists and choose a service or a service Load Order Group to make this service depend on. The service short name or Load Order Group name will be automatically listed in the corresponding list box. If you are running on Windows Vista or later make sure your services (especially if they are interactive) depend on the Interactive Services Detection service (UI0Detect). To remove a service from the list box, select the appropriate service from the list and click Remove.

    Scheduling: Controls the time periods in which the application is allowed to run. It also controls regularly scheduled restarts of the application. The tab has two sections: Process Run and Restarts. Note that the scheduling defaults mean the service is run 24x7.

    Process Run: Restrict when the application can execute. FireDaemon Pro will not start the application unless all the time and date conditions in this section are satisfied.

    Start Time: The time at which the application will commence execution. If a start time is specified, the application will never be allowed to run before this time on any given day.

    End Time: The time at which the application will halt execution. If an end time is specified, the application will never be allowed to run after this time on any given day.

    Start From: The date on or after which the application may commence execution. If a start date is specified, the application will never be allowed to run on any day prior to this date.

    Ending On: The date before or on which the application will halt execution. If an end date is specified, the application will never be allowed to run on any day after this date. To run a process only for one day, set the start date to that day and the end date to the following day. The service will not run on the day specified by the Ending On day.

    Daily: The days of the week on which the application may run. By default, the application is allowed to run on any day of the week. If one or more days of the week are disabled, the application will never be allowed to run on those days. On a day that is enabled, the application will potentially be allowed to run, subject to the limitations of the start and end times, and start and end dates described above. If the Start Time and End Time overlap a day boundary (e.g. 11PM to 1AM) and if an ending day is not checked then the application will terminate at midnight.

    Monthly: The days of the month on which the application may run. By default, the application is allowed to run on any day of the month. This may be restricted to a single day of the month, or to a range of days in the month, the range being inclusive. A range may be a normal (e.g. 10 to 12) or wrap-around (e.g. From 12 to 10). If one or more days of the month are disabled, the application will never be allowed to run on those days. On a day that is enabled, the application will potentially be allowed to run, subject to the limitations of the start and end times, and start and end dates described above.

    Restarts Section: Periodically force a running application to restart.

    Schedule a Restart: Specifies the frequency for the restart operation. A range of frequencies is available, varying from once per hour to once per month plus “At specific time” and “User Defined”. The restart occurs after the chosen interval has elapsed since the application commenced execution. For example, if a service started at 3:45 AM on January 12th on a weekly restart schedule, it will be automatically restarted at 3:45 on January 19th, Jan 26th, Feb 2nd, etc.

    User Defined: This is the field to the right of Schedule a Restart. It is only active when Schedule a Restart is set to “User Defined”. When active, the application can be restarted by the second. The minimum realistic value is 60 seconds (a smaller value can be set but is not recommended).

    Restart Delay: If an application is to be automatically restarted, this field specifies the amount of time (in milliseconds) that FireDaemon Pro will pause before restarting the application.

    Restart Time: If Schedule a Restart is set to “At Specific time” this is the time that the application will be restarted. 

    Edit

    Edit the service(s) selected in the service list. The properties menu for the service(s) will open.

    Uninstall/Start/Stop/Restart

    The selected service(s) will uninstall/start/stop/restart.

    Start All/Stop All/Restart All/Uninstall All

    All services will start/stop/restart/uninstall.

    Refresh

    Refresh the list of services.

    Filter

    Toggle the services list. The services list can display only installed FireDaemon services, or all services installed on the machine. The default behavior of this button can be modified via the Options dialog.

    Session 0

    Switches from the currently logged in desktop to Session 0. Since Windows Vista, Windows services are run in Session 0 and all other user initiated applications in other sessions. This is to protect services from attacks that originate in application code. In Windows Server 2003 and earlier versions of Windows, all services run in Session 0 along with applications. The effect of this change is that interactive services are no longer immediately visible when you install them. You can work around this by enabling and starting the Interactive Services Detection Service. The FireDaemon Pro installer does this for you by default, however, to enable it manually simply type the following two commands at a command prompt:

    sc config UI0Detect start= auto

    net start UI0Detect

    nb. UI0Detect is UI "zero" Detect.

    On Windows 8 / Server 2012 or later, Interactive Services are disabled system wide by default. This means the Interactive Services Detection Service may fail to run. To resolve this simply use the Registry Edit and look for the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Windows. Then change the value “NoInteractiveServices” from 1 to 0. Note that the FireDaemon Pro retail installer takes care of setting this registry value for you during product installation. Now when you run interactive services, you will see the Interactive Services Detection dialog popup. If you click on Show me the message you will be switched onto Session 0. Only GUI based applications will trigger the popup. Console based applications will not trigger the popup. It is also a good idea to make the services depend on the UI0Detect service. This means the UI0Detect will be up and running before your service is started and will prompt you to switch to the Session 0 desktop immediately.

    To exit out of the interactive session, click on Return now.

    Exit

    Exit out of the FireDaemon Pro Service Manager.

    Was this article helpful?
    What's Next