Windows NT services monitoring

Windows NT services monitoring made easy with BizTalk360

Published on : Mar 1, 2022

Category : BizTalk Server

Sandhiya Sivakumar


Windows NT Services are one of the crucial components in a Microsoft BizTalk environment that are responsible for the execution of important operations and routine actions. If they are not running properly, the system’s performance will deteriorate over time. Majority of the time, the first and foremost thing you need to find when there is a downtime of the service is “Whether the service is running”. If you are a BizTalk360 user, you might know that the product can monitor the state of the NT services running on BizTalk Server and SQL Server, and immediately restore them to their expected state when a mismatch is detected.

Check out this blog to learn more about how BizTalk360 can help you monitor the status of NT Services by avoiding time-consuming manual checks on a long list of services running on various servers.

To reduce our customers’ pain point, even more, we have brought enhanced options in the existing NT Services monitoring. Let us look into the new options that made Windows NT services monitoring even simpler.

Startup Type Monitoring

The startup type of any service indicates how Windows starts that service. Services can be started automatically, automatically with a delay or trigger, manually, or disabled, which means they are never started. Typically, startup types can be classified into the seven categories listed below.

  1. Automatic
  2. Automatic (Delayed Start)
  3. Automatic (Trigger Start)
  4. Automatic (Delayed Start, Trigger Start)
  5. Manual
  6. Manual (Trigger Start)
  7. Disabled

In many instances, services require other services or system components to run before they can start running. If the dependencies fail to start automatically on their own, the services that rely on them will also fail to start. Also, there might be a few services that are not essential for your system but still consume valuable resources like CPU and memory, so to prevent them from automatically starting, you want them to be disabled or started manually only when it is needed. So, in addition to verifying the current state of the service, if you want to prevent a service from starting automatically or keep a service running in the background, you must keep an eye on the startup type of the services. Frequently tracking the startup type of thousands of services is not an easy task. To make you get rid of this, we now included an option to set the expected startup type for services.

Once configuring the expected state of the service, simply click on the service to monitor the startup type. Set the expected startup type according to your requirement and save it. That’s all! Now you no longer need to worry about the incorrect startup type of a service, because BizTalk360 will continuously monitor it and send you timely alerts if there is any discrepancy between the actual and expected startup type.

NT services monitoring Rules

Since BizTalk360 lists all the services running on a server and that list can be very lengthy, along with the grid filter option we have added state and startup based selection, which allows you to select the desired services in a single click.

NT services monitoring

Log On As Monitoring

The log on account used to start a service defines the security context for the Windows service. In other words, it determines which local and network resources the service can access and what it can do with those resources. As a result, if any user has access to modify or write the service, they might accidentally change it or misuse it to gain service level privilege. BizTalk360 not only assists you in avoiding business disruptions, but it also takes responsibility for preventing such security breaches by providing the option to monitor “Log On As Account” of a service. Similar to the Startup type, you can easily specify the expected log on account of any service.

Log On As Monitoring

Generally, log on account of services can be classified into the following types:

  1. Local System – The account has extensive privileges on the local system and acts as the computer on the network.
  2. Local Service – A built-in account that has the same level of access to resources and objects as members of the Users group.
  3. Network Service – A built-in account that has more access to resources and objects than members of the Users group.
  4. NT Service (Followed by service name) – A virtual account that allows each service to function within its own security context, without having access to the resources of another service.
  5. Local Users
  6. Domain Users

In the expected log on option, you can find the built-in security principles, an option as “NT Service Account” to describe the virtual accounts, and all the local users and domain users in your system. You can easily search and map the appropriate expected log on for a service. To make it easier for the user, separate icons are provided to differentiate between local and domain users.

NT Services

BizTalk360 makes use of the Active directory (AD) to get all the domain users available in your system. To avoid frequently checking the AD and to improve the performance, just enable “Active Directory Cache” in the system settings. As a result, BizTalk360 will cache the most recent user list and refresh it every two hours. You can also manually clear the cache if you notice a change in the users.

NT Services

With this well-planned monitoring, you can quickly get informed about a problem and detect issues, thus saving time and costs of your team and environment.

Note: You can monitor Startup Type and Log On As, only if you enable monitoring for Current State. If you set state monitoring of a service to “Do Not Monitor” the mappings (if any) for startup type and log on as will be removed automatically.

Easy-to-use-platform to view the monitoring results

After specifying the monitoring conditions for a service, you can view the latest monitor result for that service at any time just by clicking on the eye icon at the end of the service detail row. That displays the monitor status, actual condition, and expected condition for the service.

monitoring results

At the left corner of the service detail, you can see the consolidated monitor status of all the mappings configured for the service.

consolidated monitor status

If at any point in time, the expected log on user account has been removed or renamed, you will be informed about it in the UI and get alerts for the same.

Windows NT services monitoring

To make the monitoring actionable, BizTalk360 sends the details of detected problems via multiple channels like Mail, Microsoft Teams, Slack, Twilio and few more.

Windows NT services monitoring

Note: If you are upgrading from any lower version of BizTalk360 to v10.2, please use the new email template or restore the existing templates, as we have modified the default template format to provide clear results for NT service monitoring.


When something goes wrong with your NT services, it’s essential to figure out what’s causing the problem and fix it before it impacts your business. To reduce the complexity of checking the services with multiple third-party tools or scripts, BizTalk360 offers this easy and enhanced Windows NT Service monitoring from a single place. We hope these new monitoring capabilities will add value to our customers and minimize the need for manual diagnosis.

If you haven’t tried BizTalk360 yet, take a test drive of its cool features yourself, by signing up for a free trail.