DOS COMMANDS SYNTAX 7, TREASURE--> DOWNLOAD
| 121). POWERCFG = Configure power settings... |
|---|
| (EXPLAIN - PowerCFG (Vista/Windows7/Server 2008) Control power settings, configure Hibernate/Standby modes. See also the Windows XP SP2 version of PowerCfg. Syntax powercfg [Options] Options -l -list List the current user's power schemes (GUIDs) -query [Scheme_GUID] [Sub_GUID] -q [Scheme_GUID] [Sub_GUID] Display the contents of a power scheme. -change settingvalue -x setting value Modify one of the following settings in the current power scheme: -monitor-timeout-ac minutes -monitor-timeout-dc minutes -disk-timeout-ac minutes -disk-timeout-dc minutes -standby-timeout-ac minutes -standby-timeout-dc minutes -hibernate-timeout-ac minutes -hibernate-timeout-dc minutes Setting any value to 0 will set the timeout=Never AC settings are used when the system is on AC power. DC settings on battery power. -changename GUID PowerSchemeName [scheme_description] Modify the name of a power scheme and, optionally, the scheme description. -duplicatescheme GUID [DestinationGUID] Duplicate a power scheme. The GUID of the new scheme will be displayed. If DestinationGUID is omitted, then a new GUID will be created for the duplicated scheme. -delete GUID -d GUID Delete the power scheme with the specified GUID. -deletesetting Sub_GUID Setting_GUID Delete a power setting. -setactive Scheme_GUID -s Scheme_GUID Make the specified power scheme active on the computer. -getactivescheme Retrieve the currently active power scheme. -setacvalueindex Scheme_GUID Sub_GUID Setting_GUID SettingIndex Set a value associated with a specified power setting while the computer is powered by AC power. Use the -l and -q options to discover the GUIDs SettingIndex Specifies which value in the list to set, so 3 = 3rd in the list -setdcvalueindex Scheme_GUID Sub_GUID Setting_GUID SettingIndex Set a value associated with a specified power setting while the computer is powered by DC power. SettingIndex Specifies which value in the list to set, so 3 = 3rd in the list -hibernate [on|off] -h [on|off] Enable or disable the hibernate feature. Hibernate timeout is not supported on all computers. -availablesleepstates -a Report the sleep states available on the computer. Will also attempt to report reasons why sleep states are unavailable. -devicequery query_flags Return a list of devices that meet the specified flags: wake_from_S1_supported – Waking the computer from a light sleep state. wake_from_S2_supported – Waking the computer from a deeper sleep state. wake_from_S3_supported – Waking the computer from the deepest sleep state. wake_from_any – Support waking the computer from any sleep state. S1_supported – Light sleep. S2_supported – Deeper sleep. S3_supported – Deepest sleep. S4_supported – Hibernation. wake_programmable – User-configurable to wake the computer from a sleep state. wake_armed – Currently configured to wake the computer from any sleep state. all_devices – Present in the computer. all_devices_verbose – Verbose list of devices. -deviceEnableWake devicename Enable the device to wake the computer from a sleep state. -deviceDisableWake devicename Disable the device from waking the computer from a sleep state. -import filename [GUID] Import all power settings from the specified file. filename is the path to a file generated with powercfg -export -export filename GUID Export a power scheme, represented by GUID, into filename. -lastwake Report information about the last event that woke the computer. -energy Create energy-report.html in the current directory, Windows7 only. -help -? Display help -aliases Display all aliases and their corresponding GUIDs. These may be used in place of a GUID at the command prompt -setsecruitydescriptor [GUID|Action] SDDL Set a security descriptor associated with a specified power setting, power scheme, or action. Action Is one of: ActionSetActive, ActionCreate, ActionDefault SDDL is a valid security descriptor string in SDD format. Call powercfg -getsecuritydescriptor to see an example SDDL STRING. -getsecuritydescriptor [GUID|Action] Get a security descriptor associated with a specified power setting, power scheme, or action. Action is one of: ActionSetActive, ActionCreate, ActionDefault Powercfg must be run from an elevated command prompt. The most common cause of problems with power saving/hibernation is an incompatible device driver, diagnose this by disabling each device in turn (with -deviceDisableWake) When activating Power Saving across an organisation, it is important to ensure that software updates (security patches and antivirus) are not disrupted. WSUS can be configured to install updates when workstations are available and Scheduled Tasks can be set to Wake the machine when needed. Power scheme GUIDs The use of GUIDs avoids any problems with internationalisation when applying Power Saving to non-english versions of Windows. The three built-in power schemes have the GUIDs listed below: SCHEME_MAX = Power saver (Max power saving) SCHEME_BALANCED = Balanced (Typical) SCHEME_MIN = High performance (Min power saving) Examples List all Aliases: C:\> powercfg -aliases a1841308-3541-4fab-bc81-f71556f20b4a SCHEME_MAX 8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c SCHEME_MIN 381b4222-f694-41f0-9685-ff5bb260df2e SCHEME_BALANCED fea3413e-7e05-4911-9a71-700331f1c294 SUB_NONE 238c9fa8-0aad-41ed-83f4-97be242c8f20 SUB_SLEEP 29f6c1db-86da-48c5-9fdb-f2b67b1f44da STANDBYIDLE 9d7815a6-7ee4-497e-8888-515a05f02364 HIBERNATEIDLE 94ac6d29-73ce-41a6-809f-6363ba21b47e HYBRIDSLEEP d4c1d4c8-d5cc-43d3-b83e-fc51215cb04d REMOTEFILESLEEP 7516b95f-f776-4464-8c53-06167f40cc99 SUB_VIDEO Retrieve the currently active power scheme C:\> Powercfg -getactivescheme Set the Monitor and disc timeouts for the current Power saver scheme C:\> Powercfg -Change -monitor-timeout-ac 20 C:\> Powercfg -Change -disk-timeout-ac 30 Enable the mouse to wake from sleep C:\> Powercfg -deviceEnableWake "Microsoft USB IntelliMouse Explorer" Set the 'Power saver' scheme C:\> Powercfg -SETACTIVE SCHEME_MAX Create a Custom Power scheme and set it as active Set _Custom_Power=B1234567-SS64-SS64-SS64-F00000111AAA Powercfg -DUPLICATESCHEME SCHEME_MAX %_Custom_Power% Powercfg -CHANGENAME %_Custom_Power% "SS64 Power Scheme " Powercfg -SETACTIVE %_Custom_Power% Disable the sleep button (for the users current power scheme) For /f "tokens=2 delims=:(" %%G in ('powercfg -getActiveScheme') do ( Powercfg -setAcValueIndex %%G sub_buttons sButtonAction 0 Powercfg -setActive %%G ) Disable the sleep button (for all available power schemes): For /f "skip=2 tokens=2,4 delims=:()" %%G in ('powercfg -list') do ( Powercfg -setAcValueIndex %%G sub_buttons sButtonAction 0 if "%%H" == " *" Powercfg -setActive %%G ) |
| 122). PRINT = Print a text file... |
|---|
| (EXPLAIN - PRINT) Print a file or files to a local or network printer. Syntax PRINT [/D:device] [pathname(s)] Key device : either a local printer (LPTx, COMx ) or a network printer by its sharename (\\servername\print_share) pathname : The file or files to be printed The default device is PRN. The values PRN and LPT1 refer to the same parallel port. To delete a print job: Use Control Panel, Printers (GUI) or use NET PRINT job# /DELETE It is possible to delete the spool .spl and .shd files from %SystemRoot%\system32\spool\PRINTERS but this should be a last resort, you may need to stop the spooler service first. Status Messages Most modern laser printers have a status display panel, the 'Ready' message can be changed using HP Job Language (PCL/PJL) like this: Echo @PJL RDYMSG DISPLAY ="Ready Message" >\\server\printQ e.g. Echo @PJL RDYMSG DISPLAY ="Ready Printer64" >\\printserv1\printer64 It's not essential to include the word "Ready" in the ready message, but the status display has 16 characters, which is usually enough space for "Ready" plus the printer Name/Number. e.g. "Ready Printer123", "Ready Prn1234567", "Ready #123-45678" etc Note that when a printer error or jam occurs the status message will change, so adding a printer identifier to the status display does not replace the need for a physical label. It can still be very useful when the physical label is wrong or missing. Get a list of all printer share names for a print server: net view \\printserv1 Printing requires the Spooler service to be running |
| 123). PRINTBRM = Print queue Backup/Recovery... |
|---|
| (EXPLAIN - PRINTBRM.exe) Print queue Backup/Recovery/Migration. Syntax PRINTBRM -b -s \\server_name -f file_name options PRINTBRM -r -s \\server_name -f file_name options PRINTBRM -q options Key -s server_name The unc path to the print server. -b Back up the server to the specified file. -r Restore the configuration in the file to the server. -q Query the server or the backup file. -f file_name The backup file. -d directory Unpack the backup file to the directory (with -r), or repack a backup file from the directory (with -b). -o force Forces overwriting of existing objects. -p all Publish all printers in the directory, or -p org Publish the printers that were originally published. -nobin Omit binary files from the backup. -lpr2tcp Convert LPR ports to standard TCP/IP ports on restore. -c file_name Use the specified configuration file. -noacl Remove ACLs from print queues on restore. In Windows 2008 PrintBRM replaces the old Win 2003 PrintMig utility, it is backwards compatible with 2003. Get a list of all printer share names for a print server: net view \\printserv1 |
| 124). PRNCNFG = Display, configure or rename a printer... |
|---|
| (EXPLAIN - PRNCNFG.VBS (XP and .Net) Display, configure or rename a printer. To display configuration information about a printer: cscript prncnfg.vbs -g [-s RemoteComputer] -p PrinterName [-u UserName -w Password] To configure a printer: cscript prncnfg.vbs -t [-s RemoteComputer] -p PrinterName [-r PortName] [-l Location] [-m Comment] [-h ShareName] [-f SeparatorText] [-y DataType] [-st StartTime] [-ut EndTime] [-o Priority] [-i DefaultPriority] [{+ | -}shared] [{+ | -}direct] [{+ | -}published] [{+ | -}hidden] [{+ | -}rawonly] [{+ | -}queued] [{+ | -}keepprintedjobs] [{+ | -}workoffline] [{+ | -}enabledevq] [{+ | -}docompletefirst][{+ | -}enablebidi] To change the name of a printer cscript prncnfg.vbs -x [-s RemoteComputer] -p PrinterName -z NewPrinterName [-u UserName -w Password] Parameters -s RemoteComputer The name of the remote computer that manages the printer. -p PrinterName The name of the printer. -u UserName -w Password An account with permission to connect WMI services to the computer that hosts the printer. e.g. A member of the Administrators group. -r PortName The port to which the printer is connected. If this is a parallel or a serial port, then use the ID of the port (for example, LPT1 or COM1). If this is a TCP/IP port, then use the port name that was specified when the port was added. -l Location The printer location, such as "Copier Room." -m Comment A comment string. -h ShareName The share name. -f SeparatorText A file that contains the text that appears on the separator page. -y DataType Data types that the printer can accept. -st StartTime Specify a time of the day after which the printer is available. If you send a document to a printer when it is unavailable, the document is held (spooled) until the printer becomes available. Specify time as a 24-hour clock. e.g. 2300 -ut EndTime Specify a time of the day after which the printer is no longer available. -o Priority A priority that the spooler uses to route print jobs. A print queue with a higher priority receives all its jobs before any queue with a lower priority. -i DefaultPriority The default priority assigned to each print job. {+ | -}shared Is this printer is shared on the network. {+ | -}direct Is the document to be sent directly to the printer without being spooled. {+ | -}published Is this printer to be published in Active Directory. If you publish a printer, other users can search for it based on its location and capabilities, such as color printing and stapling. {+ | -}hidden Reserved function. {+ | -}rawonly Are only raw data print jobs to be spooled on this queue. {+ | -}queued Do not begin to print until after the last page of the document is spooled. The printing program is unavailable until the document has finished printing. This option ensures that the whole document is available to the printer. {+ | -}keepprintedjobs Retain documents after they are printed. Allows a user to resubmit a document to the printer from the print queue. {+ | -}workoffline Allow sending print jobs when computer is not connected to the network. {+ | -}enabledevq Print jobs that do not match the printer setup (for example, PostScript files spooled to non-PostScript printers) should be held in the queue rather than being printed. {+ | -}docompletefirst Allocate jobs to a printer as soon as thay are spooled. If this option is disabled, the spooler always sends higher priority jobs to their respective queues first. You should enable this option if you want to maximize printer efficiency at the cost of job priority. {+ | -}enablebidi Send bi-directional status information to the spooler. To get online help for this .VBS Script change to the directory (CD) where it's installed (\windows\system32) and run PRNCNFG -? |
| 125). PRNMNGR = Add, delete, list printers set the default printer... |
|---|
| (EXPLAIN - PRNMNGR (XP and above) Display, add, remove or set default printer. Syntax PRNMNGR [-options] [-s server][-p printer_name][-m driver model] [-r port][-u user_name][-w password] Options -l list printers -a add local printer -ac add printer connection -g get the default printer -t set the default printer -d delete printer -x delete all printers Examples prnmngr -a -p "printer" -m "driver" -r "lpt1:" prnmngr -d -p "printer" -s server prnmngr -ac -p "\\server\printer" prnmngr -d -p "\\server\printer" prnmngr -x -s server prnmngr -l -s server prnmngr -l |find "Printer name" prnmngr -g prnmngr -t -p "\\server\printer" |
| 126). PROMPT = Change the command prompt... |
|---|
| (EXPLAIN - PROMPT) Change the cmd.exe command prompt. Syntax PROMPT [text] Key text : a text string. The prompt text can be made up of normal characters and the following special codes: $A & (Ampersand) $B | (pipe) $C ( (Left parenthesis) $D Current date $E Escape code (ASCII code 27) $F ) (Right parenthesis) $G > (greater-than sign) $H Backspace (erases previous character) $L < (less-than sign) $M Display the remote name for Network drives $N Current drive $P Current drive and path $Q = (equal sign) $S (space) $T Current time $V Windows NT version number $_ Carriage return and linefeed $$ $ (dollar sign) $+ Will display plus signs (+) one for each level of the PUSHD directory stack Examples Display the UNC path whenever you are using a network drive (mapped with NET USE) PROMPT $M$_$P$G Simulate an HP-UX style prompt with the computername and the current folder on separate lines: PROMPT=$p$_%username%@%computername%:. Restore the default prompt: PROMPT $P$G PROMPT is implemented as a hidden* environment variable called PROMPT: ECHO %prompt% Knowing this you can force an over-ride of the CMD prompt for all sessions by setting a permanent environment variable with the appropriate prompt text. e.g. SETX PROMPT $M$_$P$G You can also create a shortcut to the command prompt like this: CMD /K PROMPT $M$_$P$G * In fact the prompt variable is a property of the CMD console, it's not available to Windows Explorer or any other applications, so strictly speaking is not an environment variable. If Command Extensions are disabled the commands $M and $+ are not supported. |
| 127). PsExec = Execute process remotely... |
|---|
| (EXPLAIN - PsExec) Execute a command-line process on a remote machine. Syntax psexec \\computer[,computer[,..] [options] command [arguments] psexec @run_file [options] command [arguments] Options: computer The computer on which psexec will run command. Default = local system To run against all computers in the current domain enter "\\*" @run_file Run command on every computer listed in the text file specified. command Name of the program to execute arguments Arguments to pass (file paths must be absolute paths on the target system) -a n,n,... Set processor affinity to n. Processors are numbered as 1,2,3,4 etc so to run the application on CPU 2 and CPU 4, enter: "-a 2,4" -c Copy the program (command)to the remote system for execution. -c -f Copy even if the file already exists on the remote system. -c -v Copy only if the file is a higher version or is newer than the remote copy. If you omit the -c option then the application must be in the system path on the remote system. -d Don't wait for the application to terminate. Only use for non-interactive applications. -e Load the user account's profile, don't use with the system account (-s) -i Interactive - Run the program so that it interacts with the desktop on the remote system. -l Limited - Run process as limited user. Only allow privs assigned to the Users group. -n s Specify a timeout s seconds for connecting to the remote computer. -p psswd Specify a password for user (optional). Passed as clear text. If omitted, you will be prompted to enter a hidden password. -s Run remote process in the System account. -u user Specify a user name for login to remote computer(optional). -w directory Set the working directory of the process (relative to the remote computer). -x Display the UI on the Winlogon desktop (local system only). -low, -belownormal, -abovenormal, -high or -realtime These options will run the process at a different priority. Psexec can also be used to start GUI applications, but in that case the GUI will appear on the remote machine. Input is passed to the remote system when you press the enter key - typing Ctrl-C will terminate the remote process. When you specify a username the remote process will execute in that account, and will have access to that account's network resources. If you omit username the remote process will run in the same account from which you execute PsExec, but because the remote process is impersonating it will not have access to network resources on the remote system. If you do specify an alternative username/password, then PsExec will send the password in clear text. This may be a security risk if unauthorized network sniffers could intercept traffic between the local and remote system. PsExec does not require you to be an administrator of the local filesystem this can allow UserA to run commands as UserB - a Runas replacement. Surround any long filenames "with quotation marks" Examples: Launch an interactive command prompt on \\workstation64, the CMD prompt window will appear locally: psexec \\workstation64 cmd Execute IpConfig on the remote system, and display the output locally: psexec \\workstation64 ipconfig /all Copy the program test.exe to the remote system and execute it interactively: psexec \\workstation64 -c test.exe Execute a program that is already installed on the remote system: psexec \\workstation64 "c:\Program Files\test.exe" Run Internet Explorer on the local machine but with limited-user privileges: psexec -l -d "c:\program files\internet explorer\iexplore.exe" |
| 128). PsFile = Show files opened remotely... |
|---|
| (EXPLAIN - PsFile (part of PsTools) Show files opened remotely, or close an open file (kill file locks) Syntax psfile [\\Computer [-u User [-p Passwd]]] [[Id | path] [-c]] Options: computer The remote computer on which to list files. Default = local system -p passwd Specify a password for user (optional). Passed as clear text. If omitted, you will be prompted to enter a hidden password. -u user Specify a username for login to remote computer(optional). Id Identifier (as assigned by PsFile) of the file for which to display info or to close. Path Full or partial path of files to match for information display or close. -c Close the files identifed by ID or path. Unlike the NET FILE command, PsFile does not truncate long filenames. Examples: List all the files on \\workstation64 that have been opened remotely: psfile \\workstation64 |
| 129). PsGetSid = Display the SID of a computer or a user... |
|---|
| (EXPLAIN - PsGetSid) Display the SID of a computer or a user. Syntax psgetsid [\\computer[,computer[,...] | @get_file] [-u user [-p passwd]]] [account|SID] Options: computer The remote computer on which to list files. Default = local system @get_file Get the SID of every computer listed in the text file specified. -p passwd Specify a password for user (optional). Passed as clear text. If omitted, you will be prompted to enter a hidden password. -u user Specify a username for login to remote computer(optional). account The user account to resolve to a user SID Specify a user name if the account you are running from doesn't have administrative privileges on the computer you want to query. Examples: Get the SID of \\workstation64: psgetsid \\workstation64 Get the domain SID for the domain: Niamod psgetsid Niamod Get the SID for the currently logged-in user psgetsid %username% |
| 130). PsInfo = List information about a system... |
|---|
| (EXPLAIN - PsInfo) List information about a system including the type of installation, kernel build, registered organization, owner, processor details, physical memory and the system install date. Syntax psinfo [\\computer[,computer[,..]] [options] [filter] psinfo @file [options] [filter] Options: computer The computer(s) on which psinfo will list information. Default=local system @file List info for every computer listed in the text file specified. -c Print in CSV format. -c -t d Print in CSV format, separate items with delimiter d. -h Show list of installed hotfixes. -s Show list of installed applications. -d Show disk volume information: drive letter, format, capacity. -p psswd Specify a password for user (optional). Passed as clear text. If omitted, you will be prompted to enter a hidden password. -u user Specify a user name for login to remote computer(optional). filter Psinfo will only show data for the field matching the filter. e.g. "psinfo service" lists only the service pack field. PsInfo relies on remote Registry access to obtain its data, the remote system must be running the Remote Registry service and the account from which you run PsInfo must have access to the HKLM\System portion of the remote Registry. In order to aid in automated Service Pack updates, PsInfo returns as a value the Service Pack number of system (e.g. 0 for no service pack, 1 for SP 1, etc). Examples: List disc information about \\workstation64: psinfo \\workstation64 -d psinfo -d | find "%" |
| 131). PsKill = Kill processes by name or process ID... |
|---|
| (EXPLAIN - PsKill) Kill processes by name or process ID Syntax pskill [- ] [-t] [\\computer [-u user] [-p passwd]] Options: computer The computer on which the process is running. Default=local system -p passwd Specify a password for user (optional). Passed as clear text. If omitted, you will be prompted to enter a hidden password. -u user Specify a user name for login to remote computer(optional). -t Kill the process and its descendants. process id/name The process or processes to be killed. - Help, display the supported options. To kill a process on a remote system requires administrative privileges on the remote system. Examples: Kill all instances of notepad.exe running on \\workstation64: pskill \\workstation64 notepad |
| 132). PsList = List detailed information about processes... |
|---|
| (EXPLAIN - PsList) Process Status, list information about processes running in memory. Syntax pslist [-?] [-t] [-m] [-x] [\\computer [-u user] [-p passwd]] [name | pid] Options: computer The computer on which the process is running. Default=local system -p passwd Specify a password for user (optional). Passed as clear text. If omitted, you will be prompted to enter a hidden password. -u user Specify a user name for login to remote computer(optional). -t Show statistics for all active threads on the system, each thread is grouped with its owning process. -m Show memory-oriented information for each process, rather than the default of CPU-oriented information. -x Show CPU, memory and thread information for each process specified. name Scan only those processes that begin with the name process. Thus: pslist exp will display processes that start with exp... Explorer, Export etc -? Display options and units of measurement. The default information listed includes the time the process has executed, the amount of time the process has executed in kernel and user modes, and the amount of physical memory that the OS has assigned the process. Examples: List all processes running on \\workstation64: pslist \\workstation64 |
| 133). PsLoggedOn = Who's logged on (locally or via resource sharing)... |
|---|
| (EXPLAIN - PsLoggedOn) See who is logged onto a computer, either locally or remotely Syntax psloggedon [- ] [-l] [-x] [\\computer | username] Options: computer The computer on which the process is running. Default=local system -l Show only local logons instead of both local and network resource logons. -x Don't show logon times. username Search the network for computers to which that user is loggedon. - Help, display all options and units of measurement used. PsLoggedOn's definition of a locally logged on user is one that has their profile loaded into the Registry. If no one is currently logged on, PsLoggedOn will return the last logged on user. Note that PsLoggedOn will show you as logged on via resource share to remote computers that you query because a logon is required for PsLoggedOn to access the Registry of a remote system. Examples: List all processes running on \\workstation64: pslist \\workstation64 |
| 134). PsLogList = Event log records... |
|---|
| (EXPLAIN - PsLogList) Event log records Syntax psloglist [- ] [\\computer[,computer[,...] | @file [-u user [-p passwd]]] [-s [-t delim]] [-m #|-n #|-h #|-d #|-w] [-c][-x][-r][-a mm/dd/yy][-b mm/dd/yy] [-f filter] [-i ID[,ID[,...] | -e ID[,ID[,...]]] [-o event source[,event source][,..]]] [-q event source[,event source][,..]]] [-l event_log_file] Options: computer The computer on which the log resides. Default=local system -p passwd Specify a password for user (optional). Passed as clear text. If omitted, you will be prompted to enter a hidden password. -u user Specify a user name for login to remote computer(optional). @file Execute the command on each of the computers listed in the file. -a Dump records timestamped after specified date. -b Dump records timestamped before specified date. -c Clear the event log after displaying. -d # Only display records from previous # days. -e ID Exclude events with the specified ID or IDs (up to 10). -f filter Filter event types with filter string (e.g. "-f w" to filter warnings). -h # Only display records from previous # hours. -i ID Show only events with the specified ID or IDs (up to 10). -l event_log_file Dump records from the specified event log file. -m # Only display records from previous # minutes. -n # Only display # number of most recent entries. -o event source Show only records from the specified event source (e.g. \"-o cdrom\"). -q event source Omit records from the specified event source or sources (e.g. \"-q cdrom\"). -r Dump log from least recent to most recent. -s Print Event Log records one-per-line, with comma delimited fields. This format is convenient for text searches, e.g. psloglist | findstr /i text and for importing the output into a spreadsheet. -t delim The default delimeter is a comma, but can be overriden with the specified character. -w Wait for new events, dumping them as they generate (local system only). -x Dump extended data. eventlog application, system or security, only the first few letters need be used. default=system log. If your current security credentials would not permit access to the Event Log, specify a different username ( -u user ). Examples: List everything in the application event log on \\workstation64 from the last 24 hours: psloglist \\workstation64 -h 24 application |
| 135). PsPasswd = Change account password... |
|---|
| (EXPLAIN - PsPasswd) Change account password Syntax pspasswd [[\\computer[,computer[,..] | @file [-u user [-p passwd]]] Username [NewPassword] Options: computer The computer on which the user account resides. Default=local system -p passwd Specify a password for user (optional). Passed as clear text. If omitted, you will be prompted to enter a hidden password. -u user Specify a user name for login to remote computer(optional). @file Execute the command on each of the computers listed in the file. Username Name of account for password change. NewPassword The new password, If ommitted a NULL password is applied. This tool allows administrators to create a batch file that will run against multiple computers to perform a mass change of the administrator password. Examples: Change the password for user JDoe on \\workstation64 pspasswd \\workstation64 jdoe password567 |
| 136). PsService = View and control services... |
|---|
| (EXPLAIN - PsService) View and control services Syntax psservice [\\computer [-u user] [-p passwd]] Options: computer The computer on which the service is running. Default=local system -p passwd Specify a password for user (optional). Passed as clear text. If omitted, you will be prompted to enter a hidden password. -u user Specify a user name for login to remote computer(optional). commands: query Display the status of a service config Display the configuration of a service setconfig Set the start type (disabled, auto, demand) of a service. start Start a service stop Stop a service restart Stop and then restart a service pause Pause a service cont Resume a paused service depend List the services dependent on the one specified security Dump the service's security descriptor find Search the network for the specified service Typing a command followed by "- " displays the syntax for that command. Service States: 1 - Stopped 2 - Start Pending 3 - Stop Pending 4 - Running Examples: Restart the spooler service on \\server64 psservice \\server64 restart spooler |
| 137). PsShutdown = Shutdown or reboot a computer... |
|---|
| (EXPLAIN - PSSHUTDOWN) Initiate a shutdown/reboot of a local or remote computer, logoff a user, lock a system. Syntax psshutdown [[\\computer[,computer[,..] | @file [-u user [-p passwd]]] -s|-r|-h|-d|-k|-a|-l|-o [-f] [-c] [-t nn|h:m] [-n s] [-v nn] [-e [u|p]:xx:yy] [-m "message"] Options: computer The computer on which the user account resides. Default=local system a wildcard (\\*), will affect all computers in the current domain. -p passwd Specify a password for user (optional). Passed as clear text. If omitted, you will be prompted to enter a hidden password. -u user Specify a user name for login to remote computer(optional). @file Execute the command on each of the computers listed in the file. -a Abort a shutdown (only possible while a countdown is in progress) -c Allow the shutdown to be aborted by the interactive user -d Suspend the computer -e [u|p]:xx:yy Shutdown reason code, 'u' = user, 'p'= planned shutdown. xx is the major reason code (must be less than 256) yy is the minor reason code (must be less than 65536) -f Force all running applications to exit during the shutdown instead of giving them a chance to gracefully save their data. -h Hibernate the computer -k Poweroff the computer (reboot if poweroff is not supported) -l Lock the computer -m "message" Specify a message to logged-on users when a shutdown countdown commences -n Timeout in seconds connecting to remote computers -o Logoff the console user -r Reboot after shutdown -s Shutdown without poweroff -t Countdown in seconds until the shutdown (default: 20 seconds) or the time of shutdown (in 24 hour notation) -v Display message for the specified number of seconds before the shutdown. default= display a shutdown notification dialog, specifying a value of 0 results in no dialog. - Help, display the supported options. This tool allows administrators to create a batch file that will run against multiple computers to perform a mass change of the administrator password. Examples: Reboot \\workstation64 as part of an OS upgrade psshutdown \\workstation64 -r -e p:2:3 |
| 138). PsSuspend = Suspend processes... |
|---|
| (EXPLAIN - PsSuspend) Suspend processes on the local or a remote system. Syntax pssuspend [- ] [-r] [\\computer [-u user] [-p passwd]] Options: computer The computer on which the service resides. Default=local system -p passwd Specify a password for user (optional). Passed as clear text. If omitted, you will be prompted to enter a hidden password. -u user Specify a user name for login to remote computer(optional). -r Resume the processes specified if they are suspended. process id/name The process or processes to suspend or resume. - Help, display the supported options. Suspend is desirable in cases where a process is consuming a resource (e.g. network, CPU or disk) that you want to allow different processes to use. Rather than kill the process that's consuming the resource, suspending permits you to let it continue operation at some later point in time. Examples: Suspend the notepad process on \\workstation64 pssuspend \\workstation64 notepad |
| 139). PUSHD = Save and then change the current directory... |
|---|
| (EXPLAIN - PUSHD) Change the current directory/folder and store the previous folder/path for use by the POPD command. Syntax PUSHD pathname Key pathname - the folder to make 'current' (UNC names accepted) Example @Echo Off Setlocal Set _folder=%1 Pushd %_folder% :: Now verify we really moved to the new folder If /i not "%cd%"=="%_folder% (Echo folder not found &goto :eof) Echo We are at %cd% Popd Echo We are back at %cd% Networks When a UNC path is specified, PUSHD will create a temporary drive map and will then use that new drive. Temporary drive letters are allocated in reverse alphabetical order so if Z: is free it will be used. If Command Extensions are disabled the PUSHD command will not accept a network (UNC) path. #Ah, push it - push it good Ah, push it - p-push it real good# - Salt 'N' Pepa |
| 140). QGREP = Search file(s) for lines that match a given pattern... |
|---|
| (EXPLAIN - QGREP) Search file(s) for lines that match a given pattern. Syntax QGREP [options] [-e string] [-f file] [-i file] [strings] [files] key: -L Search strings literally. -X Treat search strings as regular expressions. -B Match pattern at beginning of line. -E Match pattern at end of line. -y Treat upper and lower-case as equivalent. -x Print lines that match exactly. -l Print only the file name if the file contains a match. -n Print line numbers before each matching line. -O Print seek offset before each matching line. -v Print only lines that do not contain a match. -z Print matching lines in MSC error message format. -e string Treat the next argument as a literal search string. -f file Read search strings from file. -i file Read file list from file. strings Specifies the search string(s). files The file(s) to search, which can include wildcard characters (* and ?) Examples: Find either arg1 or arg2 in FileName: qgrep "arg1 arg2" FileName Find arg1 arg2 in FileName: qgrep -e "arg1 arg2" FileName. White space separates search strings unless the argument is prefixed with -e. QGREP "all out" x.y means find either "all" or "out" in x.y, while QGREP -e "all out" x.y means find "all out". grep is simply an odd concatenation of the phrase "grab regular expression" |
No comments:
Post a Comment