The Ultimate Windows Server 1002003 System Administrators Guide [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

The Ultimate Windows Server 1002003 System Administrators Guide [Electronic resources] - نسخه متنی

Robert Williams, Mark Walla

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
ارسال به دوستان
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات
توضیحات
افزودن یادداشت جدید




NEW COMMAND-LINE TOOLS WITH WINDOWS SERVER 2003



Windows Server 2003 enhances the command-line functionality for administrators. This section highlights administratively useful command-line functions that are new or significantly changed. This section lists many but certainly not all of the new command-line tools available with Server 2003. Also, look for Microsoft to add command-line tools to subsequent Windows .NET Service Packs.


The following command-line tools are available via Start More Programs Accessories command prompt or via Start Run cmd.exe.


bootcfg Command



Bootcfg.exe provides the viewing or sets the properties of the boot.ini file on a local or remote server. This tool is not available on 64-bit versions of the operating system.


The following are examples of the bootfg command:



BOOTCFG /Copy /?
BOOTCFG /Delete /?
BOOTCFG /Query /?
BOOTCFG /Raw /?
BOOTCFG /Timeout /?
BOOTCFG /EMS /?
BOOTCFG /Debug /?
BOOTCFG /Addsw /?
BOOTCFG /Rmsw /?
BOOTCFG /Dbg1394 /?
BOOTCFG /Default /?
BOOTCFG /?



























































Table A.1. bootcfg Command Options



Option




Description




/Copy




Makes a copy of an existing boot entry [operating systems] section for which you can add OS options.




/Delete




Deletes an existing boot entry in the [operating systems] section of the Boot.ini file. You must specify the entry # to delete.




/Query




Displays the current boot entries and their settings.




/Raw




Allows the user to specify any switch options to be added for a specified boot entry.




/Timeout




Allows the user to change the timeout value.




/Default




Allows the user to change the default boot entry.




/EMS




Allows the user to configure the /redirect switch for headless support for a boot entry.




/Debug




Allows the user to specify the port and baud rate for remote debugging for a specified boot entry.




/Addsw




Allows the user to add predefined switches for a specific boot entry.




/Rmsw




Allows the user toremove predefined switches for a specific boot entry.




/Dbg1394




Allows the user to configure 1394 port debugging for a specified boot entry.




/?




Displays this help/usage.



bitscli Command



The Bitscli.exe program manages Background Intelligent Transfer Service (BITS) downloads.


choice Command



Choice selects an option from a menu for batch file execution. The choice command prompts the user to make a selection in a batch program. It displays a prompt and pauses for the user to choose from among a set of user keys such as Yes, No, and Continue. The syntax is



choice [/c choices] [/n] [/cs] [/t nnnn /d choice] [/m text]

clip Command



Clip.exe redirects command-line output to the clipboard from where it can be copied and pasted into graphical user interface (GUI) applications. To copy the list of contents in the c:\Windows folder onto the Clipboard, at the C:\Windows prompt type



dir | clip

compress Command



Compress.exe compresses one or more files into a cab file. The syntax is



compress [-r] [-d] [-zx] [-z] [-zq[n]] Source Destination
compress -r [-d] [-zx] [-z] [-zq[n]] Source [Destination]



























Table A.2. choice Command Options



Option




Description




/c choices




Defines the user option keys. When displayed, they appear in brackets ([]), and are followed by a question mark. If you do not specify /c choices, choice.exe displays [Y, N] by default.




/n




Hides the user option keys.




/cs




Specifies case sensitivity. By default, user option keys are not case-sensitive.




/m text




Specifies the text to be displayed before the prompt.

































Table A.3. compress Command Options



Option




Description




-r




Rename expanded files.




-d




Update compressed files only if they are not up-to-date.




-zx




Use LZX compression.




-z




Use MS-ZIP compression.




-zq[n]




Use quantum compression. Optional level n must be in the range 1 to 7. The default is 4.



driverquery Command



DriverQuery.exe provides a view of the currently loaded device drivers and their memory usage. The driverquery command displays a list of all installed device drivers and their properties. The syntax is



driverquery [/s computer] [/u domain\user /p password]
[/fo {TABLE|LIST|CSV}] [/nh] [/v] [/si]














































Table A.4. driverquery Command Options



Option




Qualifier




Description




/s




computer




Specifies the name or IP address of a remote computer with the local computer the default.




/u




domain\user




Runs the command with the account permissions of the user specified by user or domain\user. The default is the permissions of the logged-on user issuing the command.




/p




password




Specifies the password of the user account that is specified in the /u parameter.




/fo {TABLE|LIST|CSV}




Specifies the format to display the driver information. Valid values are TABLE, (the default), LIST, and CSV.




/nh




Omits the header row from the displayed driver information. Valid when the /fo parameter is set to TABLE or CSV.




/v




Specifies that detailed driver information be displayed.




/si




Displays digital signature information...signed and unsigned device drivers.



Directory Services Commands



The Directory Services commands are a suite of tools used to manage the various objects in Active Directory. Theses command-line tools are used to perform queries for information in the directory. The following list briefly describes some commands:




dsadd creates an object instance of a specified type to the Active Directory.




dsmod modifies select attributes of an existing object in the Active Directory.




dsrm removes an object or the complete subtree of an object in the Active Directory.




dsmove moves an object from its current location to a new parent location within the same naming context or to rename an object in the Active Directory.




dsquery finds objects in the Active Directory that match a specified search criteria.




dsget gets or views select properties of an existing object in the Active Directory when the specific location of the object to be viewed is known.





All of the command-line tools can operate on a variety of object types in the directory. The identity of the targeted object is specified following the object type and in the format of a distinguished name such as CN=Jon Smith,OU=Sales,DC=microsoft,DC=com.


EXECUTING COMMANDS ON THE NETWORK



Each tool has parameters that allow you to specify the server, domain, user name, and password to use when executing the command. If parameters are not entered, the tool assumes the local server, domain, user name, and password.


Here is an example of the dsadd computer command:



dsadd computer ObjectDN
[-samid SAMName]
[-desc Description]
[-loc Location]
[-memberof Group ...]
[(-s Server | -d Domain)]
[-u UserName]
[-p (Password | *)]
[-q]

COMMAND SYNTAX



The Directory Services commands use strict conventions to document the syntax of the DS command-line tools:




The option for a targeted object''s distinguished name attribute is displayed as ObjectDN or, when multiple objects may be specified, ObjectDN ....




A command does not perform any operation without an object type, such as computer.




The targeted object is obtained from standard input if the user does not specify an object at the command prompt.




The user must type parameters that appear in bold exactly as they appear in the syntax.



dsmod computer ObjectDN ...
[-desc Description]
[-loc Location]
[-disabled (yes | no)]
[-reset]
[(-s Server | -d Domain)]
[-u UserName]
[-p {Password | *}]
[-C]
[-q]


Parameters in "[" and "]" (square brackets) indicate that they are optional.




Parameters or options separated by the "|" (pipe) character represent a choice of alternatives.




All alternatives for a parameter''s value are enclosed in "(" and ")" (parentheses).




If the distinguished names themselves contain spaces, then they should be enclosed with " " (double quotation marks).




Commas that are not used as separators in distinguished names must be escaped with the backslash ("\") character (for example, "CN=Company\, Inc.,CN=Users,DC=microsoft,DC=com"). Backslashes used in distinguished names must be escaped with a backslash (for example, "CN=Sales\\ Latin America,OU=Distribution Lists,DC=microsoft,DC=com").




Parameters are not case-sensitive.




Command-line parameters can be specified with either the "-" (hyphen) or the "/" (forward slash).




A command-line parameter and any corresponding values for the parameter should be separated by at least one space.




Space and "newline" characters are treated as argument separators.




An empty string or null string value can be specified by " (double quotation marks).





















































Table A.5. eventcreate Command Options



Option




Qualifier




Description




/s




computer




Specifies the name or IP address of a remote computer with the local computer default.




/u




domain\user




Runs the command with the account permissions of the user specified by user or domain\user. The default is the permissions of the user on the computer issuing the command.




/p




password




Specifies the password of the user account that is specified in the /u parameter.




/l {APPLICATION|SYSTEM}




Specifies the name of the event log where the event will be created. APPLICATION and SYSTEM are valid names of logs.




/so




SrcName




Specifies the source to use for the event.




/t {ERROR|WARNING|INFORMATION|SUCCESSAUDIT|FAILUREAUDIT}




Specifies the type of event to create. The valid types are ERROR, WARNING, INFORMATION, SUCCESSAUDIT, and FAILUREAUDIT.




/id




EventID




Specifies the event''s ID. A valid ID is any number from 1 through 65535.




/d




description




Specifies the description to use for the newly created event.



eventcreate Command



Eventcreate.exe creates a user-defined event and enters it into any of the event logs. The eventcreate command enables an administrator to create a customized event in a specified event log. The syntax is



[View full width]


eventcreate [/s computer [/u domain\user [/p password]]
{[/l {APPLICATION|SYSTEM}]|[/so
SrcName]} /t {ERROR|WARNING|INFORMATION|SUCCESSAUDIT|FAILUREAUDIT} /id EventID /d
description


Eventquery.vbs Script



Eventquery.vbs specifies the type of events to extract from the event log; the selected events can be displayed on the screen or saved to a file. The script lists the events and event properties from one or more event logs. The syntax is



[View full width]


eventquery[.vbs] [/s computer [/u domain\user [/p password]]] [/fi FilterName
] [/fo {TABLE|LIST|CSV}] [/r EventRange [/nh] [/v] [/l
[APPLICATION] [SYSTEM] [SECURITY]
["DNS server"] [UserDefinedLog] [DirectoryLogName] [*] ]


























































Table A.6. eventquery Command Options



Option




Qualifier




Description




/s




computer




Specifies the name or IP address of a remote computer (local computer default).




/u




domain\user




Runs the script with the account permissions of the user specified by user or domain\user. The default is the permissions of the computer issuing the command.




/p




password




Specifies the password of the user account that is specified in the /u parameter.




/fi




FilterName




Specifies the types of events to include in or exclude from the query.




/fo {TABLE|LIST|CSV}




Specifies the format to use for the output. Valid values are table, list, and csv.




/r




EventRange




Specifies the range of events to list.




/nh




Suppresses column headers in the output. Valid only for table and csv formats.




/v




Specifies that verbose event information be displayed in the output.




/l [APPLICATION] [SYSTEM] [SECURITY] ["DNS server"]




[UserDefinedLog] [DirectoryLogName] [*] ]




Specifies the log(s) to monitor. Valid values are Application, System, Security, "DNS server", a user-defined log, and Directory log. "DNS server" can be used only if the DNS service is running on the computer specified by the /s parameter. To specify more than one log to monitor, reuse the /l parameter. The wildcard (*) can be used and is the default.



eventtriggers Command



The Eventtriggers.exe program launches a process based on the occurrence of an event written to the event log. The eventtrigger command provides the ability create, delete, and query based on triggers.


extract Command



Extract.exe extracts one or more files from a cab file. The syntax is



extract cabinet [filename ...] [/a] [{/d | /e}] [/l dir] [/y]
extract source {[newName] | destination /c} [/y]















































Table A.7. extract Command Options



Option




Qualifier




Description




cabinet




Specifies the name of a cabinet file containing two or more files.




filename




Specifies the name of the file to extract from the cabinet. You can use wildcard characters and multiple file names separated by blanks.




/a




Executes all cabinets and follows the cabinet chain starting in the first cabinet mentioned.




/d




Displays the directory of the cabinet file. Use /d with the cabinet file name to avoid extracting the files.




/e




Extracts all files from cabinet. Use /e instead of *.* to extract all files.




/l




dir




Extracts files to location dir; current directory is the default.




/y




Does not prompt before overwriting an existing file.



forfiles Command



Forfiles.exe operates only on selected file types (such as .bat only or .exe only). The forfiles command elects files in a folder or tree for batch processing. You must use forfiles within a batch file. The syntax is



forfiles [/pPath] [/mSearchMask] [/s] [/cCommand] [/d{+|/}{mm/dd/yyyy|dd}]

freedisk Command



Freedisk.exe allows operation if a specified percentage of disk space is free. The freedisk command checks to see if a specified amount of disk space is available when software is being installed. The syntax is



freedisk [/s System [/u [Domain\]User [/p [password]]]] [/d Drive] [Value]

gettype Command



Gettype.exe determines product type (such as Windows XP Professional, Windows Server 2003, and so on). This establishes the system environment variable ERRORLEVEL to the value associated with the specified gettype command-line option. The syntax is



gettype [/role | /sp | /ver | /minv | /majv | /type | /build]















































Table A.8. forfiles Command Options



Option




Qualifier




Description




/p




Path




Specifies the path on which to start searching. Current folder is the default folder.




/m




SearchMask




Searches files according to SearchMask. The default SearchMask is *.*.




/s




Instructs forfiles to recurse into subdirectories.




/c




Command




Indicates a command to run on each file. You must wrap command strings with spaces in quotation marks. The default command is "cmd /c echo @file".




/d




{+|} {mm/dd/yyyy |dd}




Defines files with a date greater than or equal to (+) or less than or equal to () the specified date, where mm/dd/yyyy is the specified date in (UTC) format and dd is the current date minus dd days.




/r




Instructs forfiles to select files in subdirectories as well as the current directory.




/v




Runs forfiles in verbose mode.


































Table A.9. freedisk Command Options



Option




Qualifier




Description




/s




computer




Defines the name or IP address of a remote computer (local computer is default). This parameter applies to all files and folders specified in the command.




/u




domain\user




Runs the script with the permissions of the specified user account. System permissions is the default.




/p




password




Defines the password of the user account that is specified in the /u parameter.




/d




Drive




Defines the drive on which the availability of free space is to be known. Drive name must be specified for a remote computer.

















































Table A.10. gettype Command Options



Option




Qualifier




Description




/role




Defines the role of the operating system.




/sp




Defines the highest service pack installed.




/ver




Defines version information (major and minor).




/minv




Defines only minor version.




/majv




Defines only major version




/type




Defines the type of operating system installed.




/build




Defines the build number of the operating system.



gpresult Command



GPresult.exe launches the Resulting Set of Policies (RSoP) and list of policies that are applied to a computer. The gpresult command displays Group Policy settings and the RSOP for a user or a computer. The syntax is



[View full width]


gpresult [/s computer [/u domain\user /p password]]
[/user TargetUserName] [/scope {
user|computer}] [/v] [/z]
















































Table A.11. gpresult Command Options



Option




Qualifier




Description




/s




computer




Defines the name or IP address of a remote computer (local computer default.)




/u




domain\user




Runs the command with the account permissions of the user that is specified by user or domain\user. The default is the permissions of the user on the computer that issues the command.




/p




password




Defines user account password that is specified in /u parameter.




/user




TargetUserName




Defines the name of the user whose RSOP data is to be displayed.




/scope




{user|computer}




Displays either user or computer results. Valid values for the /scope parameter are user or computer. If you omit the /scope parameter, gpresult displays both user and computer settings.




/v




Defines that the output display verbose policy information.




/z




Defines that the output display all available information about Group Policy.



gpupdate



Replaces the secedit /refreshpolicy command available to Windows 2000 Servers. Initiates Group Policy refresh for local and Active Directory policy settings. The syntax is



gpupdate [/target:{computer|user}] [/force] [/wait:value] [/logoff] [/boot]















































Option




Qualifier




Description




/target:




{computer|user}




Limit policy fresh to only the computer settings or user settings. Both settings are updated by default.




/force




Reapplies all settings without optimization.




/wait:




value




Time, in seconds, to wait for policy refresh; 600 is default, 0 is no wait, and 1 is wait without timeout.




/logoff




Some policies require the user to logoff and logon to obtain new environment settings. If no policies requiring logoff are set, the option has no effect. Folder Redirection and Software Installation are examples of this type of policy.




/boot




Some policies system restart to obtain new environment settings. If no policies requiring restart are set, the option has no effect.




/?




Displays this help/usage




Examples: gpupdate, gpupdate /target:user, gpupdate /force



IIS Scripts



IIS scripts provide command-line tools to configure, provision, and manage Internet Information Services (IIS) servers and Active Server Page (ASP) applications. For example, Ipseccmd.exe permits the user to view and modify the policies and properties of Internet Protocol (IP) security. These scripts are updated regularly by Microsoft. We recommend that you, as an administrator, check the Microsoft site often for updated scripts.


inuse Command



Inuse.exe allows files loaded into memory to be replaced on reboot. The inuse command replaces files that the operating system is currently using. You must be a member of the Administrators group to use this tool. The syntax is



inuse replacement destination [/y]



























Table A.12. inuse Command Options



Option




Qualifier




Description




replacement




Defines the updated file name. Include the complete physical or UNC path name.




/d




destination




Defines the currently locked file that you want to replace on the local drive. Include the complete physical path name.




/y




Suppresses the confirmation prompt to replace the file.



netdom Command



The NetDom.exe permits server renaming. The command can add another name, or alias, for a computer to DNS and Active Directory. Once the new name has successfully replicated in DNS and Active Directory, the old name may then be removed with the NetDom.exe command.


netsh Command



NetSh.exe is a configuration tool that now adds the basic network diagnostic features provided by older NetDiag.exe tool. Netsh is a command-line scripting utility that permits administrators to display or modify the network configuration of a computer that is currently running. Netsh provides a scripting feature that allows you to run a group of commands in batch mode against a specified computer. Netsh can also save a configuration script in a text file for archival purposes or to help you configure other servers. Run the netsh command from the Cmd.exe prompt and change to the context that contains the command you want to use. The contexts that are available depend on which networking components you have installed.


openfiles Command



Openfiles.exe is used to view the list of connected users and files in use per share on a computer. The openfiles command permits the administrator to make queries, and displays or disconnects open files or files opened by network users. This command also enables or disables the system''s Maintain Objects List global flag. This can be done on a local, query, and disconnected basis.


pagefileconfig Command



Pagefileconfig.vbs retrieves the current page file''s size or sets a new page file size. The pagefileconfig command enables an administrator to display and configure a system''s paging file Virtual Memory settings. The optional settings permit the administrator to create, change, delete, and query related page file sizes.


powercfg Command



PowerCfg.exe enables power management. The powercfg command enables an administrator to control the power settings on a system. The syntax is



[View full width]


Powercfg [/list | /query name | /create name | /delete name
| /setactive name | /change
settings | /hibernate [on|off] | /export name [/file file name]
| /import name [/file
file name] | /?]







































































Table A.13. powercfg Command Options



Option




Qualifier




Description




/list or /l




Lists the names of existing power schemes.




/query or /q




Displays the configuration of the specified power scheme. If no name is specified, the configuration of the currently active power scheme is displayed.




/create or /c




Creates the specified power scheme. The new scheme is created with the properties of the currently active scheme.




/delete or /d




Deletes the specified power scheme.




/setactive or /s




Activates the specified power scheme.




/change or /x




Changes settings of the specified power scheme. Additional switches specify the changes as follows:




/monitor-timeout-ac minutes turns the monitor off after the specified number of minutes when the system is operating on AC power. A value of 0 will disable the timeout.


/monitor-timeout-dc minutes turns the monitor off after the specified number of minutes when the system is operating on DC (battery) power. A value of 0 will disable the timeout.


/disk-timeout-ac minutes turns the hard disks off after the specified number of minutes when the system is operating on AC power. A value of 0 will disable the timeout.


/disk-timeout-dc minutes turns the hard disks off after the specified number of minutes when the system is operating on DC (battery) power. A value of 0 will disable the timeout.


/standby-timeout-ac minutes puts the computer in standby mode after the specified number of minutes when the system is operating on AC power. A value of 0 will disable the timeout.


/standby-timeout-dc minutes puts the computer in standby mode after the specified number of minutes when the system is operating on DC (battery) power. A value of 0 will disable the timeout.


/hibernate-timeout-ac minutes saves the contents of the computer''s memory to disk and turns off the computer after the specified number of minutes when the system is operating on AC power. A value of 0 will disable the timeout.


/hibernate-timeout-dc minutes saves the contents of the computer''s memory to disk and turns off the computer after the specified number of minutes when the system is operating on DC (battery) power. A value of 0 will disable the timeout.


/processor-throttle-ac [none | constant | degrade | adaptive] selects the dynamic throttling policy to be used if your microprocessor supports processor performance state controls when the system is operating on AC power. The desired dynamic throttling policy is selected with one of four additional switches:




none causes the microprocessor to operate at the highest performance state at all times.




constant causes the microprocessor to operate at the lowest performance state at all times.




degrade causes the microprocessor to operate at the lowest performance state, and further reduces performance by applying stop clock throttling as the system battery drains. This option is typically used when the computer is operating on battery power and is therefore seldom used with /processor-throttle-ac.




adaptive modifies the performance state dynamically based on the demand the system puts on the microprocessor.




/processor-throttle-dc [none | constant | degrade | adaptive] selects the dynamic throttling policy to be used if your microprocessor supports processor performance state controls when the system is operating on DC (battery) power. The desired dynamic throttling policy is selected with one of the four additional switches listed under /processor-throttle-ac.




/hibernate or /h




Turns the hibernation feature on or off. Hibernation timeout is not supported on all systems that support hibernation.




/export or /e




Exports the specified power scheme to a file. If no file name is specified, the default is scheme.pow. This parameter supports the following parameter: /file file name




/import or /i




Imports the power scheme from the specified file. If no file name is specified, the default is scheme.pow. If a scheme with that name already exists, it is replaced with the new one. This parameter supports the following parameter: /file file name




/numerical or /n




Requires you to specify the power scheme using its numeric identifier rather than its name. Use this switch in combination with the /query, /delete, /setactive, /change, /export, and /import commands.




/globalpowerflag or /g [on | off] /option: [batteryicon | multibattery | resumepassword | wakeonring | videodim]




Turns the global power flag features on or off. Use the first switch to indicate whether to turn the feature on or off.




/option:




Is mandatory, and is followed by the name of the feature you are turning on or off. There are five possibilities:




batteryicon enables or disables the battery meter icon in the notification area. When this flag is cleared, the battery meter icon is not displayed.


multibattery enables or disables multiple battery display in the system''s Power Meter.


resumepassword enables or disables the requirement that the user supply a password when the system resumes from standby or hibernate.


wakeonring enables or disables Wake on Ring support.


videodim enables or disables support for dimming the video display when the system changes from AC power to DC (battery) power.



Print Scripts



Print scripts manages printer services, drivers, and queues. The scripts that are most valuable to administrators include:




Prncnfg.vbs configures or displays configuration information about a printer.




Prndrvr.vbs adds, deletes, and lists printer drivers.




Prnjobs.vbs pauses, resumes, cancels, and lists print jobs.




Prnmngr.vbs adds, deletes, and lists printers or printer connections in addition to setting and displaying the default printer.




Prnport.vbs creates, deletes, and lists standard TCP/IP printer ports in addition to displaying and changing port configuration.




Prnqctl.vbs prints a test page, pauses or resumes a printer, and clears a printer queue.




regfind Command



Regfind.exe searches the registry. The regfind command searches the registry for arbitrary data, key names, or value names, and replaces any of these with new values. This is accessible only to members of the Administrators group. The syntax is



[View full width]


regfind [{-m \\ComputerName | -h HiveFile HiveRoot
| -w Windows95Directory}] [-i n] [-o
OutputWidth] [-p RegistryKeyPath] [{-z | -t DataType}]
[{-b | -B}] [-y] [-n][SearchString
[-r ReplacementString]]


sc Command



SC.exe starts and stops and manages Win32 services. The sc command communicates with the Service Controller and installed services. SC.exe retrieves and sets control information about services. It is used to test and debug service programs. Administrators can use service properties stored in the registry to set the control for how service applications are started at boot time and run as background processes. Batch files can be used to call various SC.exe commands to automate the startup or shutdown sequence of services. SC.exe provides capabilities similar to Services in the Administrative Tools item in Control Panel. SC.exe options cover boot, config, continue, create, delete, description, failure, getdisplayname, getkeyname, interrogate, lock, pause, qc, qdescription, qfailure, query, queryex, querylock, sdset, sdshow, start, and stop.


setx Command



Setx.exe allows environment variables to be set with batch files. The setx command establishes the environment variables in the local or system environment without requiring programming or scripting. Setx also establishes the values of registry keys and writes them to text files. The syntax is



[View full width]


setx [/s computer [/u [domain\]user [/p [password]]]] Variable Value [/m]
setx [/s computer [/u [domain\]user [/p [password]]]] [Variable] /k Path [/m]
setx [/s computer [/u [domain\]user [/p [password]]]]
[Variable] /f File {/a x,y | /r x,y
"String"} [/d Delimiters] [/x] [/m]



















































































Table A.14. regfind Command Options



Option




Qualifier




Description




-m




\\ComputerName




Defines a remote Windows 2000 computer (machine) whose registry is to be manipulated.




-h




HiveFile HiveRoot




Defines a local hive to manipulate.




-w




Windows95Directory




Defines the paths to Windows 95 system.dat and user.dat files.




-i




n




Defines the display indentation multiple. Default is 4.




-o




OutputWidth




Defines how wide the output is to be. By default OutputWidth is set to the width of the console window, if standard output (STDOUT) has not been redirected to a file. In the latter case, an OutputWidth of 240 is used.




-p




RegistryKeyPath




Defines where in the registry to start searching. All entries below this point in the registry hierarchy are also searched. If no path is specified, regfind searches the entire registry, which can be time consuming.


If the path contains spaces, it must be surrounded by quotation marks:


"Registry Key Path with Spaces"




-z




Defines to search for REG_SZ and REG_EXPAND_SZ values that are missing a trailing null character and/or have a length that is not a multiple of the size of a Unicode character.




-t




DataType




Defines which registry types to search. DataType can be REG_SZ, REG_MULTI_SZ, REG_EXPAND_SZ, REG_DWORD, REG_BINARY, or REG_NONE. Default is any of the _SZ types.




-b




Defines that regfind should look for occurrences of the SearchString inside of REG_BINARY data. Only valid with _SZ searches. Cannot be specified with a ReplacementString that is not the same length as the SearchString.




-B




Same functionality as -b, but also looks for ANSI version of string within REG_BINARY values.




-y




Defines that regfind should ignore case when searching. Only valid with _SZ searches.




-n




Defines to include key and value names in the search. You cannot use -n with -t.




SearchString




Defines the value to search for. If SearchString is not specified, regfind searches based on type. If SearchString contains spaces, you must wrap it in quotation marks (for example, "Search String With Spaces").




-r




ReplacementString




Defines an optional replacement string to replace any matches.





























Table A.15. setx Command Options



Option




Qualifier




Description




/s




computer




Defines the name or IP address of a remote computer (local computer is default).




/u




domain\user




Runs the script with the permissions of the specified user account. The default is system permissions.




/p




password




Defines the password of the user account that is specified in the /u parameter.



shutdown Command



Shutdown.exe shuts down or restarts a computer and allows a restart explanation to be written to the event log. This allows the administrator to shut down or restart a local or remote computer. The syntax is



[View full width]


shutdown [{-i | -l | -s | -r | -a}] [-f] [-m \\ComputerName]
[-t xxx] [-c "comment
"] [-d [u] [p]:xx:yy]


























































Table A.16. shutdown Command Options



Option




Qualifier




Description




-i




Displays the Remote Shutdown Dialog box. Must be the first option.




-l




Logs off the current user. This is also the default. Cannot be used with -m \\ComputerName.




-s




Shuts down the computer.




-r




Restarts the computer after shutdown.




-a




Aborts shutdown. Ignores other parameters except for -l and ComputerName. You can only use -a during the timeout period.




-f




Forces running applications to close.




-m




\\ComputerName




Defines the target computer. Cannot be used with -l.




-t




xxx




Sets the timer for system shutdown in xxx seconds. The default is 20 seconds.




-c




"comment"




Permits detailed comments about the reason for the shutdown. You can use a maximum of 127 characters. You must enclose the message in quotation marks.



systeminfo Command



Systeminfo.exe views the basic properties of a machine (such as CPU and memory). The systeminfo command displays detailed configuration information about a computer and its operating system, including operating system configuration, security information, product ID, and hardware properties, such as RAM, disk space, and network cards. The syntax is



systeminfo [/s computer [/u domain\user [/p password]]]
[/fo {TABLE|LIST|CSV}] [/nh]

takeown Command



Takeown.exe allows administrators to take ownership of orphaned files. The takeown command implements a recovery scheme to allow access to a locked file. The syntax is



takeown [/s System [/u [Domain\User [/p [Password]]]] Filename

taskkill Command



TaskKill.exe is used to kill or stop a running process. The taskkill command ends one or more tasks or processes. Processes can be killed by process ID or image name. The syntax is



[View full width]


taskkill [/s computer] [/u domain\user [/p password]]]
[/fi FilterName] [/pid ProcessID
]|[/im ImageName] [/f]




























Table A.17. systeminfo Command Options



Option




Qualifier




Description




/s




computer




Defines the name or IP address of a remote computer (local computer is default).




/u




domain\user




Runs the script with the permissions of the specified user account. The default is system permissions.




/p




password




Defines the password of the user account that is specified in the /u parameter.

















































Table A.18. taskkill Command Options



Option




Qualifier




Description




/s




computer




Defines the name or IP address of a remote computer (local computer is default).




/u




domain\user




Runs the command with the account permissions of the user specified by user or domain\user. The default is the permissions of the user who issues the command.




/p




password




Defines the password of the user account that is specified in the /u parameter.




/fi




FilterName




Defines the types of process(es) to include in or exclude from termination.




/pid




ProcessID




Defines the process ID of the process to be terminated.




/im




ImageName




Defines the image name of the process to be terminated. Use the wildcard (*) to specify all image names.




/f




Defines that process(es) be forcefully terminated. This parameter is ignored for remote processes; all remote processes are forcefully terminated.



tasklist Command



TaskList.exe is used to view or identify all running processes with PIDs. The tasklist command displays a list of applications, services, and the process ID (PID) currently running on either a local or a remote computer. The syntax is



[View full width]


tasklist[.exe] [/s computer] [/u domain\user [/p password]]]
[/fo {TABLE|LIST|CSV}] [/nh]
[/fi FilterName [/fi FilterName2 [ ... ]]] [/svc] [/v]


timeout Command



Timeout.exe pauses a batch file for a specified number of seconds. The timeout command pauses the command processor for the specified number of seconds. Timeout.exe is typically used in batch files. The syntax is



timeout /t TimeoutInSeconds [/nobreak]

tsecimp Command



Tsecimp.exe imports Telephony Application Programming Interface (TAPI) user account properties and access rights. The tsecimp command imports assignment information from an Extensible Markup Language (XML) file into the TAPI server security file (Tsec.ini). Administrators can use this command to display the list of TAPI providers and the lines or devices associated with each of them and validate the structure of the XML file without importing the contents. The syntax is




























Table A.19. takeown Command Options



Option




Qualifier




Description




/s




computer




Defines the name or IP address of a remote computer (local computer is default).




/u




domain\user




Runs the script with the permissions of the specified user account. The default is system permissions.




/p




password




Defines the password of the user account that is specified in the /u parameter.






















































Table A.20. tasklist Command Options



Option




Qualifier




Description




/s




computer




Defines the name or IP address of a remote computer (local computer is default).




/u




domain\user




Runs the command with the account permissions of the user specified by user or domain\user. The default is the permissions of the user issuing the command.




/p




password




Defines the password of the user account that is specified in the /u parameter.




/fo {TABLE|LIST|CSV}




Defines the format to use for the output. Valid values are TABLE, LIST, and CSV. The default format for output is TABLE.




/nh




Suppresses column headers in the output. Valid when the /fo parameter is set to TABLE or CSV.




/fi




FilterName




Defines the types of process(es) to include in or exclude from the query.




/svc




Outputs all the service information for each process without truncation. Valid when the /fo parameter is set to TABLE.




/v




Directs that verbose task information be displayed in the output. To see complete verbose output without truncation, use in conjunction with the /svc parameter.
























Table A.21. timeout Command Options



Option




Qualifier




Description




/t




TimeoutInSeconds




Defines the decimal number of seconds (between -1 and 100000) to wait before continuing processing. The value -1 causes the computer to wait indefinitely for a keystroke.




/nobreak




Defines to ignore the key press.





























Table A.22. tsecimp Command Options



Option




Qualifier




Description




-f




FileName




Required item that defines the name of the XML file that contains the assignment information that you want to import.




-v




Validates the structure of the XML file without importing the information into the Tsec.ini file.




-u




Checks whether each user is a member of the domain specified in the XML file. The computer on which you use this parameter must be connected to the network. This parameter might significantly slow performance if you are processing a large amount of user assignment information.




tsecimp -f FileName [{-v | -u}]

whoami Command



Whoami.exe determines the current logged-on user. The whoami command outputs domain or computer name, user name, group names, logon identifier, and privileges for the local computer. The syntax is



whoami [/upn | /fqdn | /logonid]
whoami [/user] [/groups] [/priv] [/fo format]
whoami /all [/fo format]







































Table A.23. whoami Command Options



Option




Description




/upn




Outputs the user name in UPN format.




/fqdn




Outputs the user name in FQDN format.




/user




Outputs current user name.




/groups




Outputs group names.




/priv




Outputs privileges.




/logonid




Outputs logon ID.




/all




Outputs the active user name and groups and the security identifiers (SID) and privileges in the current access token.




/ 158