The Settings Tab provides various options that control the service's runtime profile.
The following table describes the fields provided on the Settings tab.
|Interact with Desktop||When checked, this allows the service to interact with the desktop of the currently logged-in user.|
Remember that services run in a different security context so their visibility is not always assured especially when used in conjunction with Remote Desktop. You may need to connect to the Shadow Console.
With the Interact with the Desktop option enabled, a service may run under an account other than the Local System account.
The service's interactions will only be visible if the logon account is a member of the local or domain Administrators group. Windows Session 0 Isolation in Vista, 2008 or later may further affect its visibility.
|Show Window||The display mode of the interactive service.|
The following are options available:
|Service SID Type||The Windows security identifier (SID) type setting for the service. The purpose of the SID type is to isolate the objects a service has access to (e.g. files or registry keys). When the SID type is set, this instructs the Windows Service Control Manager to add the service SID type to service's process token, allowing the service to gain to access to specific objects without having to run under a highly privileged account. Changes to the SID Type do not take effect until the system is restarted. For more information see Microsoft's documentation.|
The following options are available:
|Job Type||Determines whether the service is to be placed in a Job Group at runtime.|
By placing the service in a Local or Global group, note that
Note: The actual scope of the Job Type is relevant only when the Windows Terminal Services server component is installed.
A Terminal Services server has multiple namespaces for a variety of named kernel objects including job objects. By default, all services are created in the Global scope.
Local Jobs exist only in the current client session namespace so as to not interfere with other instances of the same program in other sessions.
Job Type settings are as follows:
|Load Order Group||The name of the Load Order Group in which to place the service (if any). See Dependencies Tab for details about how Load Order Groups are used.|
Note: The naming conventions for the Load Order Group field are the same as the Short Name field.
|Logon Account||The name of the Windows user account that will own the service when that service is run.|
The account can be any of the following:
If no account is specified, the service will run under the LocalSystem account.
A service may run as a user other than LocalSystem and interact with the desktop only if that user is a member of the domain or local Administrators group.
If an account other than LocalSystem is used to run the service, the account will be automatically granted the SeServiceLogonRight privilege (Log On as a Service).
|Password||The password for the local or domain user account.|
If the password of the user account is changed locally or on the Domain Controller, you will need to update this field and reinstall the service to reflect the change. If the password is not updated, the service will fail to start due to incorrect authorization credentials.
Note: No password is required for Managed Service Accounts, Group Managed Service Accounts or virtual service accounts.
|Confirm Password||The password must be re-entered to confirm the value in the Password field.|
Note: If the passwords do not match, FireDaemon Pro will not install the service.
|Priority||The runtime scheduling priority of the service, its threads, and all child processes.|
Note: Avoid using the Real-Time (preempts all other processes) option as it actually pre-empts the kernel scheduler.
|Processor Group||A static set of processors as defined by Windows. For more information, see Processor Groups.|
|NUMA Nodes||This field shows on which NUMA node(s) the service will execute. It will be filled if a Processor Group and a CPU Binding other than 0 is selected. For more information, see NUMA Support.|
|CPU Bindings (Dec)||Binds the service to specific core(s) on multi-CPU, multi-core machines.|
You can enter the Affinity Mask as a binary, decimal or hexadecimal value. The value's base is specified in the Service Manager Options.
If no CPUs are selected, or all CPUs are selected, then the service can potentially run on any CPU and the actual CPU in use will be decided by the Windows scheduler from one moment to the next.
|Statistics Monitoring||The time interval (in milliseconds) for FireDaemon Pro to refresh the service's memory and CPU usage statistics in the user interface. To disable statistics refreshes, set the time interval to zero.|
Note: This also sets the length of time after a service start in which Flap Detection is active.