Notes:
(1) Commands that use external, or third party, or non-native utilities contain hyperlinks to these utilities' download sites.
(2) Replace command arguments displayed in italics with your own values.
(3) Commands or utilities that require Windows Server 2003 are marked bright blue.
How many users are logged on/connected to a server?
Sometimes we may need to know how many users are logged on to a (file) server, like maybe when there is a performance degradation.At the server's console itself, with native commands only:
NET SESSION FIND /C "\\"
Remotely, with the help of SysInternals' PSTools:
PSEXEC \\servername NET SESSION FIND /C "\\"
By replacing FIND /C "\\" by FIND "\\" (removing the /C switch) you'll get a list of logged on users instead of just the number of users.
Who is logged on to a computer?
We often need to know who is currently logged on to a remote computer.With native Windows commands only:
NBTSTAT -a remotecomputer FIND "<03>" FIND /I /V "remotecomputer"
The first name in the list usually is the logged on user (try playing with the NET NAME command to learn more about the names displayed by NBTSTAT).This is the fastest way to find the logged on user name, and the results that you do get are correct, but NBTSTAT won't always return a user name, even when a user is logged on.
Using WMIC (Windows XP Professional and later):
WMIC /Node:remotecomputer ComputerSystem Get UserName
This is arguably the most reliable (native) command to find out who is logged on.
With the help of SysInternals' PSTools:
PSLOGGEDON -L \\remotecomputer
or:
PSEXEC \\remotecomputer NET CONFIG WORKSTATION FIND /I " name "
or:
PSEXEC \\remotecomputer NET NAME
or:
PSEXEC \\remotecomputer NETSH DIAG SHOW COMPUTER /V FIND /i "username"
NETSH and WMIC are for XP or later, and are the most reliable of all commands shown here.WMIC requires WMI enabled remote computers and Windows XP on the administrator's computer; NETSH requires Windows XP on the remote computers.
PSLOGGEDON is a more accurate solution than NBTSTAT, but it will return the last logged on user if no one is currently logged on.
The NET and NBTSTAT commands show more or less identical results, but the NBTSTAT command is much faster.
If you want to search lots of computers for logged on users, I recommend you try NBTSTAT first (fast, but it won't always return the user name!), and only switch to NETSH or WMIC (100% accurate!) if NBTSTAT doesn't return a user name.
Credits: Jiří Janyška (WMIC command) and Matthew W. Helton (NETSH command).
What is this collegue's login name?
My collegues often forget to mention their logon account name when calling the helpdesk, and the helpdesk doesn't always ask either. I suppose they expect me to know all 1500+ accounts by heart.With (native) Windows Server 2003 commands only:
DSQUERY USER -name *lastname* DSGET USER -samid -display
Note: Windows Server 2003's "DSTools" will work fine in Windows 2000 and XP too, when copied.Keep in mind, however, that some Windows Server 2003 Active Directory functionality is not available in Windows 2000 Active Directories.
What is the full name for this login name?
With the native NET command:
NET USER loginname /DOMAIN FIND /I " name "
With (native) Windows Server 2003 commands:
DSQUERY USER -samid *loginname* DSGET USER -samid -display
Note: The NET command may seem more universal, because it requires neither Active Directory nor Windows Server 2003 commands, but it is language dependent!For non-English Windows you may need to modify FIND's search string.
What groups is this user a member of?
In Windows NT 4 and later, users usually are members of global groups. These global groups in turn are members of (domain) local groups. Access permissions are given to (domain) local groups.To check if a user has access to a resource, we need to check group membership recursively.With (native) Windows Server 2003 commands:
DSQUERY USER -samid loginname DSGET USER -memberof -expand
What permissions does a user have on this directory?
One could use the previous command to check what permissions a user has on a certain directory.However, sometimes SHOWACLS from the Window Server 2003 Resource Kit Tools is a better alternative:
CD /D d:\directory2check
SHOWACLS /U:domain\userid
When did someone last change his password?
With the native NET command:
NET USER loginname /DOMAIN FIND /I "Password last set"
How do I reset someone's password?
With the native NET command:
NET USER loginname newpassword /DOMAIN
With (native) Windows Server 2003 commands:
DSQUERY USER -samid loginname DSMOD USER -pwd newpassword
Note: To prevent the new password from being displayed on screen replace it with an asterisk (*); you will then be prompted (twice) to type the new password "blindly".
Is someone's account locked?
With the native NET command:
NET USER loginname /DOMAIN FIND /I "Account active"
The account is either locked ("Locked") or active ("Yes").
How to unlock a locked account
With the native NET command:
NET USER loginname /DOMAIN /ACTIVE:YES
or, if the password needs to be reset as well:
NET USER loginname newpassword /DOMAIN /ACTIVE:YES
List all domains and workgroups in the network
With the native NET command:
NET VIEW /DOMAIN
List all computers in the network
With the native NET command:
NET VIEW
or, to list the names only:
FOR /F "skip=3 delims=\ " %%A IN ('NET VIEW') DO ECHO.%%A
delims is a backslash, followed by a tab and a space.
List all domain controllers
With native Windows 2000 commands:
NETDOM QUERY /D:MyDomain DC
NETDOM is part of the support tools found in the \SUPPORT directory of the Windows 2000 installation CDROM.
With (native) Windows Server 2003 commands (Active Directory only):
DSQUERY Server
or, if you prefer host names only (tip by Jim Christian Flatin):
DSQUERY Server -o rdn
Find the primary domain controller
With native Windows 2000 commands:
NETDOM QUERY /D:MyDomain PDC
or, to find the FSMO with (native) Windows Server 2003 commands (Active Directory only):
NETDOM QUERY /D:mydomain.com FSMO
NETDOM is part of the support tools found in the \SUPPORT directory of the Windows 2000 installation CDROM.
List all member servers
With native Windows 2000 commands:
NETDOM QUERY /D:MyDomain SERVER
NETDOM is part of the support tools found in the \SUPPORT directory of the Windows 2000 installation CDROM.
List all workstations
With native Windows 2000 commands:
NETDOM QUERY /D:MyDomain WORKSTATION
NETDOM is part of the support tools found in the \SUPPORT directory of the Windows 2000 installation CDROM.
Delete a computer account
With native Windows 2000 commands:
NETDOM /DOMAIN:MyDomain MEMBER \\computer2Bdeleted /DELETE
NETDOM is part of the support tools found in the \SUPPORT directory of the Windows 2000 installation CDROM.
"I need an up-to-date list of disk space usage for all servers, on my desk in 5 minutes"
Sounds familiar?
With (native) Windows XP Professional or Windows Server 2003 commands:
FOR /F %%A IN (servers.txt) DO (
WMIC /Node:%%A LogicalDisk Where DriveType="3" Get DeviceID,FileSystem,FreeSpace,Size /Format:csv MORE /E +2 >> SRVSPACE.CSV
)
The only prerequisites are:
1. SRVSPACE.CSV should not exist or be empty,
2. a list of server names in a file named SERVERS.TXT, one server name on each line,
3. and WMIC.EXE, which is native in Windows XP Professional, Windows Server 2003 and Vista.
The CSV file format is ServerName,DeviceID,FileSystem,FreeSpace,Size (one line for each harddisk partition on each server).
If you have a strict server naming convention, SERVERS.TXT itself can be generated with the NET command:
FOR /F "delims=\ " %%A IN ('NET VIEW ^ FINDSTR /R /B /C:"\\\\SRV\-"') DO (>>SERVERS.TXT ECHO.%%A)
Notes:
(1)
assuming server names start with "SRV-"; modify to match your own naming convention.
(2)
delims is a backslash, followed by a tab and a space.
Inventory drivers on any PC
With (native) Windows XP Professional or Windows Server 2003 commands:
DRIVERQUERY /V /FO CSV > %ComputerName%.csv
Or, for remote computers:
DRIVERQUERY /S remote_PC /V /FO CSV > remote_PC.csv
List all local administrators
With (native) Windows NT 4+ commands:
NET LOCALGROUP Administrators
Or, to remove header and footer lines:
FOR /F "delims=[]" %%A IN ('NET LOCALGROUP Administrators ˆ FIND /N "----"') DO SET HeaderLines=%%A
FOR /F "tokens=*" %%A IN ('NET LOCALGROUP Administrators') DO SET FooterLine=%%A
NET LOCALGROUP Administrators MORE /E +%HeaderLines% FIND /V "%FooterLine%"
Regards
Avinash Pillai
URL : http://avinashpillai.blogspot.com/
Email: avinashp[AT]aztecsoft[DOT]com, avinashp25[AT]gmail[DOT]com
Comments