windows server 2003 command line tools l.
Skip this Video
Loading SlideShow in 5 Seconds..
Windows Server 2003 Command-Line Tools PowerPoint Presentation
Download Presentation
Windows Server 2003 Command-Line Tools

Loading in 2 Seconds...

play fullscreen
1 / 22

Windows Server 2003 Command-Line Tools - PowerPoint PPT Presentation

  • Uploaded on

Windows Server 2003 Command-Line Tools Robbie Allen Cisco Systems Agenda Why Use Command-Line Tools? Microsoft Command-Line Tool Resources Other Command-Line Tool Resources Q/A Why Use a Command-Line over a GUI? 1. Faster than the clickity-click counterpart

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Windows Server 2003 Command-Line Tools' - johana

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
windows server 2003 command line tools

Windows Server 2003 Command-Line Tools

Robbie Allen

Cisco Systems

  • Why Use Command-Line Tools?
  • Microsoft Command-Line Tool Resources
  • Other Command-Line Tool Resources
  • Q/A
why use a command line over a gui
Why Use a Command-Line over a GUI?

1. Faster than the clickity-click counterpart

  • View the network configuration:
    • ipconfig /all
  • Find all VBScript files in the path:
    • where *.vbs
  • Append a “1” to every file in the current directory:
    • forfiles -p.\ -v -c"cmd /c if not @ISDIR==TRUE ren @FILE @FNAME_WITHOUT_EXT1.@EXT"
why use a command line over a gui4
Why Use a Command-Line over a GUI?

2. In some cases you don’t have a choice

  • Create an entry in an Event Log
    • eventcreate /L Application /T Error /ID 777 /D "Error Will Robinson"
  • Redirect the default AD computers container to an alternate location
    • redircmp “ou=MyComputers,dc=rallencorp,dc=com”
  • Diagnose AD DNS configuration issues
    • dnslint /ad /s localhost /v
why use a command line over a gui5
Why Use a Command-Line over a GUI?

3. Enhances your remote management capabilities

  • Many of the new tools have a /S option for targeting a remote machine
    • systeminfo /S rallen-srv1
  • With Sysinternals psexec you can even run non-remoteable utilities remotely
    • psexec \\rallen-srv1 cmd /k dir c:\
why use a command line over a gui6
Why Use a Command-Line over a GUI?

4. Enables you to automate common/complex tasks

  • Simple batch scripts just contain commands to run in sequence
  • Disable all inactive computer accounts and send the results in an email (2 commands)
    • oldcmp -report -file inactive.html -disable -b "cn=computers,dc=rallencorp,dc=com“
    • blat inactive.html -to -html
microsoft command line tool resources
Microsoft Command-Line Tool Resources
  • Windows Server 2003
  • Windows Resource Kit
  • Windows Support Tools
  • Downloadable Tools
  • SFU 3.5
what s new in windows server 2003 windir help ntcmds chm
What's New in Windows Server 2003%windir%\Help\ntcmds.chm
  • systeminfo – Displays detailed configuration information about a computer and its operating system
  • wmic – Extremely powerful command-line interface into WMI
  • dsadd / dsmod / dsrm / dsget / dsquery / dsmove – Set of command-line tools for querying and modifying Active Directory
  • netsh – Query network configuration, perform diagnostics and manage network services such as DHCP and IPSec
  • bootcfg – Configures, queries, or changes Boot.ini file settings
  • sc – Retrieves and sets information about services. Tests and debugs service programs.
  • schtasks – Command-line interface into the Task Scheduler service. With it you can query, add, modify and delete scheduled tasks
what s new in windows server 2003 cont d
What's New in Windows Server 2003 (cont’d)
  • tasklist / taskkill – Search and terminate processes
  • reg – Query and manipulate the Registry
  • redirusr / redircmp – Redirect the default users and computers containers in Active Directory
  • forfiles – Perform a command over several files at once
  • openfiles – Queries and disconnects open files
  • fsutil / freedisk / diskpart – File and disk configuration and query tools
  • eventcreate / eventquery / eventtriggers – Create and query events and event triggers
  • gpupdate / gpresult – Force group policies to be applied to a computer and view the results
  • shutdown – Log off, restart, or shut down a computer
windows resource kit
Windows Resource Kit
  • creatfil – Create a file of arbitrary size
  • diskuse – Scans a single directory, a directory tree, or an entire drive and reports the amount of space used by each user or all users
  • gpotool – Display info about the GPOs in a domain and check for inconsistencies across DCs
  • klist – Display and purge the Kerberos tickets on a computer
  • linkd – Create a junction point (file link)
  • linkspeed – Determines link speed to a remote system
  • moveuser – Use MoveUser after moving a user to a different domain so that the user can keep the user profile associated with the original user account
  • ntrights – Grant or revoke a right for a user or group of users on a local or remote computer
windows resource kit cont d
Windows Resource Kit (cont’d)
  • permcopy – Copy share-level permissions from one share to another
  • perms – Display user access permissions for a file or directory
  • showacls – Enumerates access rights for files, folders
  • showpriv – Displays the rights assigned to users and groups
  • qgrep – Search a file or list of files for a specific string or pattern and return the line containing the match
  • robocopy – Robust file copy utility
  • srvcheck – Lists nonhidden shares on a computer and enumerates the ACLs for each
  • srvinfo – Displays information about a server, including available disk space, partition types, installed hotfixes, and the status of services
windows support tools
Windows Support Tools


  • whoami – Display the username, SID, and groups of the currently logged on user
  • pmon – Displays several measures of processor and memory use of running processes
  • netdom – Manages computer names, trusts, and secure channels
  • diruse – Displays directory size information


  • acldiag – Detects and reports discrepancies in ACLs of objects in Active Directory. It can also reapply a security delegation template to an ACL
  • xcacls – Query and modify file ACLs
  • dsacls – Query and modify Active Directory ACLs


  • portqry – Robust port query tool
  • netdiag – Network connectivity diagnostics tool
  • netcap – Command-line version of Netmon
windows support tools cont d
Windows Support Tools (cont’d)

Active Directory:

  • dcdiag – Domain controller diagnostics tool
  • dsastat – Compare trees of two DCs and get object count report
  • nltest – Domain controller, trust and netlogon query tool
  • movetree – Move objects within a domain or to a different domain
  • repadmin – Advanced replication diagnostics tool


  • dnscmd – One stop shop for managing the MS DNS server
  • dnslint – Helps diagnose common DNS resolution issues (MS KB 321045)
downloadable tools http download microsoft com
Downloadable Tools (
  • GPMC – Suite of group policy management tools which includes several VBS scripts that can be used from the command-line
  • mbsacli – Security analyzer
  • adtest – Active Directory load-generation tool that simulates client transactions
  • dsrevoke – Views and removes permissions in Active Directory
  • dsde – Part of the DSML for Windows installation; query, import and export from AD using LDAP or DSML
  • subinacl – Robust ACL query and modification tool
sfu 3 5
SFU 3.5
  • Available for free now:
  • Contains many popular UNIX tools:
    • ksh
    • ls
    • wc
    • vi
    • cat
    • cron / crontab
    • grep / egrep / fgreg
    • head / tail
    • cp / mv / rm
    • ps
    • top
  • And many more…
other command line tool resources
Other Command-Line Tool Resources
  • Sysinternals
  • Joeware
  • Miscellaneous
sysinternals http www sysinternals com
Sysinternals (
  • handle – Display the files and folders a process has open
  • listdlls – Display the DLLs that has a process has loaded or the processes that are using a particular DLL
  • netstatp – View open ports and the processes and protocols associated with them
  • sdelete – “Securely” delete files
  • adrestore – Enumerate and restore deleted objects in AD
  • junction – Similar to linkd; creates junction points (i.e., file/folder links)
sysinternals ps tools
Sysinternals (PS Tools)
  • PsExec – Execute processes remotely
  • PsFile – Show open files remotely
  • PsGetSid – Display the SID of a computer or a user
  • PsKill – Kill processes by name or process ID
  • PsInfo – List information about a system
  • PsList – List detailed information about processes
  • PsLoggedOn – See who's logged on locally and via resource sharing
  • PsLogList– Dump event log records
  • PsPasswd – Changes account passwords
  • PsService – View and control services
  • PsShutdown – Shuts down and optionally reboots a computer
  • PsSuspend – Suspends processes
  • PsUptime – Shows you how long a system has been running since its last reboot
joeware http www joeware net
Joeware (
  • adfind – Robust and flexible AD query utility (the best around)
  • oldcmp – Find old computer accounts and disable or delete them
  • unlock – Find and unlock locked out accounts
  • adqueueloop – Similar to repadmin /queue but includes the number of items in the inbound queue and shows the top item in the queue
  • getuserinfo – net user on steroids
  • secdata – Retrieve security-related data about users from AD
  • memberOf – Retrieve a user’s group membership from AD (shows nested group membership)
  • sectok – Displays the SID and token (including all sids/names of groups that token contains) of a user
  • cpau – Similar to runas, but lets you specify a password as an option
  • blat – Sends the contents of a file in an e-mail using SMTP (
  • dig – Advanced DNS query utility (
  • whois – Query the whois database (
  • setacl – Modify the ACL (DACL and SACL) on files, the registry, services, printers, and shares (
  • compname – Dynamically generate and set the computer name based the serial number, system GUID, MAC address, IP address, date, DNS name, or a random element (
  • Other sites:
  • Thank you for your time!
  • Email:
at a bookstore near you
At a Bookstore Near You
  • My Books
    • Active Directory Cookbook (Oct 2003)
    • Active Directory, 2nd Edition (Apr 2003)
    • DNS on Windows Server 2003 (Dec 2003)
    • Windows Server Cookbook (Summer 2004)
    • Windows XP Cookbook (Fall 2004)
  • Other O’Reilly Books Coming Out Soon:
    • Windows Server Hacks (Apr 2004)
    • Exchange Server Cookbook (Fall 2004)
    • Securing Windows Server 2003 (Summer 2004)
    • Managing Windows Server 2003 (Summer 2004)