Windows commands

assoc

assoc - which program will open that .xyz file The assoc DOS command can be used to either isplay or even modify the file name extension associations. The command assoc .htm will quickly tell you the name of your default web browser (see picture)

attrib

attrib - make hidden files visible Attrib lets you change attributes of System files and even hidden files. This is great for troubleshooting Windows XP. Say your XP doesn't boot ever since you edited that startup boot.ini file (Hidden), use attrib to remove the Hidden attibute and edit the file using EDIT dos command.

cacls

Cacls.exe, outil pour les ACL. Pour Windows NT/2000/XP/2003, affiche ou modifie la liste de contrôle d'accès (ACL) des fichiers.

cacls.exe nom_de_fichier

fc

fc - Free BeyondCompare in XP FC is an advanced DOS Command that compares two files and displays the differences between them. Though the file comparison results are not as interactive as BeyondCompare or Altova DiffDog, fc is still very useful. You can even set fc to resynchronize the files after finding a mismatch.

fc.exe nom_de_fichier

find

find - advanced file search with filter Find is the most powerful DOS command and even more useful than the Windows Desktop Search tool or the Windows Find Wizard. The find command searches for a specific string of text in a file or files. After searching the specified file or files, find displays any lines of text that contain the specified string.

To search your hard disk to find and display the file names on drive C: that contain the string "Google" use the pipe (|) to direct the results of a dir command to find as follows:

dir c:\ /s /b | find "Google"

iis

Service iis sur XP

iisreset.exe /status
iisreset.exe /RESTART /NOFORCE  /TIMEOUT:20

ipconfig

ipconfig - Windows IP configuration Useful for troubleshooting your internet connection. Displays the current IP address of your computer and the DNS server address. If you call your ISP for reporting a bad internet connection, he will probably ask you to run ipconfig.

move

move - more flexible than copy-paste Say you got a lot of XLS and DOC files in you MyDocuments folder and want to move only those XLS files that have their name ending with 2006. In XP Explorer, you have to manually select each file and then cut-paste to another folder. However, the DOS move command make things much simpler. Just type the following at the command prompt:

move *2006.xls c:\2006Reports\

netsh

Netsh is a command-line scripting utility that allows you to, either locally or remotely, display or modify the network configuration of a computer that is currently running.. :

netsh ?

Ex.:

netsh firewall reset   (Configure le Pare-feu par default.)

net time

Synchronise l'heure avec un autre poste, taper :

net time \\server /set /yes

Map a printer port

Mapper une imprimante réseau sur un port LPT

NET USE LPT1 \\computername\printersharename /PERSISTENT:YES

Et pour enlever

NET USE LPT1 /DELETE

Print

Imprimer en DOS sur un port série ou parallèle

MODE COM1:96,N,8,1,P
MODE LPT1=COM1
copy c:\fichier.txt LPT1:

Print to shared printer

Imprimer directement sur une imprimante partagé sur le réseau

print /d:\\pserver\laser1 c:\letter.doc

Script to ping

Exemple pour "PING" un poste a tous les 60 sec.et "logger" les résultats dans un fichier

@echo off
:main
ping 192.168.0.1 >>ping_log.txt
goto pwait

:pwait
REM "Attente de 60 sec. entre chaque PING"
CHOICE /T:N,60>NUL
goto main

Script to start applications successively

Start applications with 2 seconds intervals :
@ECHO OFF
CHOICE /T:N,2>NUL
CALL "C:\Progra~1\Progra~1\app1.exe"
CHOICE /T:N,2>NUL
CALL "C:\Progra~1\Progra~2\app2.exe"
CHOICE /T:N,2>NUL
CALL "C:\Progra~1\Progra~3\app3.exe"
EXIT

tree

tree - visual directory structure You often need to take prints of your physical directory structure but XP has no simple "visual" commands for printing directory contents. Here, try the Tree DOS command and redirect the output to a text file.

tree > mydirectory.txt
print mydirectory.txt

type

type - open text files sans Notepad Similar to Unix cat command, Type is my favorite DOS command for displaying the contents of a text files without modifying them. When used in combination with more switch, type splits the contents of lengthy text files into multiple pages. Avoid using the type command with binary files or you'll hear alien PC beeps and see some greek characters on your PC.

RDP

How can I view active remote connections (RDP) to a Windows server?

1) Query User

2) Display information about Remote Desktop Sessions. qwinsta /?

3) You can also reset an RDP session with the "rwinsta" command: rwinsta /?

4) tsadmin.msc

msg command

Msg is used to send a message to one or more users based on username, sessionname, or sessionid.

The username is the most common way of directing a message to a user : C:\> msg hal You have no chance to survive, make your time!

We can also send a message to all users on the system by using the asterisk : C:\> msg * Someone set up us the bomb!

What if we don't want to send the message to all the users, but more than one user? We can do that! It does require that we have a file containing a list of usernames to whom we would like to direct our message. C:\> msg @mostlyeveryone.txt Someone set up us the bomb!

We can also send the messages to users on other systems by using the /SERVER switch. C:\> msg * /SERVER:otherbox All your base are belong to us!

However, this command doesn't just send messages, but also can be used to get an acknowledgment. The /V option displays information about which actions have been performed, such as sending a message and acknowledgments. The /W option waits for a response from the users. Say we send a message to Hal, and want to make sure he gets its, this is how we would do it: C:\> msg hal /V /W Did you make your time? Sending message to session Console, display time 60 Message to session Console responded to by user

The first message lets us know that a message was sent to Hal. The second means that either Hal responded, or the 60 second timer elapsed.

Its a bit weird that the message is the same either way, but welcome to the wonderful world of Windows commands. If we don't think that 60 seconds is long enough for Hal to respond, we can use the /TIME option to explicitly specify the duration of the message. C:\> msg hal /V /W /TIME:3600 Did you make your time?

Manage Windows Services

View service state sc query termservice

View service logon account sc qc termservice

Set service start type sc config termservice start= demand

*A space is required after the equals sign. Possible start values include boot, system, auto, demand, disabled, delayed-auto.

Start service :

  net start termservice
# or
  sc start termservice

Stop service

  net stop termservice
# or
  sc stop termservice

Manage Networking

Show NIC properties netsh interface show interface

Show IP properties netsh interface ip show config

Show IPSec configuration netsh nap client show configuration

Enable NIC netsh interface set interface name="<interface name>" admin=enabled

Set NIC to use DHCP netsh interface ip set address name="<interface name>" source=dhcp

*Azure VMs should always be configured in the guest OS to use DHCP to obtain an IP address. The Azure static IP setting still uses DHCP to give the static IP to the VM.

Ping ping 8.8.8.8

Port ping Install the telnet client dism /online /Enable-Feature /FeatureName:TelnetClient

Test connectivity telnet bing.com 80

To remove the telnet client dism /online /Disable-Feature /FeatureName:TelnetClient

When limited to methods available in Windows by default, PowerShell can be a better approach for testing port connectivity. See the PowerShell section below for examples.

Test DNS name resolution nslookup bing.com

Show Windows Firewall rule netsh advfirewall firewall show rule name="Remote Desktop - User Mode (TCP-In)"

Disable Windows Firewall netsh advfirewall set allprofiles state off

You can use this command when troubleshooting to temporarily rule out the Windows Firewall. It will be enable on next restart or when you enable it using the command below. Do not stop the Windows Firewall service (MPSSVC) or Base Filtering Engine (BFE) service as way to rule out the Windows Firewall. Stopping MPSSVC or BFE will result in all connectivity being blocked.

Enable Windows Firewall netsh advfirewall set allprofiles state on

Manage Users and Groups

Create local user account net user /add <username> <password>

Add local user to local group net localgroup Administrators <username> /add

Verify user account is enabled net user <username> | find /i "active"

Azure VMs created from generalized image will have the local administrator account renamed to the name specified during VM provisioning. So it will usually not be Administrator.

Enable user account net user <username> /active:yes

View user account properties net user <username>

*Example lines of interest from a local admin account:

  Account active Yes
  Account expires Never
  Password expires Never
  Workstations allowed All
  Logon hours allowed All
  Local Group Memberships *Administrators

View local groups net localgroup

Manage the Event Log

Query event log errors wevtutil qe system /c:10 /f:text /q:"Event[System[Level=2]]" | more

Change /c:10 to the desired number of events to return, or move it to return all events matching the filter.

Query event log by Event ID wevtutil qe system /c:1 /f:text /q:"Event[System[EventID=11]]" | more

Query event log by Event ID and Provider wevtutil qe system /c:1 /f:text /q:"Event[System[Provider[@Name='Microsoft-Windows-Hyper-V-Netvsc'] and EventID=11]]" | more

Query event log by Event ID and Provider for the last 24 hours wevtutil qe system /c:1 /f:text /q:"Event[System[Provider[@Name='Microsoft-Windows-Hyper-V-Netvsc'] and EventID=11 and TimeCreated[timediff(@SystemTime) <= 86400000]]]"

Use 604800000 to look back 7 days instead of 24 hours.

Query event log by Event ID, Provider, and EventData in the last 7 days wevtutil qe security /c:1 /f:text /q:"Event[System[Provider[@Name='Microsoft-Windows-Security-Auditing'] and EventID=4624 and TimeCreated[timediff(@SystemTime) <= 604800000]] and EventData[Data[@Name='TargetUserName']='<username>']]" | more

View or Remove Installed Applications

List installed applications wmic product get Name,InstallDate | sort /r | more

The sort /r sorts descending by install date to make it easy to see what was recently installed. Use to advance to the next page of output, or to advance one line.

Uninstall an application wmic path win32_product where name="<name>" call uninstall

Replace with the name returned in the above command for the application you want to remove.

File System Management

Get file version wmic datafile where "drive='C:' and path='\\windows\\system32\\drivers\\' and filename like 'netvsc%'" get version /format:list

This example returns the file version of the virtual NIC driver, which is netvsc.sys, netvsc63.sys, or netvsc60.sys depending on the Windows version.

Scan for system file corruption sfc /scannow

Scan for system file corruption dism /online /cleanup-image /scanhealth

Manage Group Policy

Force group policy update gpupdate /force /wait:-1

Miscellaneous Tasks

Show OS version

  ver
# or
  wmic os get caption,version,buildnumber /format:list
# or
  systeminfo find /i "os name"
  systeminfo | findstr /i /r "os.*version.*build"

View OS install date

  systeminfo | find /i "original"
# or
  wmic os get installdate

View last boot time systeminfo | find /i "system boot time"

View time zone

  systeminfo | find /i "time zone"
# or
  wmic timezone get caption,standardname /format:list

Restart Windows `shutdown /r /t 0``

Adding /f will force running applications to close without warning users.

Detect Safe Mode boot bcdedit /enum | find /i "safeboot"

Windows RAM cmd

wmic OS get FreePhysicalMemory /Value

wmic computersystem get TotalPhysicalMemory

psinfo

systeminfo | findstr "M*mo"

wmic MEMORYCHIP get wmic MEMORYCHIP get BankLabel,DeviceLocator,Capacity,Tag

typeperf "\Mémoire\Mégaoctets disponibles" typeperf "\Mémoire\Mégaoctets disponibles" -si 60 -f csv -o c:\test_ram.txt

Windows process cmd

PsExec.exe \7.7.0.50 WMIC path win32_process get Caption,Processid,Commandline

Taskkill /IM calc.exe /F

tasklist get-process wmic process DIAGNOSTICS Exit status is subject to being overridden by environment variables. The default values and corresponding environ‐ ment variables that can override them are:

   0    if the YES or OK button is pressed (DIALOG_OK).

   1    if the No or Cancel button is pressed (DIALOG_CANCEL).

   2    if the Help button is pressed (DIALOG_HELP),
        except as noted below about DIALOG_ITEM_HELP.

   3    if the Extra button is pressed (DIALOG_EXTRA).

   4    if the Help button is pressed,
        and the --item-help option is set
        and the DIALOG_ITEM_HELP environment variable is set to 4.

        While  any  of the exit-codes can be overridden using environment variables, this special case was introduced in
        2004 to simplify compatibility.  Dialog uses DIALOG_ITEM_HELP(4) internally, but unless the environment variable
        is also set, it changes that to DIALOG_HELP(2) on exit.

   -1   if errors occur inside dialog (DIALOG_ERROR) or dialog exits because the ESC key (DIALOG_ESC) was pressed.

Define any of these variables to change the exit code on Cancel (1), error (-1), ESC (255), Extra (3), Help (2), Help with --item-help (2), or OK (0).

Normally shell scripts cannot distinguish between -1 and 255.

  mainExitCode=''
  while true
  do
    exec 3>&1
    selectionMain=$(dialog      2>&1 1>&3)
    mainExitCode=$?
    exec 3>&-

case $mainExitCode in
  2)
    dialog --clear --backtitle "IT Cloud Solutions" --title "[ ITC RESCUE ]" \
    --ascii-lines --cr-wrap --textbox aide.txt 20 75
    ;;
  255)
    menuQuitter
    ;;
esac

  done