لطفا منتظر باشید ...
NEW COMMAND-LINE TOOLS WITH WINDOWS SERVER 2003
Windows Server 2003 enhances the command-line functionality for administrators. This section highlights administratively useful command-line functions that are new or significantly changed. This section lists many but certainly not all of the new command-line tools available with Server 2003. Also, look for Microsoft to add command-line tools to subsequent Windows .NET Service Packs.
The following command-line tools are available via Start More Programs Accessories command prompt or via Start Run cmd.exe.
bootcfg Command
Bootcfg.exe provides the viewing or sets the properties of the boot.ini file on a local or remote server. This tool is not available on 64-bit versions of the operating system.
The following are examples of the bootfg command:
BOOTCFG /Copy /?
BOOTCFG /Delete /?
BOOTCFG /Query /?
BOOTCFG /Raw /?
BOOTCFG /Timeout /?
BOOTCFG /EMS /?
BOOTCFG /Debug /?
BOOTCFG /Addsw /?
BOOTCFG /Rmsw /?
BOOTCFG /Dbg1394 /?
BOOTCFG /Default /?
BOOTCFG /?
Option | Description |
|---|---|
/Copy | Makes a copy of an existing boot entry [operating systems] section for which you can add OS options. |
/Delete | Deletes an existing boot entry in the [operating systems] section of the Boot.ini file. You must specify the entry # to delete. |
/Query | Displays the current boot entries and their settings. |
/Raw | Allows the user to specify any switch options to be added for a specified boot entry. |
/Timeout | Allows the user to change the timeout value. |
/Default | Allows the user to change the default boot entry. |
/EMS | Allows the user to configure the /redirect switch for headless support for a boot entry. |
/Debug | Allows the user to specify the port and baud rate for remote debugging for a specified boot entry. |
/Addsw | Allows the user to add predefined switches for a specific boot entry. |
/Rmsw | Allows the user toremove predefined switches for a specific boot entry. |
/Dbg1394 | Allows the user to configure 1394 port debugging for a specified boot entry. |
/? | Displays this help/usage. |
bitscli Command
The Bitscli.exe program manages Background Intelligent Transfer Service (BITS) downloads.
choice Command
Choice selects an option from a menu for batch file execution. The choice command prompts the user to make a selection in a batch program. It displays a prompt and pauses for the user to choose from among a set of user keys such as Yes, No, and Continue. The syntax is
choice [/c choices] [/n] [/cs] [/t nnnn /d choice] [/m text]
clip Command
Clip.exe redirects command-line output to the clipboard from where it can be copied and pasted into graphical user interface (GUI) applications. To copy the list of contents in the c:\Windows folder onto the Clipboard, at the C:\Windows prompt type
dir | clip
compress Command
Compress.exe compresses one or more files into a cab file. The syntax is
compress [-r] [-d] [-zx] [-z] [-zq[n]] Source Destination
compress -r [-d] [-zx] [-z] [-zq[n]] Source [Destination]
Option | Description |
|---|---|
/c choices | Defines the user option keys. When displayed, they appear in brackets ([]), and are followed by a question mark. If you do not specify /c choices, choice.exe displays [Y, N] by default. |
/n | Hides the user option keys. |
/cs | Specifies case sensitivity. By default, user option keys are not case-sensitive. |
/m text | Specifies the text to be displayed before the prompt. |
Option | Description |
|---|---|
-r | Rename expanded files. |
-d | Update compressed files only if they are not up-to-date. |
-zx | Use LZX compression. |
-z | Use MS-ZIP compression. |
-zq[n] | Use quantum compression. Optional level n must be in the range 1 to 7. The default is 4. |
driverquery Command
DriverQuery.exe provides a view of the currently loaded device drivers and their memory usage. The driverquery command displays a list of all installed device drivers and their properties. The syntax is
driverquery [/s computer] [/u domain\user /p password]
[/fo {TABLE|LIST|CSV}] [/nh] [/v] [/si]
Option | Qualifier | Description |
|---|---|---|
/s | computer | Specifies the name or IP address of a remote computer with the local computer the default. |
/u | domain\user | Runs the command with the account permissions of the user specified by user or domain\user. The default is the permissions of the logged-on user issuing the command. |
/p | password | Specifies the password of the user account that is specified in the /u parameter. |
/fo {TABLE|LIST|CSV} | Specifies the format to display the driver information. Valid values are TABLE, (the default), LIST, and CSV. | |
/nh | Omits the header row from the displayed driver information. Valid when the /fo parameter is set to TABLE or CSV. | |
/v | Specifies that detailed driver information be displayed. | |
/si | Displays digital signature information...signed and unsigned device drivers. | |
Directory Services Commands
The Directory Services commands are a suite of tools used to manage the various objects in Active Directory. Theses command-line tools are used to perform queries for information in the directory. The following list briefly describes some commands:
dsadd creates an object instance of a specified type to the Active Directory.
dsmod modifies select attributes of an existing object in the Active Directory.
dsrm removes an object or the complete subtree of an object in the Active Directory.
dsmove moves an object from its current location to a new parent location within the same naming context or to rename an object in the Active Directory.
dsquery finds objects in the Active Directory that match a specified search criteria.
dsget gets or views select properties of an existing object in the Active Directory when the specific location of the object to be viewed is known.
All of the command-line tools can operate on a variety of object types in the directory. The identity of the targeted object is specified following the object type and in the format of a distinguished name such as CN=Jon Smith,OU=Sales,DC=microsoft,DC=com.
EXECUTING COMMANDS ON THE NETWORK
Each tool has parameters that allow you to specify the server, domain, user name, and password to use when executing the command. If parameters are not entered, the tool assumes the local server, domain, user name, and password.
Here is an example of the dsadd computer command:
dsadd computer ObjectDN
[-samid SAMName]
[-desc Description]
[-loc Location]
[-memberof Group ...]
[(-s Server | -d Domain)]
[-u UserName]
[-p (Password | *)]
[-q]
COMMAND SYNTAX
The Directory Services commands use strict conventions to document the syntax of the DS command-line tools:
The option for a targeted object''s distinguished name attribute is displayed as ObjectDN or, when multiple objects may be specified, ObjectDN ....
A command does not perform any operation without an object type, such as computer.
The targeted object is obtained from standard input if the user does not specify an object at the command prompt.
The user must type parameters that appear in bold exactly as they appear in the syntax.
dsmod computer ObjectDN ...
[-desc Description]
[-loc Location]
[-disabled (yes | no)]
[-reset]
[(-s Server | -d Domain)]
[-u UserName]
[-p {Password | *}]
[-C]
[-q]
Parameters in "[" and "]" (square brackets) indicate that they are optional.
Parameters or options separated by the "|" (pipe) character represent a choice of alternatives.
All alternatives for a parameter''s value are enclosed in "(" and ")" (parentheses).
If the distinguished names themselves contain spaces, then they should be enclosed with " " (double quotation marks).
Commas that are not used as separators in distinguished names must be escaped with the backslash ("\") character (for example, "CN=Company\, Inc.,CN=Users,DC=microsoft,DC=com"). Backslashes used in distinguished names must be escaped with a backslash (for example, "CN=Sales\\ Latin America,OU=Distribution Lists,DC=microsoft,DC=com").
Parameters are not case-sensitive.
Command-line parameters can be specified with either the "-" (hyphen) or the "/" (forward slash).
A command-line parameter and any corresponding values for the parameter should be separated by at least one space.
Space and "newline" characters are treated as argument separators.
An empty string or null string value can be specified by " (double quotation marks).
Option | Qualifier | Description |
|---|---|---|
/s | computer | Specifies the name or IP address of a remote computer with the local computer default. |
/u | domain\user | Runs the command with the account permissions of the user specified by user or domain\user. The default is the permissions of the user on the computer issuing the command. |
/p | password | Specifies the password of the user account that is specified in the /u parameter. |
/l {APPLICATION|SYSTEM} | Specifies the name of the event log where the event will be created. APPLICATION and SYSTEM are valid names of logs. | |
/so | SrcName | Specifies the source to use for the event. |
/t {ERROR|WARNING|INFORMATION|SUCCESSAUDIT|FAILUREAUDIT} | Specifies the type of event to create. The valid types are ERROR, WARNING, INFORMATION, SUCCESSAUDIT, and FAILUREAUDIT. | |
/id | EventID | Specifies the event''s ID. A valid ID is any number from 1 through 65535. |
/d | description | Specifies the description to use for the newly created event. |
eventcreate Command
Eventcreate.exe creates a user-defined event and enters it into any of the event logs. The eventcreate command enables an administrator to create a customized event in a specified event log. The syntax is
[View full width]
eventcreate [/s computer [/u domain\user [/p password]]
{[/l {APPLICATION|SYSTEM}]|[/so
SrcName]} /t {ERROR|WARNING|INFORMATION|SUCCESSAUDIT|FAILUREAUDIT} /id EventID /d
description
Eventquery.vbs Script
Eventquery.vbs specifies the type of events to extract from the event log; the selected events can be displayed on the screen or saved to a file. The script lists the events and event properties from one or more event logs. The syntax is
[View full width]
eventquery[.vbs] [/s computer [/u domain\user [/p password]]] [/fi FilterName
] [/fo {TABLE|LIST|CSV}] [/r EventRange [/nh] [/v] [/l
[APPLICATION] [SYSTEM] [SECURITY]
["DNS server"] [UserDefinedLog] [DirectoryLogName] [*] ]
Option | Qualifier | Description |
|---|---|---|
/s | computer | Specifies the name or IP address of a remote computer (local computer default). |
/u | domain\user | Runs the script with the account permissions of the user specified by user or domain\user. The default is the permissions of the computer issuing the command. |
/p | password | Specifies the password of the user account that is specified in the /u parameter. |
/fi | FilterName | Specifies the types of events to include in or exclude from the query. |
/fo {TABLE|LIST|CSV} | Specifies the format to use for the output. Valid values are table, list, and csv. | |
/r | EventRange | Specifies the range of events to list. |
/nh | Suppresses column headers in the output. Valid only for table and csv formats. | |
/v | Specifies that verbose event information be displayed in the output. | |
/l [APPLICATION] [SYSTEM] [SECURITY] ["DNS server"] | [UserDefinedLog] [DirectoryLogName] [*] ] | Specifies the log(s) to monitor. Valid values are Application, System, Security, "DNS server", a user-defined log, and Directory log. "DNS server" can be used only if the DNS service is running on the computer specified by the /s parameter. To specify more than one log to monitor, reuse the /l parameter. The wildcard (*) can be used and is the default. |
eventtriggers Command
The Eventtriggers.exe program launches a process based on the occurrence of an event written to the event log. The eventtrigger command provides the ability create, delete, and query based on triggers.
extract Command
Extract.exe extracts one or more files from a cab file. The syntax is
extract cabinet [filename ...] [/a] [{/d | /e}] [/l dir] [/y]
extract source {[newName] | destination /c} [/y]
Option | Qualifier | Description |
|---|---|---|
cabinet | Specifies the name of a cabinet file containing two or more files. | |
filename | Specifies the name of the file to extract from the cabinet. You can use wildcard characters and multiple file names separated by blanks. | |
/a | Executes all cabinets and follows the cabinet chain starting in the first cabinet mentioned. | |
/d | Displays the directory of the cabinet file. Use /d with the cabinet file name to avoid extracting the files. | |
/e | Extracts all files from cabinet. Use /e instead of *.* to extract all files. | |
/l | dir | Extracts files to location dir; current directory is the default. |
/y | Does not prompt before overwriting an existing file. |
forfiles Command
Forfiles.exe operates only on selected file types (such as .bat only or .exe only). The forfiles command elects files in a folder or tree for batch processing. You must use forfiles within a batch file. The syntax is
forfiles [/pPath] [/mSearchMask] [/s] [/cCommand] [/d{+|/}{mm/dd/yyyy|dd}]
freedisk Command
Freedisk.exe allows operation if a specified percentage of disk space is free. The freedisk command checks to see if a specified amount of disk space is available when software is being installed. The syntax is
freedisk [/s System [/u [Domain\]User [/p [password]]]] [/d Drive] [Value]
gettype Command
Gettype.exe determines product type (such as Windows XP Professional, Windows Server 2003, and so on). This establishes the system environment variable ERRORLEVEL to the value associated with the specified gettype command-line option. The syntax is
gettype [/role | /sp | /ver | /minv | /majv | /type | /build]
Option | Qualifier | Description |
|---|---|---|
/p | Path | Specifies the path on which to start searching. Current folder is the default folder. |
/m | SearchMask | Searches files according to SearchMask. The default SearchMask is *.*. |
/s | Instructs forfiles to recurse into subdirectories. | |
/c | Command | Indicates a command to run on each file. You must wrap command strings with spaces in quotation marks. The default command is "cmd /c echo @file". |
/d | {+|} {mm/dd/yyyy |dd} | Defines files with a date greater than or equal to (+) or less than or equal to () the specified date, where mm/dd/yyyy is the specified date in (UTC) format and dd is the current date minus dd days. |
/r | Instructs forfiles to select files in subdirectories as well as the current directory. | |
/v | Runs forfiles in verbose mode. |
Option | Qualifier | Description |
|---|---|---|
/s | computer | Defines the name or IP address of a remote computer (local computer is default). This parameter applies to all files and folders specified in the command. |
/u | domain\user | Runs the script with the permissions of the specified user account. System permissions is the default. |
/p | password | Defines the password of the user account that is specified in the /u parameter. |
/d | Drive | Defines the drive on which the availability of free space is to be known. Drive name must be specified for a remote computer. |
Option | Qualifier | Description |
|---|---|---|
/role | Defines the role of the operating system. | |
/sp | Defines the highest service pack installed. | |
/ver | Defines version information (major and minor). | |
/minv | Defines only minor version. | |
/majv | Defines only major version | |
/type | Defines the type of operating system installed. | |
/build | Defines the build number of the operating system. |
gpresult Command
GPresult.exe launches the Resulting Set of Policies (RSoP) and list of policies that are applied to a computer. The gpresult command displays Group Policy settings and the RSOP for a user or a computer. The syntax is
[View full width]
gpresult [/s computer [/u domain\user /p password]]
[/user TargetUserName] [/scope {
user|computer}] [/v] [/z]
Option | Qualifier | Description |
|---|---|---|
/s | computer | Defines the name or IP address of a remote computer (local computer default.) |
/u | domain\user | Runs the command with the account permissions of the user that is specified by user or domain\user. The default is the permissions of the user on the computer that issues the command. |
/p | password | Defines user account password that is specified in /u parameter. |
/user | TargetUserName | Defines the name of the user whose RSOP data is to be displayed. |
/scope | {user|computer} | Displays either user or computer results. Valid values for the /scope parameter are user or computer. If you omit the /scope parameter, gpresult displays both user and computer settings. |
/v | Defines that the output display verbose policy information. | |
/z | Defines that the output display all available information about Group Policy. |
gpupdate
Replaces the secedit /refreshpolicy command available to Windows 2000 Servers. Initiates Group Policy refresh for local and Active Directory policy settings. The syntax is
gpupdate [/target:{computer|user}] [/force] [/wait:value] [/logoff] [/boot]
Option | Qualifier | Description |
|---|---|---|
/target: | {computer|user} | Limit policy fresh to only the computer settings or user settings. Both settings are updated by default. |
/force | Reapplies all settings without optimization. | |
/wait: | value | Time, in seconds, to wait for policy refresh; 600 is default, 0 is no wait, and 1 is wait without timeout. |
/logoff | Some policies require the user to logoff and logon to obtain new environment settings. If no policies requiring logoff are set, the option has no effect. Folder Redirection and Software Installation are examples of this type of policy. | |
/boot | Some policies system restart to obtain new environment settings. If no policies requiring restart are set, the option has no effect. | |
/? | Displays this help/usage | |
Examples: gpupdate, gpupdate /target:user, gpupdate /force | ||
IIS Scripts
IIS scripts provide command-line tools to configure, provision, and manage Internet Information Services (IIS) servers and Active Server Page (ASP) applications. For example, Ipseccmd.exe permits the user to view and modify the policies and properties of Internet Protocol (IP) security. These scripts are updated regularly by Microsoft. We recommend that you, as an administrator, check the Microsoft site often for updated scripts.
inuse Command
Inuse.exe allows files loaded into memory to be replaced on reboot. The inuse command replaces files that the operating system is currently using. You must be a member of the Administrators group to use this tool. The syntax is
inuse replacement destination [/y]
Option | Qualifier | Description |
|---|---|---|
replacement | Defines the updated file name. Include the complete physical or UNC path name. | |
/d | destination | Defines the currently locked file that you want to replace on the local drive. Include the complete physical path name. |
/y | Suppresses the confirmation prompt to replace the file. |
netdom Command
The NetDom.exe permits server renaming. The command can add another name, or alias, for a computer to DNS and Active Directory. Once the new name has successfully replicated in DNS and Active Directory, the old name may then be removed with the NetDom.exe command.
netsh Command
NetSh.exe is a configuration tool that now adds the basic network diagnostic features provided by older NetDiag.exe tool. Netsh is a command-line scripting utility that permits administrators to display or modify the network configuration of a computer that is currently running. Netsh provides a scripting feature that allows you to run a group of commands in batch mode against a specified computer. Netsh can also save a configuration script in a text file for archival purposes or to help you configure other servers. Run the netsh command from the Cmd.exe prompt and change to the context that contains the command you want to use. The contexts that are available depend on which networking components you have installed.
openfiles Command
Openfiles.exe is used to view the list of connected users and files in use per share on a computer. The openfiles command permits the administrator to make queries, and displays or disconnects open files or files opened by network users. This command also enables or disables the system''s Maintain Objects List global flag. This can be done on a local, query, and disconnected basis.
pagefileconfig Command
Pagefileconfig.vbs retrieves the current page file''s size or sets a new page file size. The pagefileconfig command enables an administrator to display and configure a system''s paging file Virtual Memory settings. The optional settings permit the administrator to create, change, delete, and query related page file sizes.
powercfg Command
PowerCfg.exe enables power management. The powercfg command enables an administrator to control the power settings on a system. The syntax is
[View full width]
Powercfg [/list | /query name | /create name | /delete name
| /setactive name | /change
settings | /hibernate [on|off] | /export name [/file file name]
| /import name [/file
file name] | /?]
Option | Qualifier | Description |
|---|---|---|
/list or /l | Lists the names of existing power schemes. | |
/query or /q | Displays the configuration of the specified power scheme. If no name is specified, the configuration of the currently active power scheme is displayed. | |
/create or /c | Creates the specified power scheme. The new scheme is created with the properties of the currently active scheme. | |
/delete or /d | Deletes the specified power scheme. | |
/setactive or /s | Activates the specified power scheme. | |
/change or /x | Changes settings of the specified power scheme. Additional switches specify the changes as follows: /monitor-timeout-ac minutes turns the monitor off after the specified number of minutes when the system is operating on AC power. A value of 0 will disable the timeout. /monitor-timeout-dc minutes turns the monitor off after the specified number of minutes when the system is operating on DC (battery) power. A value of 0 will disable the timeout. /disk-timeout-ac minutes turns the hard disks off after the specified number of minutes when the system is operating on AC power. A value of 0 will disable the timeout. /disk-timeout-dc minutes turns the hard disks off after the specified number of minutes when the system is operating on DC (battery) power. A value of 0 will disable the timeout. /standby-timeout-ac minutes puts the computer in standby mode after the specified number of minutes when the system is operating on AC power. A value of 0 will disable the timeout. /standby-timeout-dc minutes puts the computer in standby mode after the specified number of minutes when the system is operating on DC (battery) power. A value of 0 will disable the timeout. /hibernate-timeout-ac minutes saves the contents of the computer''s memory to disk and turns off the computer after the specified number of minutes when the system is operating on AC power. A value of 0 will disable the timeout. /hibernate-timeout-dc minutes saves the contents of the computer''s memory to disk and turns off the computer after the specified number of minutes when the system is operating on DC (battery) power. A value of 0 will disable the timeout. /processor-throttle-ac [none | constant | degrade | adaptive] selects the dynamic throttling policy to be used if your microprocessor supports processor performance state controls when the system is operating on AC power. The desired dynamic throttling policy is selected with one of four additional switches: none causes the microprocessor to operate at the highest performance state at all times. constant causes the microprocessor to operate at the lowest performance state at all times. degrade causes the microprocessor to operate at the lowest performance state, and further reduces performance by applying stop clock throttling as the system battery drains. This option is typically used when the computer is operating on battery power and is therefore seldom used with /processor-throttle-ac. adaptive modifies the performance state dynamically based on the demand the system puts on the microprocessor. /processor-throttle-dc [none | constant | degrade | adaptive] selects the dynamic throttling policy to be used if your microprocessor supports processor performance state controls when the system is operating on DC (battery) power. The desired dynamic throttling policy is selected with one of the four additional switches listed under /processor-throttle-ac. | |
/hibernate or /h | Turns the hibernation feature on or off. Hibernation timeout is not supported on all systems that support hibernation. | |
/export or /e | Exports the specified power scheme to a file. If no file name is specified, the default is scheme.pow. This parameter supports the following parameter: /file file name | |
/import or /i | Imports the power scheme from the specified file. If no file name is specified, the default is scheme.pow. If a scheme with that name already exists, it is replaced with the new one. This parameter supports the following parameter: /file file name | |
/numerical or /n | Requires you to specify the power scheme using its numeric identifier rather than its name. Use this switch in combination with the /query, /delete, /setactive, /change, /export, and /import commands. | |
/globalpowerflag or /g [on | off] /option: [batteryicon | multibattery | resumepassword | wakeonring | videodim] | Turns the global power flag features on or off. Use the first switch to indicate whether to turn the feature on or off. | |
/option: | Is mandatory, and is followed by the name of the feature you are turning on or off. There are five possibilities: batteryicon enables or disables the battery meter icon in the notification area. When this flag is cleared, the battery meter icon is not displayed. multibattery enables or disables multiple battery display in the system''s Power Meter. resumepassword enables or disables the requirement that the user supply a password when the system resumes from standby or hibernate. wakeonring enables or disables Wake on Ring support. videodim enables or disables support for dimming the video display when the system changes from AC power to DC (battery) power. | |
Print Scripts
Print scripts manages printer services, drivers, and queues. The scripts that are most valuable to administrators include:
Prncnfg.vbs configures or displays configuration information about a printer.
Prndrvr.vbs adds, deletes, and lists printer drivers.
Prnjobs.vbs pauses, resumes, cancels, and lists print jobs.
Prnmngr.vbs adds, deletes, and lists printers or printer connections in addition to setting and displaying the default printer.
Prnport.vbs creates, deletes, and lists standard TCP/IP printer ports in addition to displaying and changing port configuration.
Prnqctl.vbs prints a test page, pauses or resumes a printer, and clears a printer queue.
regfind Command
Regfind.exe searches the registry. The regfind command searches the registry for arbitrary data, key names, or value names, and replaces any of these with new values. This is accessible only to members of the Administrators group. The syntax is
[View full width]
regfind [{-m \\ComputerName | -h HiveFile HiveRoot
| -w Windows95Directory}] [-i n] [-o
OutputWidth] [-p RegistryKeyPath] [{-z | -t DataType}]
[{-b | -B}] [-y] [-n][SearchString
[-r ReplacementString]]
sc Command
SC.exe starts and stops and manages Win32 services. The sc command communicates with the Service Controller and installed services. SC.exe retrieves and sets control information about services. It is used to test and debug service programs. Administrators can use service properties stored in the registry to set the control for how service applications are started at boot time and run as background processes. Batch files can be used to call various SC.exe commands to automate the startup or shutdown sequence of services. SC.exe provides capabilities similar to Services in the Administrative Tools item in Control Panel. SC.exe options cover boot, config, continue, create, delete, description, failure, getdisplayname, getkeyname, interrogate, lock, pause, qc, qdescription, qfailure, query, queryex, querylock, sdset, sdshow, start, and stop.
setx Command
Setx.exe allows environment variables to be set with batch files. The setx command establishes the environment variables in the local or system environment without requiring programming or scripting. Setx also establishes the values of registry keys and writes them to text files. The syntax is
[View full width]
setx [/s computer [/u [domain\]user [/p [password]]]] Variable Value [/m]
setx [/s computer [/u [domain\]user [/p [password]]]] [Variable] /k Path [/m]
setx [/s computer [/u [domain\]user [/p [password]]]]
[Variable] /f File {/a x,y | /r x,y
"String"} [/d Delimiters] [/x] [/m]
Option | Qualifier | Description |
|---|---|---|
-m | \\ComputerName | Defines a remote Windows 2000 computer (machine) whose registry is to be manipulated. |
-h | HiveFile HiveRoot | Defines a local hive to manipulate. |
-w | Windows95Directory | Defines the paths to Windows 95 system.dat and user.dat files. |
-i | n | Defines the display indentation multiple. Default is 4. |
-o | OutputWidth | Defines how wide the output is to be. By default OutputWidth is set to the width of the console window, if standard output (STDOUT) has not been redirected to a file. In the latter case, an OutputWidth of 240 is used. |
-p | RegistryKeyPath | Defines where in the registry to start searching. All entries below this point in the registry hierarchy are also searched. If no path is specified, regfind searches the entire registry, which can be time consuming. If the path contains spaces, it must be surrounded by quotation marks: "Registry Key Path with Spaces" |
-z | Defines to search for REG_SZ and REG_EXPAND_SZ values that are missing a trailing null character and/or have a length that is not a multiple of the size of a Unicode character. | |
-t | DataType | Defines which registry types to search. DataType can be REG_SZ, REG_MULTI_SZ, REG_EXPAND_SZ, REG_DWORD, REG_BINARY, or REG_NONE. Default is any of the _SZ types. |
-b | Defines that regfind should look for occurrences of the SearchString inside of REG_BINARY data. Only valid with _SZ searches. Cannot be specified with a ReplacementString that is not the same length as the SearchString. | |
-B | Same functionality as -b, but also looks for ANSI version of string within REG_BINARY values. | |
-y | Defines that regfind should ignore case when searching. Only valid with _SZ searches. | |
-n | Defines to include key and value names in the search. You cannot use -n with -t. | |
SearchString | Defines the value to search for. If SearchString is not specified, regfind searches based on type. If SearchString contains spaces, you must wrap it in quotation marks (for example, "Search String With Spaces"). | |
-r | ReplacementString | Defines an optional replacement string to replace any matches. |
Option | Qualifier | Description |
|---|---|---|
/s | computer | Defines the name or IP address of a remote computer (local computer is default). |
/u | domain\user | Runs the script with the permissions of the specified user account. The default is system permissions. |
/p | password | Defines the password of the user account that is specified in the /u parameter. |
shutdown Command
Shutdown.exe shuts down or restarts a computer and allows a restart explanation to be written to the event log. This allows the administrator to shut down or restart a local or remote computer. The syntax is
[View full width]
shutdown [{-i | -l | -s | -r | -a}] [-f] [-m \\ComputerName]
[-t xxx] [-c "comment
"] [-d [u] [p]:xx:yy]
Option | Qualifier | Description |
|---|---|---|
-i | Displays the Remote Shutdown Dialog box. Must be the first option. | |
-l | Logs off the current user. This is also the default. Cannot be used with -m \\ComputerName. | |
-s | Shuts down the computer. | |
-r | Restarts the computer after shutdown. | |
-a | Aborts shutdown. Ignores other parameters except for -l and ComputerName. You can only use -a during the timeout period. | |
-f | Forces running applications to close. | |
-m | \\ComputerName | Defines the target computer. Cannot be used with -l. |
-t | xxx | Sets the timer for system shutdown in xxx seconds. The default is 20 seconds. |
-c | "comment" | Permits detailed comments about the reason for the shutdown. You can use a maximum of 127 characters. You must enclose the message in quotation marks. |
systeminfo Command
Systeminfo.exe views the basic properties of a machine (such as CPU and memory). The systeminfo command displays detailed configuration information about a computer and its operating system, including operating system configuration, security information, product ID, and hardware properties, such as RAM, disk space, and network cards. The syntax is
systeminfo [/s computer [/u domain\user [/p password]]]
[/fo {TABLE|LIST|CSV}] [/nh]
takeown Command
Takeown.exe allows administrators to take ownership of orphaned files. The takeown command implements a recovery scheme to allow access to a locked file. The syntax is
takeown [/s System [/u [Domain\User [/p [Password]]]] Filename
taskkill Command
TaskKill.exe is used to kill or stop a running process. The taskkill command ends one or more tasks or processes. Processes can be killed by process ID or image name. The syntax is
[View full width]
taskkill [/s computer] [/u domain\user [/p password]]]
[/fi FilterName] [/pid ProcessID
]|[/im ImageName] [/f]
Option | Qualifier | Description |
|---|---|---|
/s | computer | Defines the name or IP address of a remote computer (local computer is default). |
/u | domain\user | Runs the script with the permissions of the specified user account. The default is system permissions. |
/p | password | Defines the password of the user account that is specified in the /u parameter. |
Option | Qualifier | Description |
|---|---|---|
/s | computer | Defines the name or IP address of a remote computer (local computer is default). |
/u | domain\user | Runs the command with the account permissions of the user specified by user or domain\user. The default is the permissions of the user who issues the command. |
/p | password | Defines the password of the user account that is specified in the /u parameter. |
/fi | FilterName | Defines the types of process(es) to include in or exclude from termination. |
/pid | ProcessID | Defines the process ID of the process to be terminated. |
/im | ImageName | Defines the image name of the process to be terminated. Use the wildcard (*) to specify all image names. |
/f | Defines that process(es) be forcefully terminated. This parameter is ignored for remote processes; all remote processes are forcefully terminated. |
tasklist Command
TaskList.exe is used to view or identify all running processes with PIDs. The tasklist command displays a list of applications, services, and the process ID (PID) currently running on either a local or a remote computer. The syntax is
[View full width]
tasklist[.exe] [/s computer] [/u domain\user [/p password]]]
[/fo {TABLE|LIST|CSV}] [/nh]
[/fi FilterName [/fi FilterName2 [ ... ]]] [/svc] [/v]
timeout Command
Timeout.exe pauses a batch file for a specified number of seconds. The timeout command pauses the command processor for the specified number of seconds. Timeout.exe is typically used in batch files. The syntax is
timeout /t TimeoutInSeconds [/nobreak]
tsecimp Command
Tsecimp.exe imports Telephony Application Programming Interface (TAPI) user account properties and access rights. The tsecimp command imports assignment information from an Extensible Markup Language (XML) file into the TAPI server security file (Tsec.ini). Administrators can use this command to display the list of TAPI providers and the lines or devices associated with each of them and validate the structure of the XML file without importing the contents. The syntax is
Option | Qualifier | Description |
|---|---|---|
/s | computer | Defines the name or IP address of a remote computer (local computer is default). |
/u | domain\user | Runs the script with the permissions of the specified user account. The default is system permissions. |
/p | password | Defines the password of the user account that is specified in the /u parameter. |
Option | Qualifier | Description |
|---|---|---|
/s | computer | Defines the name or IP address of a remote computer (local computer is default). |
/u | domain\user | Runs the command with the account permissions of the user specified by user or domain\user. The default is the permissions of the user issuing the command. |
/p | password | Defines the password of the user account that is specified in the /u parameter. |
/fo {TABLE|LIST|CSV} | Defines the format to use for the output. Valid values are TABLE, LIST, and CSV. The default format for output is TABLE. | |
/nh | Suppresses column headers in the output. Valid when the /fo parameter is set to TABLE or CSV. | |
/fi | FilterName | Defines the types of process(es) to include in or exclude from the query. |
/svc | Outputs all the service information for each process without truncation. Valid when the /fo parameter is set to TABLE. | |
/v | Directs that verbose task information be displayed in the output. To see complete verbose output without truncation, use in conjunction with the /svc parameter. |
Option | Qualifier | Description |
|---|---|---|
/t | TimeoutInSeconds | Defines the decimal number of seconds (between -1 and 100000) to wait before continuing processing. The value -1 causes the computer to wait indefinitely for a keystroke. |
/nobreak | Defines to ignore the key press. |
Option | Qualifier | Description |
|---|---|---|
-f | FileName | Required item that defines the name of the XML file that contains the assignment information that you want to import. |
-v | Validates the structure of the XML file without importing the information into the Tsec.ini file. | |
-u | Checks whether each user is a member of the domain specified in the XML file. The computer on which you use this parameter must be connected to the network. This parameter might significantly slow performance if you are processing a large amount of user assignment information. |
tsecimp -f FileName [{-v | -u}]
whoami Command
Whoami.exe determines the current logged-on user. The whoami command outputs domain or computer name, user name, group names, logon identifier, and privileges for the local computer. The syntax is
whoami [/upn | /fqdn | /logonid]
whoami [/user] [/groups] [/priv] [/fo format]
whoami /all [/fo format]
Option | Description |
|---|---|
/upn | Outputs the user name in UPN format. |
/fqdn | Outputs the user name in FQDN format. |
/user | Outputs current user name. |
/groups | Outputs group names. |
/priv | Outputs privileges. |
/logonid | Outputs logon ID. |
/all | Outputs the active user name and groups and the security identifiers (SID) and privileges in the current access token. |
