windows-admin-mcp
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@windows-admin-mcpcheck system health and status"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
windows-admin-mcp
AI SRE Agent for Windows. An MCP server that gives AI assistants (Claude Desktop, Cursor, Windsurf, Claude Code) the ability to manage, monitor, and diagnose Windows systems.
Not just a PowerShell wrapper: includes multi-step diagnostics, trend analysis, safety controls, and audit logging.
42 tools across 8 modules + 3 MCP resources.
Quick Start
Interactive setup — detects your MCP clients and configures them automatically:
npx windows-admin-mcp --setupOr configure manually — add to your client's config:
Claude Desktop
Add to %APPDATA%\Claude\claude_desktop_config.json:
{
"mcpServers": {
"windows-admin": {
"command": "npx",
"args": ["-y", "windows-admin-mcp"]
}
}
}Cursor / VS Code / Windsurf
Add to your MCP config (.cursor/mcp.json, .vscode/mcp.json, etc.):
{
"servers": {
"windows-admin": {
"command": "npx",
"args": ["-y", "windows-admin-mcp"]
}
}
}Claude Code
claude mcp add windows-admin -- npx -y windows-admin-mcpModules
Services (6 tools)
Tool | Description |
| List services with optional status/name filter |
| Get detailed info including dependencies |
| Start a service |
| Stop a service (confirmation required) |
| Restart a service (confirmation required) |
| Change startup type (Automatic, Manual, Disabled) |
Event Viewer (5 tools)
Tool | Description |
| Query events by log, level, source, time range, keyword |
| List available event logs with record counts |
| List event sources for a specific log |
| Explain Event ID: description, causes, fixes (built-in KB) |
| Summary of recent events grouped by level |
Task Scheduler (8 tools)
Tool | Description |
| List tasks with optional path/state filter |
| Get task details: triggers, actions, last run info |
| Enable a task |
| Disable a task |
| Run a task immediately |
| Create a new scheduled task |
| Delete a task (confirmation required) |
| Get task execution history |
Processes (4 tools)
Tool | Description |
| List processes sorted by CPU/Memory/Name |
| Detailed process info (CPU, memory, path, threads) |
| Kill a process by name or PID (confirmation + blocklist) |
| Which process holds which TCP port |
Network (4 tools)
Tool | Description |
| ICMP ping to a host |
| Check if a TCP port is open on a remote host |
| DNS lookup (A, AAAA, MX, CNAME, NS, TXT, etc.) |
| List active TCP connections with process info |
Diagnostics (4 tools)
Tool | Description |
| Multi-step diagnosis: status, port, errors, deps, hypothesis |
| Full health overview: CPU, RAM, disk, top processes, errors |
| Bulk start/stop/restart services by pattern (with limits) |
| Bulk enable/disable tasks by pattern (with limits) |
Observability (5 tools)
Tool | Description |
| Poll for new Critical/Error events (delta only, watermark) |
| Detect auto-start services that are stopped |
| What changed in last N hours (new services, tasks, state) |
| Error rate trend analysis (growing/shrinking/stable) |
| Service restart frequency, crash detection |
Safety & Audit (6 tools)
Tool | Description |
| View current safety/audit configuration |
| Reload config from file |
| Confirm a pending destructive action |
| List pending confirmations |
| Cancel a pending action |
| Query the audit log |
MCP Resources
Resource | URI | Description |
System Info |
| OS, CPU, RAM, uptime, hostname |
System Health |
| Live health status with overall rating |
Services Summary |
| Service counts by status and startup type |
Safety Features
Destructive operations (kill, stop, restart, delete, bulk) are protected:
Confirmation flow: Returns a preview +
confirmationId. Callconfirm_actionto proceed.Blocklist: Critical processes (
lsass,csrss,svchost,winlogon, etc.) are blocked by default.Bulk limits: Maximum 20 operations per bulk call (configurable).
Audit log: All operations logged to JSONL file with timestamps.
Disable confirmation for trusted environments:
{
"safety": {
"requireConfirmation": false
}
}Configuration
Create a config.json next to the installed package, or set WINDOWS_ADMIN_MCP_CONFIG env var:
{
"modules": {
"services": true,
"events": true,
"scheduler": true,
"processes": true,
"network": true,
"diagnostics": true,
"safety": true,
"observability": true
},
"safety": {
"requireConfirmation": true,
"confirmationTimeoutMs": 300000,
"blocklist": ["lsass", "csrss", "svchost", "winlogon", "smss"],
"allowlist": []
},
"limits": {
"maxProcessesToKill": 5,
"maxEventsToReturn": 500,
"maxBulkOperations": 20
},
"audit": {
"enabled": true,
"path": "./windows-admin-mcp-audit.jsonl",
"maxSizeMB": 50
}
}Usage Examples
"Why is SQL Server not working?"
diagnose_service(name: "MSSQLSERVER", port: 1433)Runs 4-step chain: service status, port check, recent errors, dependencies. Returns hypothesis.
"Is the system healthy?"
system_health()Single call: CPU, RAM, disk, top processes, recent errors, stopped auto-start services.
"Are errors increasing?"
error_trends(logName: "System", hours: 24)Hourly breakdown with trend (growing/shrinking/stable), top sources, top event IDs.
"What changed in the last hour?"
system_changes(hours: 1)New services installed, service state changes, new scheduled tasks.
"Kill the process on port 3000"
processes_ports(port: 3000) # Find the process
processes_kill(pid: 12345) # Returns confirmationId
confirm_action(confirmationId: "...") # ExecuteRequirements
Windows 10/11 or Windows Server 2016+
Node.js 18+
PowerShell 5.1+ (included with Windows)
Administrator privileges (for service control and some event logs)
Contributing
See CONTRIBUTING.md for guidelines.
License
MIT
windows-admin-mcp (RU)
AI SRE агент для Windows. MCP-сервер, позволяющий AI-ассистентам управлять, мониторить и диагностировать Windows.
Не просто обертка над PowerShell: многошаговая диагностика, анализ трендов, система безопасности, аудит.
42 инструмента, 8 модулей, 3 MCP-ресурса.
Быстрый старт
Автоматическая настройка — определяет установленные MCP-клиенты и конфигурирует их:
npx windows-admin-mcp --setupИли вручную — добавьте в конфиг Claude Desktop (%APPDATA%\Claude\claude_desktop_config.json):
{
"mcpServers": {
"windows-admin": {
"command": "npx",
"args": ["-y", "windows-admin-mcp"]
}
}
}Модули
Services (6): управление службами Windows
Event Viewer (5): запросы, объяснение Event ID, сводки
Task Scheduler (8): полное управление планировщиком
Processes (4): список, детали, kill, порты
Network (4): ping, порты, DNS, соединения
Diagnostics (4): diagnose_service, system_health, bulk-операции
Observability (5): watch mode, обнаружение изменений, тренды ошибок
Safety & Audit (6): конфигурация, подтверждение, аудит
Безопасность
Деструктивные операции требуют подтверждения через
confirm_actionКритические процессы (lsass, csrss, svchost) в блок-листе
Лимит на массовые операции (20 по умолчанию)
Все действия логируются в JSONL-файл
Лицензия
MIT
This server cannot be installed
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/devladpopov/windows-admin-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server