Windows Server 2003 CommandLine Tools - PowerPoint PPT Presentation


PPT – Windows Server 2003 CommandLine Tools PowerPoint presentation | free to download - id: 2acb1-MzQzZ


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation

Windows Server 2003 CommandLine Tools


Windows Resource Kit (cont'd) permcopy Copy share-level permissions from ... dsde Part of the DSML for Windows installation; query, import and export from ... – PowerPoint PPT presentation

Number of Views:478
Avg rating:3.0/5.0
Slides: 23
Provided by: erikrut


Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Windows Server 2003 CommandLine Tools

Windows Server 2003 Command-Line Tools
  • Robbie Allen
  • Cisco Systems

  • Why Use Command-Line Tools?
  • Microsoft Command-Line Tool Resources
  • Other Command-Line Tool Resources
  • Q/A

Why Use a Command-Line over a GUI?
  • 1. Faster than the clickity-click counterpart
  • View the network configuration
  • ipconfig /all
  • Find all VBScript files in the path
  • where .vbs
  • Append a 1 to every file in the current
  • forfiles -p.\ -v -c"cmd /c if not _at_ISDIRTRUE
    ren _at_FILE _at_FNAME_WITHOUT_EXT1._at_EXT"

Why Use a Command-Line over a GUI?
  • 2. In some cases you dont have a choice
  • Create an entry in an Event Log
  • eventcreate /L Application /T Error /ID 777 /D
    "Error Will Robinson"
  • Redirect the default AD computers container to an
    alternate location
  • redircmp ouMyComputers,dcrallencorp,dccom
  • Diagnose AD DNS configuration issues
  • dnslint /ad /s localhost /v

Why Use a Command-Line over a GUI?
  • 3. Enhances your remote management capabilities
  • Many of the new tools have a /S option for
    targeting a remote machine
  • systeminfo /S rallen-srv1
  • With Sysinternals psexec you can even run
    non-remoteable utilities remotely
  • psexec \\rallen-srv1 cmd /k dir c\

Why Use a Command-Line over a GUI?
  • 4. Enables you to automate common/complex tasks
  • Simple batch scripts just contain commands to run
    in sequence
  • Disable all inactive computer accounts and send
    the results in an email (2 commands)
  • oldcmp -report -file inactive.html -disable -b
  • blat inactive.html -to -html

Microsoft Command-Line Tool Resources
  • Windows Server 2003
  • Windows Resource Kit
  • Windows Support Tools
  • Downloadable Tools
  • SFU 3.5

What's New in Windows Server 2003 windir\Help\nt
  • systeminfo Displays detailed configuration
    information about a computer and its operating
  • wmic Extremely powerful command-line interface
    into WMI
  • dsadd / dsmod / dsrm / dsget / dsquery / dsmove
    Set of command-line tools for querying and
    modifying Active Directory
  • netsh Query network configuration, perform
    diagnostics and manage network services such as
    DHCP and IPSec
  • bootcfg Configures, queries, or changes
    Boot.ini file settings
  • sc Retrieves and sets information about
    services. Tests and debugs service programs.
  • schtasks Command-line interface into the Task
    Scheduler service. With it you can query, add,
    modify and delete scheduled tasks

What's New in Windows Server 2003 (contd)
  • tasklist / taskkill Search and terminate
  • reg Query and manipulate the Registry
  • redirusr / redircmp Redirect the default users
    and computers containers in Active Directory
  • forfiles Perform a command over several files
    at once
  • openfiles Queries and disconnects open files
  • fsutil / freedisk / diskpart File and disk
    configuration and query tools
  • eventcreate / eventquery / eventtriggers
    Create and query events and event triggers
  • gpupdate / gpresult Force group policies to be
    applied to a computer and view the results
  • shutdown Log off, restart, or shut down a

Windows Resource Kit
  • creatfil Create a file of arbitrary size
  • diskuse Scans a single directory, a directory
    tree, or an entire drive and reports the amount
    of space used by each user or all users
  • gpotool Display info about the GPOs in a domain
    and check for inconsistencies across DCs
  • klist Display and purge the Kerberos tickets on
    a computer
  • linkd Create a junction point (file link)
  • linkspeed Determines link speed to a remote
  • moveuser Use MoveUser after moving a user to a
    different domain so that the user can keep the
    user profile associated with the original user
  • ntrights Grant or revoke a right for a user or
    group of users on a local or remote computer

Windows Resource Kit (contd)
  • permcopy Copy share-level permissions from one
    share to another
  • perms Display user access permissions for a
    file or directory
  • showacls Enumerates access rights for files,
  • showpriv Displays the rights assigned to users
    and groups
  • qgrep Search a file or list of files for a
    specific string or pattern and return the line
    containing the match
  • robocopy Robust file copy utility
  • srvcheck Lists nonhidden shares on a computer
    and enumerates the ACLs for each
  • srvinfo Displays information about a server,
    including available disk space, partition types,
    installed hotfixes, and the status of services

Windows Support Tools
  • System
  • whoami Display the username, SID, and groups of
    the currently logged on user
  • pmon Displays several measures of processor and
    memory use of running processes
  • netdom Manages computer names, trusts, and
    secure channels
  • diruse Displays directory size information
  • ACLs
  • acldiag Detects and reports discrepancies in
    ACLs of objects in Active Directory. It can also
    reapply a security delegation template to an ACL
  • xcacls Query and modify file ACLs
  • dsacls Query and modify Active Directory ACLs
  • Network
  • portqry Robust port query tool
  • netdiag Network connectivity diagnostics tool
  • netcap Command-line version of Netmon

Windows Support Tools (contd)
  • Active Directory
  • dcdiag Domain controller diagnostics tool
  • dsastat Compare trees of two DCs and get object
    count report
  • nltest Domain controller, trust and netlogon
    query tool
  • movetree Move objects within a domain or to a
    different domain
  • repadmin Advanced replication diagnostics tool
  • DNS
  • dnscmd One stop shop for managing the MS DNS
  • dnslint Helps diagnose common DNS resolution
    issues (MS KB 321045)

Downloadable Tools (http//
  • GPMC Suite of group policy management tools
    which includes several VBS scripts that can be
    used from the command-line
  • mbsacli Security analyzer
  • adtest Active Directory load-generation tool
    that simulates client transactions
  • dsrevoke Views and removes permissions in
    Active Directory
  • dsde Part of the DSML for Windows installation
    query, import and export from AD using LDAP or
  • subinacl Robust ACL query and modification tool

SFU 3.5
  • Available for free now http//
  • Contains many popular UNIX tools
  • ksh
  • ls
  • wc
  • vi
  • cat
  • cron / crontab
  • grep / egrep / fgreg
  • head / tail
  • cp / mv / rm
  • ps
  • top
  • And many more…

Other Command-Line Tool Resources
  • Sysinternals
  • Joeware
  • Miscellaneous

Sysinternals (http//
  • handle Display the files and folders a process
    has open
  • listdlls Display the DLLs that has a process
    has loaded or the processes that are using a
    particular DLL
  • netstatp View open ports and the processes and
    protocols associated with them
  • sdelete Securely delete files
  • adrestore Enumerate and restore deleted objects
    in AD
  • junction Similar to linkd creates junction
    points (i.e., file/folder links)

Sysinternals (PS Tools)
  • PsExec Execute processes remotely
  • PsFile Show open files remotely
  • PsGetSid Display the SID of a computer or a
  • PsKill Kill processes by name or process ID
  • PsInfo List information about a system
  • PsList List detailed information about
  • PsLoggedOn See who's logged on locally and via
    resource sharing
  • PsLogList Dump event log records
  • PsPasswd Changes account passwords
  • PsService View and control services
  • PsShutdown Shuts down and optionally reboots a
  • PsSuspend Suspends processes
  • PsUptime Shows you how long a system has been
    running since its last reboot

Joeware (http//
  • adfind Robust and flexible AD query utility
    (the best around)
  • oldcmp Find old computer accounts and disable
    or delete them
  • unlock Find and unlock locked out accounts
  • adqueueloop Similar to repadmin /queue but
    includes the number of items in the inbound queue
    and shows the top item in the queue
  • getuserinfo net user on steroids
  • secdata Retrieve security-related data about
    users from AD
  • memberOf Retrieve a users group membership
    from AD (shows nested group membership)
  • sectok Displays the SID and token (including
    all sids/names of groups that token contains) of
    a user
  • cpau Similar to runas, but lets you specify a
    password as an option

  • blat Sends the contents of a file in an e-mail
    using SMTP (http//
  • dig Advanced DNS query utility
  • whois Query the whois database
  • setacl Modify the ACL (DACL and SACL) on files,
    the registry, services, printers, and shares
  • compname Dynamically generate and set the
    computer name based the serial number, system
    GUID, MAC address, IP address, date, DNS name, or
    a random element (http//
  • Other sites
  • http//
  • http//

  • Thank you for your time!
  • Email

At a Bookstore Near You
  • My Books
  • Active Directory Cookbook (Oct 2003)
  • Active Directory, 2nd Edition (Apr 2003)
  • DNS on Windows Server 2003 (Dec 2003)
  • Windows Server Cookbook (Summer 2004)
  • Windows XP Cookbook (Fall 2004)
  • Other OReilly Books Coming Out Soon
  • Windows Server Hacks (Apr 2004)
  • Exchange Server Cookbook (Fall 2004)
  • Securing Windows Server 2003 (Summer 2004)
  • Managing Windows Server 2003 (Summer 2004)