Post

Commands (CMD, PowerShell)

Posted
By beforethesurge
3 min read
Commands (CMD, PowerShell)

Show General System Information (OS, Boot-time, Specs, NIC, Hyper-V Req)

1

systeminfo

Hostname and Serial Number

Hostname: Shows hostname of computer

1

hostname

Serial Number: Shows S/N of computer

1

wmic bios get serialnumber

Ping

  • Continuous Ping

    1

    ping t X.X.X.X

  • Pull DNS info from Ping (alternatively, use nslookup)

    1

    ping a X.X.X.X

  • Ping a certain amount of packets (Example: 60 packets [good for flapping alerts])

    1

    ping X.X.X.X n 60

Traceroute

  • Normal trace

    1

    tracert X.X.X.X

  • If unable to resolve hostname

    1

    tracert X.X.X.X -d

Shows Network Drives Connected to User

1

net use

GPO

  • Shows all Group Policies for computer/user

    1

    gpresult /r

  • Update GPO

    1

    gpupdate /force

Computer Running Slow - SFC/DISM

  • Note: To save time (and patience), use this version of these commands

    1

    sfc /scannow & sfc /scannow & DISM /Online /Cleanup-Image /RestoreHealth & sfc /scannow

    1

    sfc /scannow; sfc /scannow; DISM /Online /Cleanup-Image /RestoreHealth; sfc /scannow

    1

    sfc /scannow

    1

    DISM /Online /Cleanup-Image /CheckHealth

    1

    DISM /Online /Cleanup-Image /ScanHealth

    1

    DISM /Online /Cleanup-Image /RestoreHealth

  • Reboot

DISM to Free-Up Space in WinSxS

1

DISM /online /Cleanup-Image /StartComponentCleanup
  • Note: The above command does not seem to work in Backstage (may be able to test with user-specific session)

IPConfig

  • Wipes DNS Cache in Windows

    1

    ipconfig /flushdns

  • Renews IP Address (Will boot you off if remoted in)

    1

    ipconfig /release & ipconfig /renew

-Shows IPv4, IPv6, DNS, etc.

1

  ipconfig /all

Find/Logoff User

1

query user

1

logoff IDOFUSER

Find/Reset Password

1

query user

1

net user 'USER' 'PASS'

Check for Email Domain on Server (PS)

1

Get-Recipient emailaddress@company.com

Backstage Printers (PS)

1

Get-Printer | Format-Table

  • If you only need the Name/Driver Name

    1

    Get-Printer | Format-Table Name, DriverName

1

Remove-Printer -Name "NAMEOFPRINTER"

1

Get-PrinterDriver

1

Remove-PrinterDriver -Name "NAMEOFDRIVER"

Check Domain Connection (PS)

1

Test-ComputerSecureChannel -Verbose

Active Directory Password Policy

1

Get-ADDefaultDomainPasswordPolicy

Re-Add Computer to Domain (PS)

1

Reset-ComputerMachinePassword -Server {DomainController} -Credential {DomainAdmin}

  • Example:

    1

    Reset-ComputerMachinePassword -Server lon-dc01 -Credential corp\dsmith

Check Route Table

1

netstat -r

Clear ARP Table

1

arp -d *
  • Can be used to solve connectivity issues internally

Check Current Running Connections (at current time [will not update unless ran again])

1

  netstat -ano | findstr "443"
  • Note: TCPLogView may be a useful tool for logging data over time

Find & Cycle Network Adapter

  • PowerShell

    1

    Get-NetAdapter | format-table

    1

    Disable-NetAdapter -Name "<interface>" -Confirm:$false

    1

    Enable-NetAdapter -Name "<interface>" -Confirm:$false

    1

    Restart-NetAdapter

  • CMD

    1

    netsh interface show interface

    1

    netsh interface set interface INTERFACE disable

    1

    netsh interface set interface INTERFACE enable

Find TXT Records of Domain (example is DMARC)

1

nslookup -type=txt _dmarc.domain.com
  • Note: This should work for other text records too if you know which one you’re looking for

Get Current CPU Percentage (PS)

1

Get-CimInstance -ClassName win32_processor | Measure-Object -Property LoadPercentage Average

Install Appinstaller Package

1

Add-AppxPackage -Appinstaller <path-to-your-appinstaller-file>

Sync Changes to Azure

  • This changes for all changed

    1

    Start ADSyncSyncCycle

  • This changes for a specific policy

    1

    Start ADSyncSyncCycle PolicyType delta

Find FQDN (Fully Qualified Domain Name) of Host (PS)

1

[System.Net.Dns]::GetHostByName($env:COMPUTERNAME).HostName

Find File (PS)

1

gci -r -fi '*.EXTENSION'

Get and Restart Service (PS)

  • Get Service

    1

    Get-Service -Name NAME

  • Restart Service

    1

    Restart-Service NAME

  • Example: Restart Print Spooler

    1

    Restart-Service Spooler

Test Domain Trust Broker (PS)

1

Test-ComputerSecureChannel -Verbose
  • **If above is True, everything should be fineIf False, run the below command**
    1

    Test-ComputerSecureChannel -Repair -Credential (Get-Credential)

Resync Time

1

net stop w32time && w32tm /unregister && w32tm /register && net start w32time && w32tm /resync && tzutil /s "Eastern Standard Time"

  • For a list of Time Zones, run:

    1

    tzutil /l

Open Network Routing Tables

1

route print

Remove Folder/Files (PS)

1

Remove-Item FOLDERNAME/FILENAME

See Storage Information of a Drive (PS)

1

Get-Volume C
  • Can change “C” for other drive letters

Download File Over HTTP

1

Invoke-WebRequest -Uri "http://example.com/file.zip" -OutFile "C:\\path\\to\\save\\file.zip"

List Environment Variables

1

Get-ChildItem Env:
Commands, CMD
This post is licensed under CC BY 4.0 by the author.