Windows server 2003 command line tools
1 / 22

Windows Server 2003 Command-Line Tools - PowerPoint PPT Presentation

  • Updated On :

Windows Server 2003 Command-Line Tools Robbie Allen Cisco Systems Agenda Why Use Command-Line Tools? Microsoft Command-Line Tool Resources Other Command-Line Tool Resources Q/A Why Use a Command-Line over a GUI? 1. Faster than the clickity-click counterpart

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Windows Server 2003 Command-Line Tools' - johana

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Windows server 2003 command line tools l.jpg

Windows Server 2003 Command-Line Tools

Robbie Allen

Cisco Systems

Agenda l.jpg

  • Why Use Command-Line Tools?

  • Microsoft Command-Line Tool Resources

  • Other Command-Line Tool Resources

  • Q/A

Why use a command line over a gui l.jpg
Why Use a Command-Line over a GUI?

1. Faster than the clickity-click counterpart

  • View the network configuration:

    • ipconfig /all

  • Find all VBScript files in the path:

    • where *.vbs

  • Append a “1” to every file in the current directory:

Why use a command line over a gui4 l.jpg
Why Use a Command-Line over a GUI?

2. In some cases you don’t have a choice

  • Create an entry in an Event Log

    • eventcreate /L Application /T Error /ID 777 /D "Error Will Robinson"

  • Redirect the default AD computers container to an alternate location

    • redircmp “ou=MyComputers,dc=rallencorp,dc=com”

  • Diagnose AD DNS configuration issues

    • dnslint /ad /s localhost /v

Why use a command line over a gui5 l.jpg
Why Use a Command-Line over a GUI?

3. Enhances your remote management capabilities

  • Many of the new tools have a /S option for targeting a remote machine

    • systeminfo /S rallen-srv1

  • With Sysinternals psexec you can even run non-remoteable utilities remotely

    • psexec \\rallen-srv1 cmd /k dir c:\

Why use a command line over a gui6 l.jpg
Why Use a Command-Line over a GUI?

4. Enables you to automate common/complex tasks

  • Simple batch scripts just contain commands to run in sequence

  • Disable all inactive computer accounts and send the results in an email (2 commands)

    • oldcmp -report -file inactive.html -disable -b "cn=computers,dc=rallencorp,dc=com“

    • blat inactive.html -to [email protected] -html

Microsoft command line tool resources l.jpg
Microsoft Command-Line Tool Resources

  • Windows Server 2003

  • Windows Resource Kit

  • Windows Support Tools

  • Downloadable Tools

  • SFU 3.5

What s new in windows server 2003 windir help ntcmds chm l.jpg
What's New in Windows Server 2003%windir%\Help\ntcmds.chm

  • systeminfo – Displays detailed configuration information about a computer and its operating system

  • wmic – Extremely powerful command-line interface into WMI

  • dsadd / dsmod / dsrm / dsget / dsquery / dsmove – Set of command-line tools for querying and modifying Active Directory

  • netsh – Query network configuration, perform diagnostics and manage network services such as DHCP and IPSec

  • bootcfg – Configures, queries, or changes Boot.ini file settings

  • sc – Retrieves and sets information about services. Tests and debugs service programs.

  • schtasks – Command-line interface into the Task Scheduler service. With it you can query, add, modify and delete scheduled tasks

What s new in windows server 2003 cont d l.jpg
What's New in Windows Server 2003 (cont’d)

  • tasklist / taskkill – Search and terminate processes

  • reg – Query and manipulate the Registry

  • redirusr / redircmp – Redirect the default users and computers containers in Active Directory

  • forfiles – Perform a command over several files at once

  • openfiles – Queries and disconnects open files

  • fsutil / freedisk / diskpart – File and disk configuration and query tools

  • eventcreate / eventquery / eventtriggers – Create and query events and event triggers

  • gpupdate / gpresult – Force group policies to be applied to a computer and view the results

  • shutdown – Log off, restart, or shut down a computer

Windows resource kit l.jpg
Windows Resource Kit

  • creatfil – Create a file of arbitrary size

  • diskuse – Scans a single directory, a directory tree, or an entire drive and reports the amount of space used by each user or all users

  • gpotool – Display info about the GPOs in a domain and check for inconsistencies across DCs

  • klist – Display and purge the Kerberos tickets on a computer

  • linkd – Create a junction point (file link)

  • linkspeed – Determines link speed to a remote system

  • moveuser – Use MoveUser after moving a user to a different domain so that the user can keep the user profile associated with the original user account

  • ntrights – Grant or revoke a right for a user or group of users on a local or remote computer

Windows resource kit cont d l.jpg
Windows Resource Kit (cont’d)

  • permcopy – Copy share-level permissions from one share to another

  • perms – Display user access permissions for a file or directory

  • showacls – Enumerates access rights for files, folders

  • showpriv – Displays the rights assigned to users and groups

  • qgrep – Search a file or list of files for a specific string or pattern and return the line containing the match

  • robocopy – Robust file copy utility

  • srvcheck – Lists nonhidden shares on a computer and enumerates the ACLs for each

  • srvinfo – Displays information about a server, including available disk space, partition types, installed hotfixes, and the status of services

Windows support tools l.jpg
Windows Support Tools


  • whoami – Display the username, SID, and groups of the currently logged on user

  • pmon – Displays several measures of processor and memory use of running processes

  • netdom – Manages computer names, trusts, and secure channels

  • diruse – Displays directory size information


  • acldiag – Detects and reports discrepancies in ACLs of objects in Active Directory. It can also reapply a security delegation template to an ACL

  • xcacls – Query and modify file ACLs

  • dsacls – Query and modify Active Directory ACLs


  • portqry – Robust port query tool

  • netdiag – Network connectivity diagnostics tool

  • netcap – Command-line version of Netmon

Windows support tools cont d l.jpg
Windows Support Tools (cont’d)

Active Directory:

  • dcdiag – Domain controller diagnostics tool

  • dsastat – Compare trees of two DCs and get object count report

  • nltest – Domain controller, trust and netlogon query tool

  • movetree – Move objects within a domain or to a different domain

  • repadmin – Advanced replication diagnostics tool


  • dnscmd – One stop shop for managing the MS DNS server

  • dnslint – Helps diagnose common DNS resolution issues (MS KB 321045)

Downloadable tools http download microsoft com l.jpg
Downloadable Tools (

  • GPMC – Suite of group policy management tools which includes several VBS scripts that can be used from the command-line

  • mbsacli – Security analyzer

  • adtest – Active Directory load-generation tool that simulates client transactions

  • dsrevoke – Views and removes permissions in Active Directory

  • dsde – Part of the DSML for Windows installation; query, import and export from AD using LDAP or DSML

  • subinacl – Robust ACL query and modification tool

Sfu 3 5 l.jpg
SFU 3.5

  • Available for free now:

  • Contains many popular UNIX tools:

    • ksh

    • ls

    • wc

    • vi

    • cat

    • cron / crontab

    • grep / egrep / fgreg

    • head / tail

    • cp / mv / rm

    • ps

    • top

  • And many more…

Other command line tool resources l.jpg
Other Command-Line Tool Resources

  • Sysinternals

  • Joeware

  • Miscellaneous

Sysinternals http www sysinternals com l.jpg
Sysinternals (

  • handle – Display the files and folders a process has open

  • listdlls – Display the DLLs that has a process has loaded or the processes that are using a particular DLL

  • netstatp – View open ports and the processes and protocols associated with them

  • sdelete – “Securely” delete files

  • adrestore – Enumerate and restore deleted objects in AD

  • junction – Similar to linkd; creates junction points (i.e., file/folder links)

Sysinternals ps tools l.jpg
Sysinternals (PS Tools)

  • PsExec – Execute processes remotely

  • PsFile – Show open files remotely

  • PsGetSid – Display the SID of a computer or a user

  • PsKill – Kill processes by name or process ID

  • PsInfo – List information about a system

  • PsList – List detailed information about processes

  • PsLoggedOn – See who's logged on locally and via resource sharing

  • PsLogList– Dump event log records

  • PsPasswd – Changes account passwords

  • PsService – View and control services

  • PsShutdown – Shuts down and optionally reboots a computer

  • PsSuspend – Suspends processes

  • PsUptime – Shows you how long a system has been running since its last reboot

Joeware http www joeware net l.jpg
Joeware (

  • adfind – Robust and flexible AD query utility (the best around)

  • oldcmp – Find old computer accounts and disable or delete them

  • unlock – Find and unlock locked out accounts

  • adqueueloop – Similar to repadmin /queue but includes the number of items in the inbound queue and shows the top item in the queue

  • getuserinfo – net user on steroids

  • secdata – Retrieve security-related data about users from AD

  • memberOf – Retrieve a user’s group membership from AD (shows nested group membership)

  • sectok – Displays the SID and token (including all sids/names of groups that token contains) of a user

  • cpau – Similar to runas, but lets you specify a password as an option

Miscellaneous l.jpg

  • blat – Sends the contents of a file in an e-mail using SMTP (

  • dig – Advanced DNS query utility (

  • whois – Query the whois database (

  • setacl – Modify the ACL (DACL and SACL) on files, the registry, services, printers, and shares (

  • compname – Dynamically generate and set the computer name based the serial number, system GUID, MAC address, IP address, date, DNS name, or a random element (

  • Other sites:



Slide21 l.jpg

At a bookstore near you l.jpg
At a Bookstore Near You

  • My Books

    • Active Directory Cookbook (Oct 2003)

    • Active Directory, 2nd Edition (Apr 2003)

    • DNS on Windows Server 2003 (Dec 2003)

    • Windows Server Cookbook (Summer 2004)

    • Windows XP Cookbook (Fall 2004)

  • Other O’Reilly Books Coming Out Soon:

    • Windows Server Hacks (Apr 2004)

    • Exchange Server Cookbook (Fall 2004)

    • Securing Windows Server 2003 (Summer 2004)

    • Managing Windows Server 2003 (Summer 2004)