How To Manage Windows Processes And Services Remotely

How To Manage Windows Processes And Services RemotelyHow To Manage Windows Processes And Services Remotely

You may need to manage a Windows service or a process on a remote computer if you are a sysadmin. One of the common remote tasks is restarting a service, a process, or the computer itself.

A remote computer may be at another location, on the cloud, or simply in another room. It is convenient to manage it remotely rather than physically accessing it.

There are a bunch of methods that can be used to manage Windows processes or services remotely, as long as the remote computer is on the same network as yours, or joined to the same domain. These include both command-line methods and GUI-based consoles.

Today, we will be showing you how to manage a Windows process or a service on a remote computer using both Windows-native and aftermarket tools.

List, Kill, Start, or Restart Windows Processes and Services Remotely

Just like on your local PC, you can view all the processes running on a remote computer, kill a process, start a process/task, or even restart a service. Most of the method shared in this post are performed through the Windows Command Line Interface (CLI), which include both the Command Prompt and PowerShell.

The tasklist cmdlet can be used with parameters to view the processes and tasks running on a remote PC. Similarly, the PsList.exe tool, which is a part of Sysinternals PsTool, also lists the same information as tasklist.

Alternatively, you can also use the two aforementioned tools in combination to view and list the processes on a remote computer; where the PsExec tool is used to connect to the remote computer’s Command Prompt, and then other command-line tools can be used to list the processes, like tasklist, Get-Process, etc.

Likewise, you can control and manage the different Windows services of a remote computer. This can be done through the command line as well as the Services console.

Before we get into the details of using these tools to manage remote services and processes, there are a few conditions that the remote computer should meet:

  • The remote PC must be on the same network as yours, or the same domain.
  • You need to use an administrative computer account to manage the remote computer’s services and processes, complete with a username and password.
  • Remote connection should be allowed through the firewall, or the firewall must be turned off (not recommended).
  • The User Access Control (UAC) Remote Restrictions must be turned off.

If these conditions are not met, you will not be able to use many of the tools discussed above to manage processes and services on a remote PC.

Allow Remote Connection through Windows Firewall

Use the following steps to allow remote connection through the firewall, if not already enabled:

  1. Open the Windows Firewall applet by typing in “firewall.cpl” in the Run Command box.

    Open the Windows Firewall applet
    Open the Windows Firewall applet
  2. Click “Allow an app or feature through Windows Defender Firewall” on the left.

    Allow app or feature through the Firewall
    Allow app or feature through the Firewall
  3. Click “Change settings.”

    Change firewall settings
    Change firewall settings
  4. Scroll down and allow “Remote Desktop” through the available network profiles, and then click “Ok.”

    Allow remote desktop through Windows Firewall
    Allow remote desktop through Windows Firewall

These steps will allow you to use the command-line and GUI-based tools to connect remotely to the other computer. Now, you must also disable the UAC Remote Restrictions on the remote computer.

Disable UAC Remote Restrictions

The UAC Remote Restrictions can be removed both remotely and physically on the computer as well. Below are the steps used to disable the feature and allow a remote connection if you are physically preset on the PC. Note that this method involves manual changes to the Windows Registry.

Note: To enable the remote desktop connection remotely, refer to this guide.

Note: Misconfiguration of critical values in the system’s registry could be fatal for your operating system. Therefore, we insist that you create a system restore point before proceeding forward with the process.

You can also use our top selection of disk imaging and backup software so you never lose your data or operating system again.

  1. Open the Registry Editor by typing in “regedit” in the Run Command box.

    Open the Registry Editor
    Open the Registry Editor
  2. Paste the following in the navigation bar for quick navigation:

    Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
    Navigate to the System key
    Navigate to the System key
  3. Right-click the System key, expand New, and click “DWORD (32-bit Value).” Name the DWORD “LocalAccountTokenFilterPolicy.”

    Create the DWORD LocalAccountTokenFilterPolicy
    Create the DWORD LocalAccountTokenFilterPolicy
  4. Set the “LocalAccountTokenFilterPolicy” Value Data to “1.”

    Set LocalAccountTokenFilterPilicy Value Data to 1
    Set LocalAccountTokenFilterPilicy Value Data to 1
  5. Close the Registry Editor.

You are now set to use different tools to manage Windows services and processes remotely.

List, View all Processes on Remote Computer

List all Processes Remotely using Tasklist

Tasklist is a command-line tool you can use to view the details of the processes running on the remote computer. This lists different information regarding the processes, such as their Process ID (PID), memory usage, etc.

Note that if you use the method below first when the remote connection is not allowed through Windows Firewall or the UAC Remote Restrictions are still enabled, you will see the following error message:

ERROR: The user name or password is incorrect

To avoid this error, we suggest that you first use the steps given above to allow RDC through the firewall and disable UAC Remote Restrictions, then continue to use the steps below:

  1. Launch an elevated Command Prompt.

  2. Use the following syntax to obtain information on the processes running on the remote PC:

    Replace [ComputerName] with the name of the remote computer, [Username] with an administrative user account on the remote PC, and [Password] with the correct password for the associated username.

    tasklist.exe /S [ComputerName] /U [Username] /P [Password]
    View all process list remotely using Tasklist
    View all process list remotely using Tasklist

As you can see in the image above, all running tasks on the remote computer are now listed inside the Command Prompt.

Query Processes Remotely using PsList

As mentioned earlier, PsList is part of the PsTools utility by SysInternals. This can also be used to display a list of processes running on the remote computer. It gives more detailed information about a process when compared to the tasklist method, such as the time the process has been running, the number of threads and handles, etc.

  1. Start by downloading the PsTools.

    Download PsTools
    Download PsTools
  2. Extract the contents of the PsTool file.

    Extract PsTools
    Extract PsTools
  3. Now launch an elevated Command Prompt and then use the CD cmdlet to change your directory to the extract PsTools folders.

    CD [PathToPsTools]
    Change directory to PsTools folder
    Change directory to PsTools folder
  4. Now use the following cmdlet to list all the running processes on the remote computer while replacing [ComputerName] with the name of the remote PC:

    PsList \\[ComputerName]
    View all process list remotely using PsList
    View all processes list remotely using PsList

Alternatively, you can also use the “-t” switch in the following syntax to show the process tree instruction:

PsList \\[ComputerName] -t
List all process list remotely in tree view using PsList
List all processes remotely in a tree view using PsList

List all Processes Remotely using Get-Process (PowerShell)

The Get-Process is a PowerShell cmdlet that lists all the running processes as well as their relevant information, like PID, handles, etc. It can be used alone to obtain a list of processes and tasks on the local computer, or together with switching to obtain a list of processes running on a remote computer.

  1. Launch an elevated PowerShell instance.

  2. Use the following cmdlet while replacing [ComputerName] with the name of the remote PC:

    Get-Process -ComputerName [ComputerName]
    Query all processes on remote computer using Get Process PowerShell
    Query all processes on a remote computer using Get-Process (PowerShell)

Other methods to View All Processes Remotely

You can also use other methods to obtain a list of processes on a remote computer. For instance, you can connect to a remote computer’s Command Prompt using the PsExec tool and run cmdlets that list the local process details. This includes the Tasklist cmdlet, as well as others, like WMIC.

Here are the steps to connect to the remote computer’s Command Prompt:

  1. Start by downloading the PsTools.

    Download PsTools
    Download PsTools
  2. Extract the contents of the PsTool file.

    Extract PsTools
    Extract PsTools
  3. Now launch an elevated Command Prompt and then use the CD cmdlet to change your directory to the extract PsTools folders.

    CD [PathToPsTools]
    Change directory to PsTools folder
    Change directory to PsTools folder
  4. Now use the following cmdlet to connect to the remote computer’s Command Prompt while replacing [ComputerName] with the name of the remote PC:

    PsExec \\[ComputerName] CMD
    Connect to remote computers Command Prompt
    Connect to remote computer’s Command Prompt

    As you will observe, your directory will now change. This means that the computer has successfully connected to the remote computer’s Command Prompt.

Now that you have successfully established a remote cmd connection, you can use any of the following cmdlets to list the processes and their details:

Tasklist
WMIC Process

These are all the methods to view and list all the processes on a remote computer. Let us now see how to kill a process.

How to Kill a Process Remotely

The methods shared below to kill a process require the name or PID of a process that you want to kill, which can be done using the methods listed above to list/query the processes on a remote computer.

Kill Process Remotely using Taskkill

Like Tasklist, the Taskkill tool is a Windows-native command-line tool that can be used to kill tasks and processes on a remote computer. To kill a process on a remote computer, use the following steps:

  1. Launch an elevated Command Prompt.

  2. Now use either of the following commands to kill a process remotely using its PID or process name.

    Remember to replace [ComputerName] with the name of the remote PC, [Processname] with the name of the process, and [PID] with the process ID that you want to kill.

    Taskkill /s [ComputerName] /IM [ProcessName]
    Taskkill /s [ComputerName] /PID [PID]
    Kill process remotely using Taskkill 1
    Kill process remotely using Taskkill
  3. Now enter the password for the user account.

    Provide the password
    Provide the password

    The process will now be terminated successfully.

Kill Process Remotely using PsKill

PsKill comes with the SysInternals PsTool suite. It can also be used to kill a process on a remote computer. Here is how:

  1. Start by downloading the PsTools.

    Download PsTools
    Download PsTools
  2. Extract the contents of the PsTool file.

    Extract PsTools
    Extract PsTools
  3. Now launch an elevated Command Prompt and then use the CD cmdlet to change your directory to the extract PsTools folders.

    CD [PathToPsTools]
    Change directory to PsTools folder
    Change directory to PsTools folder
  4. Now use the following cmdlet to kill a process using its name or PID:

    Replace [ComputerName] with the name of the remote PC, [Username] with the user account to connect with, [Password] with the password of the associated username, and [ProcessNameOrID] with either the name of the process that you wish to terminate or its PID.

    PsKill \\[ComputerName] -U [Username] -P [Password] [ProcessNameOrID]
    Terminate Windows process remotely using PsKill
    Terminate Windows process remotely using PsKill

    The selected process will now be terminated on the remote computer.

Kill Process Remotely using Stop-Process (PowerShell)

Similar to the methods above, you can also kill a process using Windows PowerShell . This can be done using the Stop-Process cmdlet. One caveat of this command is that you cannot provide the name of the remote computer directly. However, it can be achieved using the Invoke-Command cmdlet and providing the credentials initially to connect to the remote PC.

Invoke-Command allows you to run commands on other computers.

Use the following steps to kill a process remotely using PowerShell:

  1. Launch an elevated PowerShell instance.

  2. Run the following command to invoke a request to save the credentials:

    $Credentials=Get-Credential
  3. Now enter the credentials for the remote computer and click Ok.

    Provide and save credentials
    Provide and save credentials
  4. Now use the following command to terminate a process remotely:

    Replace [ComputerName] with the name of the remote PC, and [ProcessName] with the name of the process that you want to kill without its file extension.

    Invoke-Command -ComputerName [CompuetrName] -Credential $credentials {Stop-Process -name "[ProcessName]"}
    Kill process remotely using Stop Process PowerShell
    Kill process remotely using Stop-Process (PowerShell)

    Note: If you experience any connectivity errors when running this command, make sure that the “Windows Remote Management” service is running on the remote computer.

The selected process will now be terminated on the remote computer. This concludes our discussion on managing the different tasks and processes on a remote Windows computer.

Manage Windows Services Remotely

Like the processes, you can also manage Windows services remotely. This section covers both the command-line methods and the GUI-based method to start, stop, or restart Windows services remotely.

Let us start with the GUI method that involves using the local Windows Services Console.

Start, Stop, Restart Windows Services Remotely using Services Console

If you have prior experience with the Service Console, you would know that it is used to manage the various Windows services, and can be used to start, stop, restart, and disable Windows services on the local computer. Today, we are going to tell you that it can also be used to manage the services on other computers on your network.

The Services Console can connect to other computers directly and manage them as well.

Here are the steps to use the built-in Services Console to manage Windows services remotely :

  1. Open the Services Console by typing in “services.msc” in the Run Command box.

    Open the Services Console
    Open the Services Console
  2. Click “Action” from the ribbon menu and then click “Connect to another computer.”

    Connect Services to another computer
    Connect Services to another computer
  3. Select “Another computer,” enter the name of the remote PC, and click Ok.

    Enter the remote computers name
    Enter the remote computers name
  4. Ensure that the Services Console has successfully connected to the remote computer.

    Services Console successfully connected to remote computer
    Services Console successfully connected to remote computer
  5. You may now continue to Start, Stop, or Restart a service simply by right-clicking it.

    Start Stop Restart a service from the Service Console
    Start, Stop, Restart a service from the Service Console

If you would rather use the command line to manage Windows services remotely, refer to the remaining methods down below.

Start, Stop, Restart Windows Services Remotely using SC.exe

“sc.exe” is a Windows-native command-line tool used to manage Windows services. It is also capable of controlling the services on another PC on the network.

You can use either of the following syntaxes to start or stop a service remotely on another computer using an elevated Command Prompt:

SC \\[ComputerName] Start [ServiceName]
SC \\[ComputerName] Stop [ServiceName]
Start or stop Windows service remotely using SC from Command Prompt
Start or stop Windows service remotely using SC from Command Prompt

Start, Stop, Restart Windows Services Remotely using PsService

Like PsExec, PsList, and PsKill, PsService is another tool part of the Sysinternals PsTools suite used to manage Windows services remotely. Use the following steps to use PsService to start or stop a Windows service on a remote PC:

  1. Start by downloading the PsTools.

    Download PsTools
    Download PsTools
  2. Extract the contents of the PsTool file.

    Extract PsTools
    Extract PsTools
  3. Now launch an elevated Command Prompt and then use the CD cmdlet to change your directory to the extract PsTools folders.

    CD [PathToPsTools]
    Change directory to PsTools folder
    Change directory to PsTools folder
  4. Now use the following cmdlets to start or stop a Windows process on the remote computer:

    Replace [ComputerName] with the name of the remote PC, [ServiceName] with the name of the service, and [Action] with either “Start”, “Stop”, or “Restart”, depending on what you want to do with the service.

    PsService \\[ComputerName] [Action] [ServiceName]
    Start Stop Restart Windows service using PsService
    Start, Stop, Restart Windows service using PsService

Final Verdict

This article lists the various methods that can be used to manage Windows services and processes remotely, so you do not need to have physical access to a server/computer.

As you may notice, most of the methods discussed are using the command-line interfaces on Windows OS. This is because the command line usually provides more options to better control and manage the various Windows components when compared to the regular GUI-based interface.

If you are a sysadmin, then surely this article is worth a read.

If you liked this post, Share it on:
Subhan Zafar is an established IT professional with interests in Windows and Server infrastructure testing and research, and is currently working with Itechtics as a research consultant. He has studied Electrical Engineering and is also certified by Huawei (HCNA & HCNP Routing and Switching).

Get Updates in Your Inbox

Sign up for the regular updates and be the first to know about the latest tech information