Osirium Logo

Check Windows Service State

Check Windows Service State Playbook IconCheck Windows Service State Playbook Icon

This is a scheduled task for checking the state of a service on one or more Windows Server PAM devices.

The task supports connecting to both domain-joined & local Windows Servers.

It requires:

  • A PAM Server provisioned as a Vault in PPA
  • One or more Windows Servers provisioned in the PAM Server
  • WinRM connectivity to each Windows Server

Playbook Files

Requires PPA version 2.10.0 or newer

Running this Playbook

  • Click download playbook
  • Import the downloaded file via the Playbooks page on PPA
  • Build the playbook from the Edit & Build tab
  • Run the playbook from the Preview & Deploy tab
* Requires PPA v2.9.x or newer


Required PAM Inventory

  • One or more Active Directories
  • One or more Windows Server devices attached to an Active Directory


This task will use each device's control account in PAM to make the connection.

Each Windows device control account must have permissions to view & start services.

What the Task Does

  • Gets one or more Windows devices from a PAM Server
  • Checks the state of a specific service on each Windows device
  • Starts the service if it is not running (optional)
  • Sends an email alert if the service was not running on any devices

Schedule Payload

This task should be started by a PPA schedule.

The following information is required in the task payload:

  • pam_address: the IP address or hostname of the PAM Vault in PPA

  • device_hostnames: a list of Windows device hostnames in PAM

  • service_name: the name of the service to check

  • alert_email_address: an email address to send alerts to (if applicable)

  • restart: either true or false, denoting whether to start the service if it is not running

Using the following payload, the task will:

  • Get the 3 supplied devices from PAM Vault pam.internal.net
  • Check the Windows Update Service on the 3 devices
  • Start the service if it is stopped
  • Send any stopped service alerts to sysadmin@example.com
    "pam_address": "pam.internal.net",
    "service_name": "wuauserv",
    "device_hostnames": [
    "restart": true,
    "alert_email_address": "sysadmin@example.com"

You can use the example payload above as a template.

Powershell Remoting (WinRM)

This task uses Powershell Remoting over WinRM to connect to the Windows Server.

See this Microsoft article for more information on how to securely enable WinRM.

Connection Settings

By default this playbook will:

  • Use SSL when connecting to the Windows server
  • Validate the Windows server certificate

You can change these values by uncommenting lines 165 & 166.

Product Boot Screen

Get PPA for free!

Start automating your estate with a free 30 day trial today. No signup required!

Get PPA Express


Theale Court
11-13 High Street, Theale
Reading, Berkshire, RG7 5AH
United Kingdom
+44 (0) 118 324 2444

Osirium Logo

Copyright 2020 Osirium Ltd.