SERVICE_POLICY

This policy item checks for the startup values defined in “System Services”. The check is performed by calling the function RegQueryValueEx on the following keys:

  • key: "SYSTEM\CurrentControlSet\Services\" + service_name
  • item: "Start"

Note: This check requires remote registry access for the remote Windows system to function properly.

Usage

<custom_item>

type: SERVICE_POLICY

description: ["description"]

value_type: [VALUE_TYPE]

value_data: [value]

(optional) check_type: [value]

service_name: ["service name"]

</custom_item>

The allowed types are:

  • value_type: SERVICE_SET
  • value_data: "Automatic", "Manual" or "Disabled"
  • svc_option: CAN_BE_NULL or CAN_NOT_BE_NULL

The service_name field corresponds to the REAL name of the service. This name can be obtained by:

  1. launching Services control panel (in Administrative tools)
  2. selecting the desired service
  3. opening properties dialog box (right click -> properties)
  4. extracting the “Service name” part

The service permission setting can be checked with a SERVICE_PERMISSIONS item.

Example

<custom_item>

type: SERVICE_POLICY

description: "Background Intelligent Transfer Service"

value_type: SERVICE_SET

value_data: "Disabled"

service_name: "BITS"

</custom_item>