如何在Powershell中为“创建Windows服务”；网络服务“；账户

我想使用Powershell创建Windows服务。为给定用户创建它是小菜一碟。我使用的这个函数改编自

我的问题是：如何创建“网络服务”帐户？

如果我修改新服务行并删除凭证参数，则会为“本地系统”帐户创建服务。差点错过

New-Service -name $serviceName -binaryPathName $binaryPath -displayName $serviceName -startupType Automatic 

我在谷歌上搜索了很多，发现没有办法显示服务帐户。如果我尝试为用户“NETWORK SSERVICE”使用凭据参数，我不知道该输入什么密码，而且如果我发明了一个密码（以防cmdlet忽略它），它将不起作用。错误是：

新服务：服务'XXXX（XXXX）' 由于以下错误而无法创建：帐户名为 无效或不存在，或者该帐户的密码无效 指定的名称

---

帐户的正确名称为

NT AUTHORITY\NETWORK SERVICE

这是重新安装服务的最终版本，为每个人的利益服务，特别是为Aniket服务

function ReinstallService ($serviceName, $binaryPath, $description, $login, $password, $startUpType)
{
        Write-Host "Trying to create service: $serviceName"

        #Check Parameters
        if ((Test-Path $binaryPath)-eq $false)
        {
            Write-Host "BinaryPath to service not found: $binaryPath"
            Write-Host "Service was NOT installed."
            return
        }

        if (("Automatic", "Manual", "Disabled") -notcontains $startUpType)
        {
            Write-Host "Value for startUpType parameter should be (Automatic or Manual or Disabled) and it was $startUpType"
            Write-Host "Service was NOT installed."
            return
        }

        # Verify if the service already exists, and if yes remove it first
        if (Get-Service $serviceName -ErrorAction SilentlyContinue)
        {
            # using WMI to remove Windows service because PowerShell does not have CmdLet for this
            $serviceToRemove = Get-WmiObject -Class Win32_Service -Filter "name='$serviceName'"

            $serviceToRemove.delete()
            Write-Host "Service removed: $serviceName"
        }

        # if password is empty, create a dummy one to allow have credentias for system accounts: 
        #NT AUTHORITY\LOCAL SERVICE
        #NT AUTHORITY\NETWORK SERVICE
        if ($password -eq "") 
        {
            #$secpassword = (new-object System.Security.SecureString)
            # Bug detected by @GaTechThomas
            $secpasswd = (new-object System.Security.SecureString)
        }
        else
        {
            $secpasswd = ConvertTo-SecureString $password -AsPlainText -Force
        }
        $mycreds = New-Object System.Management.Automation.PSCredential ($login, $secpasswd)

        # Creating Windows Service using all provided parameters
        Write-Host "Installing service: $serviceName"
        New-Service -name $serviceName -binaryPathName $binaryPath -Description $description -displayName $serviceName -startupType $startUpType -credential $mycreds

        Write-Host "Installation completed: $serviceName"

        # Trying to start new service
        Write-Host "Trying to start new service: $serviceName"
        $serviceToStart = Get-WmiObject -Class Win32_Service -Filter "name='$serviceName'"
        $serviceToStart.startservice()
        Write-Host "Service started: $serviceName"

        #SmokeTest
        Write-Host "Waiting 5 seconds to give time service to start..."
        Start-Sleep -s 5
        $SmokeTestService = Get-Service -Name $serviceName
        if ($SmokeTestService.Status -ne "Running")
        {
            Write-Host "Smoke test: FAILED. (SERVICE FAILED TO START)"
            Throw "Smoke test: FAILED. (SERVICE FAILED TO START)"
        }
        else
        {
            Write-Host "Smoke test: OK."
        }

}

---

您可以直接获得网络服务的信任，如下所示：

$login = "NT AUTHORITY\NETWORK SERVICE"
#### #just set a dummy psw since it's just used to get credentials

$psw = "dummy"

$scuritypsw = ConvertTo-SecureString $psw -AsPlainText -Force

$mycreds = New-Object System.Management.Automation.PSCredential($login, $scuritypsw)
#### #then you can use the cred to new a windows service

$serviceName = "Test"
$binaryPath = "C:\Test\Test.exe"

New-Service -name $serviceName -binaryPathName $binaryPath -displayName $serviceName -startupType Automatic -credential $mycreds

---

Get WmiObject

现在不推荐使用。但是，PowerShell现在已内置cmdlet来处理服务。以下是Oscar Foley答案中的更新版本的

重新安装服务

，并相应调整了默认值和启动和停止服务的包装：

# https://stackoverflow.com/questions/35064964/powershell-script-to-check-if-service-is-started-if-not-then-start-it
function TryStopService([string] $serviceName)
{
    Write-Host "Attempting to stop service: $serviceName..."
    $service = Get-Service -Name $serviceName -ErrorAction SilentlyContinue

    if($service)
    {
        if ($service.Status -ne 'Running')
        {
            Write-Host "    Service: $serviceName is not running."
        }
        else
        {
            Stop-Service -name $serviceName
            Write-Host "    Stopped service: $serviceName."
        }
    }
    else
    {
        Write-Host "    Service: $serviceName is not found."
    }
}

function UninstallService([string] $serviceName)
{
    Write-Host "Attempting to uninstall service: $serviceName..."
    if (Get-Service $serviceName -ErrorAction SilentlyContinue)
    {
        Remove-Service -Name $serviceName
        Write-Host "    Uninstalled service: $serviceName."
    }
    else
    {
        Write-Host "    Service: $serviceName is not found."
    }
}

function StartSertice([string] $serviceName)
{
    Write-Host "Attempting to start service: $serviceName..."
    $service = Get-Service -Name $serviceName -ErrorAction SilentlyContinue

    if($service)
    {
        if ($service.Status -eq 'Running')
        {
            Write-Host "    Service: $serviceName is already running."
            return
        }
    }

    # Trying to start new service.
    Write-Host "    Trying to start new service: $serviceName."
    Start-Service -Name $serviceName

    #Check that service has started.
    Write-Host "    Waiting 5 seconds to give service time to start..."
    Start-Sleep -s 5
    $testService = Get-Service -Name $serviceName

    if ($testService.Status -ne "Running")
    {
        [string] $errMessage = "    Failed to start service: $serviceName"
        Write-Host $errMessage
        Throw $errMessage
    }
    else
    {
        Write-Host "    Started service: $serviceName."
    }
}

function ReinstallService ([string] $serviceName, [string] $binaryPath, [string] $description = "", [string] $login = "NT AUTHORITY\NETWORK SERVICE", [string] $password = "", [string] $startUpType = "Automatic")
{
    Write-Host "Attempting to reinstall service: $serviceName..."

    #Check Parameters
    if ((Test-Path $binaryPath)-eq $false)
    {
        Write-Host "    BinaryPath to service was not found: $binaryPath."
        Write-Host "    Service was NOT installed."
        return
    }

    if (("Automatic", "Manual", "Disabled") -notcontains $startUpType)
    {
        Write-Host "    Value for startUpType parameter should be (Automatic or Manual or Disabled) and it was $startUpType"
        Write-Host "    Service was NOT installed."
        return
    }

    TryStopService -serviceName $serviceName
    UninstallService -serviceName $serviceName

    # if password is empty, create a dummy one to allow having credentias for system accounts:
    #     NT AUTHORITY\LOCAL SERVICE
    #     NT AUTHORITY\NETWORK SERVICE
    if ($password -eq "")
    {
        $secpassword = (new-object System.Security.SecureString)
    }
    else
    {
        $secpassword = ConvertTo-SecureString $password -AsPlainText -Force
    }

    $mycreds = New-Object System.Management.Automation.PSCredential ($login, $secpassword)

    # Creating Windows Service using all provided parameters.
    Write-Host "Installing service: $serviceName with user name: '$login'..."
    New-Service -name $serviceName -binaryPathName $binaryPath -Description $description -displayName $serviceName -startupType $startUpType -credential $mycreds
    Write-Host "    Installed service: $serviceName."

    # Trying to start new service.
    StartSertice -serviceName $serviceName
}

---

你能和我分享一下你的新服务吗？当我使用如下内容时：New Service-name$serviceName-binaryPathName$path-displayName$serviceName-startupType Automatic-Credential“NT AUTHORITY\NETWORK Service”，我会得到一个密码提示。问题是您只在-Credential中传递用户名。我的行与您的行相同，但我通过-凭证$MyCreds$MyCreds值为：$MyCreds=$MyCreds=New Object System.Management.Automation.PSCredential（$login，$secpasswd）$login值为“NT AUTHORITY\NETWORK SERVICE”$secpassword可以是任何东西。@Aniket，我在脚本的最终版本中添加了一个答案，因此您可以比在我的评论中更好地看到它……这可能会产生一个奇怪的副作用，即如果用户的密码是

dummy

，并且调用者没有给出密码，那么它就可以正常工作。提供了一种创建空的

SecureString

的方法。此代码中的错误：$secpassword应该是$secpasswdNo这不是正确的名称，正确的名称取决于您正在执行的系统的语言，可以这样找到：$SID=[system.Security.Principal.WellKnownSidType]：：NetworkServiceSid$Account=新对象system.security.principal.securityidentifier（$SID，$null）$NetworkServiceName=$Account.Translate（[system.security.principal.ntaccount]）.value

# https://stackoverflow.com/questions/35064964/powershell-script-to-check-if-service-is-started-if-not-then-start-it
function TryStopService([string] $serviceName)
{
    Write-Host "Attempting to stop service: $serviceName..."
    $service = Get-Service -Name $serviceName -ErrorAction SilentlyContinue

    if($service)
    {
        if ($service.Status -ne 'Running')
        {
            Write-Host "    Service: $serviceName is not running."
        }
        else
        {
            Stop-Service -name $serviceName
            Write-Host "    Stopped service: $serviceName."
        }
    }
    else
    {
        Write-Host "    Service: $serviceName is not found."
    }
}

function UninstallService([string] $serviceName)
{
    Write-Host "Attempting to uninstall service: $serviceName..."
    if (Get-Service $serviceName -ErrorAction SilentlyContinue)
    {
        Remove-Service -Name $serviceName
        Write-Host "    Uninstalled service: $serviceName."
    }
    else
    {
        Write-Host "    Service: $serviceName is not found."
    }
}

function StartSertice([string] $serviceName)
{
    Write-Host "Attempting to start service: $serviceName..."
    $service = Get-Service -Name $serviceName -ErrorAction SilentlyContinue

    if($service)
    {
        if ($service.Status -eq 'Running')
        {
            Write-Host "    Service: $serviceName is already running."
            return
        }
    }

    # Trying to start new service.
    Write-Host "    Trying to start new service: $serviceName."
    Start-Service -Name $serviceName

    #Check that service has started.
    Write-Host "    Waiting 5 seconds to give service time to start..."
    Start-Sleep -s 5
    $testService = Get-Service -Name $serviceName

    if ($testService.Status -ne "Running")
    {
        [string] $errMessage = "    Failed to start service: $serviceName"
        Write-Host $errMessage
        Throw $errMessage
    }
    else
    {
        Write-Host "    Started service: $serviceName."
    }
}

function ReinstallService ([string] $serviceName, [string] $binaryPath, [string] $description = "", [string] $login = "NT AUTHORITY\NETWORK SERVICE", [string] $password = "", [string] $startUpType = "Automatic")
{
    Write-Host "Attempting to reinstall service: $serviceName..."

    #Check Parameters
    if ((Test-Path $binaryPath)-eq $false)
    {
        Write-Host "    BinaryPath to service was not found: $binaryPath."
        Write-Host "    Service was NOT installed."
        return
    }

    if (("Automatic", "Manual", "Disabled") -notcontains $startUpType)
    {
        Write-Host "    Value for startUpType parameter should be (Automatic or Manual or Disabled) and it was $startUpType"
        Write-Host "    Service was NOT installed."
        return
    }

    TryStopService -serviceName $serviceName
    UninstallService -serviceName $serviceName

    # if password is empty, create a dummy one to allow having credentias for system accounts:
    #     NT AUTHORITY\LOCAL SERVICE
    #     NT AUTHORITY\NETWORK SERVICE
    if ($password -eq "")
    {
        $secpassword = (new-object System.Security.SecureString)
    }
    else
    {
        $secpassword = ConvertTo-SecureString $password -AsPlainText -Force
    }

    $mycreds = New-Object System.Management.Automation.PSCredential ($login, $secpassword)

    # Creating Windows Service using all provided parameters.
    Write-Host "Installing service: $serviceName with user name: '$login'..."
    New-Service -name $serviceName -binaryPathName $binaryPath -Description $description -displayName $serviceName -startupType $startUpType -credential $mycreds
    Write-Host "    Installed service: $serviceName."

    # Trying to start new service.
    StartSertice -serviceName $serviceName
}