Encompass

All service log-on accounts must be assigned the Log-on As A Service right, which gives the service the ability to interact with and be controlled by the Service Control Manager (SCM), which in turn allows the service to log on and access resources without another external security principal having to log on first.

The SCM is started during the Windows boot sequence as a Remote Procedure Call (RPC) server so that service management and control programs (Sc.exe, Services.msc, WMIC, and so on) can interact with local and remote services. The SCM is responsible for starting services defined to start automatically during the Windows boot process. SCM will read the service values located in the registry, log on the service account to the local computer using the found credentials, load the service account’s user profile, start the service in a suspended state, associate the service with the service account’s log-on token, and then finish starting the service. SCM will detect any registered service dependencies and start them first, if needed.

The SCM is tasked with many service-oriented responsibilities, including:

■ Maintaining the database of installed services

■ Starting services and driver services either upon system start-up or upon demand

■ Enumerating installed services and driver services

■ Maintaining status information for running services and driver services

■ Transmitting control requests to running services

■ Locking and unlocking the service database