How to debug a faulty service in Windows

TomaszOledzki 0 Reputation points
2024-03-05T18:58:33.9033333+00:00

What are the steps to troubleshoot and debug a built-in service that won't start on Windows OS?

I'm not looking for a solution to the issue, but rather the root cause of the problem. I am aware that SCM manages built-in services in Windows. Is there a way to generate a verbose/debug log for a service SCM is attempting to start?

Let’s suppose: a WinRM service won’t start - how to troubleshoot that?

Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
11,468 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,921 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Olaf Helper 44,296 Reputation points
    2024-03-05T19:04:33.25+00:00

    You would need to have the source code to debug.

    Ask the developer for, or raise a support case.

    0 comments No comments

  2. Bruce (SqlWork.com) 64,161 Reputation points
    2024-03-05T19:36:43.5033333+00:00

    the logging has to be builtin to the service. at startup, SCM just creates the process and calls the service entry point(s). see:

    https://learn.microsoft.com/en-us/windows/win32/services/writing-a-servicemain-function

    0 comments No comments

  3. Gary Nebbett 6,066 Reputation points
    2024-03-05T21:58:06.08+00:00

    Hello Tomasz,

    The Microsoft documentation describes how to debug a service: https://learn.microsoft.com/en-us/windows/win32/services/debugging-a-service

    As has already been pointed out, without the source code of the service, this advice is not easy to follow.

    The WinRM service has some built-in logging, but it is difficult to interpret the logged information.

    You could try capturing this log information and sharing it - I would take a look and see if it is helpful.

    The command to create the trace is logman start gary -ets -p "Windows Remote Management Trace" 0xFFFFFFFF 255 -o why.etl & sc start WinRM & sc queryex WinRM & logman stop gary -ets

    The file why.etl contains the trace; it would also be helpful to see the EXIT_CODE values in the "sc queryex" output.

    Gary

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.