sc (computer command)
Generated by GPT-5-miniExpansion Funnel Raw 50 → Dedup 0 → NER 0 → Enqueued 0
| sc (computer command) | |
|---|---|
| Name | sc |
| Title | sc |
| Introduced | 1985 |
| Developed by | Microsoft Corporation |
| Operating system | Microsoft Windows; ReactOS; Windows NT |
| License | Proprietary software |
sc (computer command)
sc is a command-line utility for controlling Windows NT services and communicating with the Service Control Manager on Microsoft Windows and compatible systems. It provides administrative functions including creating, querying, configuring, starting, stopping, and deleting services, and is commonly used by system administrators, automation engineers, and support specialists. sc is packaged with Windows Server and Windows client releases and is mirrored in open-source projects such as ReactOS for interoperability and testing.
Overview
sc interacts directly with the Service Control Manager to manage services on local or remote machines, exposing operations analogous to GUI tools like Services MMC snap-in and APIs used by Windows API and Windows Driver Kit. It supports both service configuration and control actions, integrating with Task Scheduler workflows, PowerShell scripts, and enterprise management solutions from vendors such as Microsoft System Center and SolarWinds. Administrators use sc alongside utilities like net.exe, schtasks.exe, and wmic.exe for comprehensive host management.
History and Development
sc traces lineage to tools shipped with Windows NT 3.1 and was formalized in later Windows NT family releases as the canonical command-line interface to the Service Control Manager. Development and documentation have been driven by Microsoft Corporation engineering teams responsible for Windows Server reliability and Windows API surface area. Community implementations and re-implementations appear in projects like ReactOS and research tools used by security teams at institutions such as SANS Institute and CERT Coordination Center for testing service hardening and remediation. Over time sc added extended options to support the evolving Windows Server features, remote management, and integration with Active Directory-based administration.
Syntax and Options
sc uses a verb-noun syntax with a target machine and service name. Common invocation patterns mirror administrative verbs used in Windows Command Prompt conventions: creating services with configuration parameters, querying status, and sending control codes. Options include parameters for binary path, start type, display name, dependencies, account credentials, and failure actions that align with settings exposed in the Services MMC snap-in. Remote management requires appropriate Windows NT authentication such as accounts from Active Directory or local Security Identifier contexts. sc communicates through the Service Control Manager API and accepts control codes comparable to those defined in the Windows Driver Kit for custom service handlers.
Common Use Cases
Administrators use sc to automate common tasks like installing new services for applications from vendors such as IIS modules, SQL Server, and third-party daemons; managing startup behavior for services related to Exchange Server and Active Directory Domain Services; and debugging service lifecycle issues encountered in Windows Server Core or cloud images on platforms like Microsoft Azure and Amazon EC2. Security teams use sc to enumerate services when performing audits or incident response alongside tools such as Sysinternals utilities and PowerShell cmdlets. Developers use sc during continuous integration with systems like Jenkins (software), TeamCity, and Azure DevOps to register test harnesses as services for long-running background tasks.
Examples and Scripts
Examples of sc usage appear in administrative guides and automation repositories maintained by organizations such as Microsoft Corporation and community projects on code hosting platforms. Typical one-liners include creating a service with a specified binary and start type, querying service status, and sending stop or start commands. Scripts combine sc with cmd.exe batch constructs or PowerShell functions to perform bulk operations across hosts registered in Active Directory or inventory systems like Configuration Manager (SCCM). Advanced scripts integrate sc with Windows event logs and monitoring systems such as Nagios or Zabbix for automated remediation.
Platform Implementations
sc is native to Microsoft Windows client and server families and is included in Windows Server distributions. Open-source projects including ReactOS implement compatible variants to support application interoperability and testing. Third-party management suites may wrap sc functionality or provide API abstractions for heterogeneous environments that also include platforms such as Linux via Samba interoperability layers and remote execution frameworks. Virtualization platforms like Hyper-V and cloud orchestration tools often rely on similar service control APIs when provisioning and managing guest instances.
Security and Permissions
sc operations require appropriate privileges because they alter services that can impact system integrity, availability, and security. Typical required permissions include membership in Administrators or specific Service Control Manager rights assigned through Local Security Policy or Group Policy managed settings in Active Directory. Misuse of sc can be leveraged in attacks documented by entities such as MITRE ATT&CK and CERT Coordination Center; best practices include auditing service changes with Windows Event Log forwarding, applying least privilege principles, and using signed binaries and mitigations from Microsoft Defender and endpoint protection vendors.
Category:Windows administration