starclick

Tuesday 15 March 2016

Every Admin Should Know These Commands


Active Directory

1. To quickly list all the groups in your domain, with members, run this command:
dsquery group -limit 0 | dsget group -members –expand
2. To find all users whose accounts are set to have a non-expiring password, run this command:
dsquery * domainroot -filter “(&(objectcategory=person)(objectclass=user)(lockoutTime=*))” -limit 0
3. To list all the FSMO role holders in your forest, run this command:
netdom query fsmo
4. To refresh group policy settings, run this command:
gpupdate
5. To check Active Directory replication on a domain controller, run this command:
repadmin /replsummary
6. To force replication from a domain controller without having to go through to Active
Directory Sites and Services, run this command:
repadmin /syncall
7. To see what server authenticated you (or if you logged on with cached credentials) you can run either of these commands:
set l
echo %logonserver%
8. To see what account you are logged on as, run this command:
whoami
9. To see what security groups you belong to, run this command:
whoami /groups
10. To see the domain account policy (password requirements, lockout thresholds, etc) run this command:
net accounts

Windows Networking

11. To quickly reset your NIC back to DHCP with no manual settings, run this command:
netsh int ip reset all
12. To quickly generate a text summary of your system, run this command:
systeminfo | more
13. To see all network connections your client has open, run this command:
net use
14. To see your routing table, run either of these commands:
route print
netstat -r
15. Need to run a trace, but don’t have Netmon or Wireshark, and aren’t allowed to install either one? Run this command:
netsh trace start capture=yes tracefile=c:\capture.etl
netsh trace stop
16. To quickly open a port on the firewall, run this command, changing the name, protocol, and port to suit. This example opens syslog:
netsh firewall set portopening udp 161 syslog enable all
17. To add an entry to your routing table that will be permanent, run the route add command with the –p option. Omitting that, the entry will be lost at next reboot:
route add 0.0.0.0 mask 0.0.0.0 172.16.250.5 –p
18. Here’s a simple way to see all open network connections, refreshing every second:
netstat –ano 1
19. You can add a | findstr value to watch for only a specific connection, like a client ip.addr or port:
netstat –ano | findstr 216.134.217.20
20. You can use the shutdown to shutdown or reboot a machine, including your own, in a simple scheduled task like this:
shutdown –r –t 0 –m \\localhost
21. To make planned DNS changes go faster, reduce the TTL on the DNS records you plan on changing to 30 seconds the day before changes are to be made. You can set the TTL back to normal after you confirm the changes have been successful.
22. Set a short lease on DHCP scopes that service laptops, and set Microsoft Option 002 to release a DHCP leas on shutdown. This helps to ensure your scope is not exhausted and that machines can easily get on another network when the move to a new site.

Windows 7

23. Want to enable the local administrator account on Windows 7? Run this command from an administrative command prompt. It will prompt you to set a password:
net user administrator * /active:yes
24. You can do the same thing during install by pressing SHIFT-F10 at the screen where you set your initial user password.
Windows 7 supports several useful new keyboard shortcuts:
25. Windows Key+G
Display gadgets in front of other windows.
26. Windows Key++ (plus key)
Zoom in, where appropriate.
27. Windows Key+- (minus key)
Zoom out, where appropriate.
28. Windows Key+Up Arrow
Maximize the current window.
29. Windows Key+Down Arrow
Minimize the current window.
30. Windows Key+Left Arrow
Snap to the left hand side of the screen
31. Windows Key+Right Arrow
Snap to the right hand side of the screen.
32. To quickly launch an application as an administrator (without the right-click, run as administrator), type the name in the Search programs and files field, and then press Ctrl-Shift-Enter.
Here are some tips that can save you from buying commercial software:
33. Need to make a quick screencast to show someone how to do something? The Problem Steps Recorder can create an MHTML file that shows what you have done by creating a screen capture each time you take an action. Click the Start button and type ‘psr’ to open the Problem Steps Recorder.
34. Need to burn a disc? The isoburn.exe can burn ISO and IMG files. You can right click a file and select burn, or launch it from the command line.
35. Windows 7 includes a screen scraping tool called the Snipping Tool. I have tons of users request a license for SnagIt, only to find this free tool (it’s under Accessories) does what they need.
36. You can download this bootable security scanner from Microsoft that will run off a USB key, which is very useful if you suspect a machine has a virus.
37. A great way to save all your command line tools and make them available across all your computers is to install Dropbox, create a folder to save all your scripts and tools, and add that folder to your path. That way, they can be called from the command line or any other scripts, and if you update a script, it will carry across to any other machine you have.

Windows 2008

38. You can free up disk space on your servers by disabling hibernate. Windows 2008 will create a hiberfil.sys equal to the amount of RAM. This is very useful with VMs that have lots of RAM but smaller C: drives. To disable hibernation, and reclaim that space, run this command:
powercfg -h off
39. You can get to the complete collection of Sysinternals tools online. You can even invoke them from the run command. Use the url:http://live.sysinternals.com or the UNC path: \\live.sysinternals.com\tools.
40. Speaking of the Sysinternals tools, almost any command line in this article can be run remotely on another machine (as long as you have administrative rights) using the psexec command included in the Sysinternals tools.
41. You can kill RDP sessions at the command line when you find that all the RDP sessions to a server are tied up.
regsvr32 query.dll [enter] You only have to do this the first time.
query session /server:servername [enter]
reset session # /server:servername [enter]
42. You can create a list of files and display the last time they were accessed, which is very useful when a network drive is low on space and users swear they have to have that copy of Office 2003 on the network. My advice? If they haven’t touched it in two years, burn it to DVD or write it to tape and then delete it from disk:
dir /t:a /s /od >> list.txt [enter]
43. The Microsoft Exchange Err command is one of the best all around troubleshooting tools you will find, as it can decode any hex error code you find as long as the products are installed on the machine. Download it from here.
44. You can see all the open files on a system by running this command:
openfiles /query
45. You can pull all the readable data out of a corrupt file using this command:
recover filename.ext
46. Need to pause a batch file for a period of time but don’t have the sleep command from the old resource kit handy? Here’s how to build a ten second delay into a script:
ping -n 10 127.0.0.1 > NUL 2>&1
47. If your Windows website has stopped responding, or is throwing a 500 error, and you are not sure what to do, you can reset IIS without having to reboot the whole server. Run this command:
iisreset
48. You can use && to string multiple commands together; they will run sequentially.
49. If you find yourself restarting services frequently, you can use that && trick to create a batch file called restart.cmd and use it to restart services:
net stop %1 && net start %1
50. You can download a Windows port of the wget tool from here, and use it to mirror websites using this command:
wget -mk http://www.example.com/

Linux

51. You can list files sorted by size using this command:
ls –lSr
52. You can view the amount of free disk space in usable format using this command:
df –h
53. To see how much space /some/dir is consuming:
du -sh /some/dir
54. List all running processes containing the string stuff:
ps aux | grep stuff
55. If you have ever run a command but forgot to sudo, you can use this to rerun the command:
sudo !!
56. If you put a space before a command or response, it will be omitted from the shell history.
57. If you really liked a long command that you just ran, and want to save it as a script, use this trick:
echo “!!” > script.sh

Friday 12 February 2016

21 Windows Administrative Tools Explained

administrative-tools-folder-on-windows-8.1[4]
Windows is packed full of system tools, and many of them are in the Administrative Tools folder. The tools here are more powerful and complex, so they’re hidden where most Windows users won’t stumble across them.
Some of these tools are only available on Professional or Enterprise versions of Windows, not the “core” or Home versions of Windows 8.1, 8, and 7. The list of tools here is from a Windows 8.1 Professional system.

Component Services

                     More Article
The Component Services tool allows you configure and administrator COM components and COM+applications. If you don’t know what this means, you don’t need this tool. Most Windows users should never need to touch this, which is why it’s buried here in the Administrative Tools folder.
component-services-administrative-tool[4]

Computer Management

                                 More Article
The Computer Management application provides a variety of tools in one window. For example, the Shared Folders and Local Users and Groups tools provide you with a more powerful interface for viewing and managing shared folders and groups on your PC. The Disk Management drive partitioning tool is also available here.
Some of the tools here — such as the Task Schedule, Event Viewer, and Performance tools — also have their own shortcuts in the Administrative Tools folder.
computer-management-administrative-tool[4]

Defragment and Optimize Drives

This is the standard Disk Defragmenter tool most Windows users are familiar with. On Windows 8 and 8.1, it’s named Optimize Drives and can also optimize solid-state drives as well as defragment mechanical drives. Windows defragments your drives automatically, so you shouldn’t need to run the tool on your own.
windows-8.1-defragment-and-optimize-dries

Disk Cleanup


                               More Article
Every Windows user can benefit rom the Disk Cleanup tool, so it’s a bit out-of-place here. This tool scans your system for unnecessary files — temporary files, Windows update uninstallation files, and other junk — and can quickly remove them to free up space.
disk-cleanup-on-windows-8.1

Event Viewer

The Event Viewer displays the Windows event log. Applications, services, and Windows itself write messages to the event log. Viewing the log can sometimes help you identify a problem and look up a specific error message, but most of the messages here aren’t important.
The Windows tech support phone call scam relies on the Event Viewer to scare users. Don’t fall for the tricks — it’s normal to see error messages in here.
windows-8.1-event-viewer[4]

iSCSI Initiator

This tool allows you to connect to an iSCSI-based storage array through an Ethernet cable. Unless you need to connect to iSCSI storage arrays in a data center, you won’t need this tool.
what-is-iscsi-initiator[4]

Local Security Policy

Security policies are combinations of security settings that help lock down a PC. The Local Security Policy tool allows you to set security policies on your current computer. For example, you can use password polices to set a minimum password length or force users to change their password regularly.
local-security-policy-tool

ODBC Data Sources (32-bit) & ODBC Data Sources (64-bit)

Open Database Connectivity (ODBC) is a standard that allows ODBC-compliant applications to communicate with each other. For example, you could move data back and forth between Microsoft Access and another ODBC-enabled application. This requires the appropriate ODBC drivers installed on the system. The ODBC Data Sources tool allows you to set up ODBC drivers and data sources. You’ll know if you need this — most people won’t.
On 64-bit versions of Windows, you’ll have both 32-bit and 64-bit versions of this tool. This allows you to manage the data sources used by both 32-bit and 64-bit applications.
odbc-data-sources-tool-windows-8.1

Performance Monitor

The Performance Monitor tool allows you to generate performance and system diagnostic reports. While this tool can be interesting, it’s clearly more intended for system administrators than for average Windows users.
windows-8.1-performance-monitor-tool

Print Management

The Print Management window provides a more powerful, detailed interface for viewing and managing printers on your system. Unlike the Control Panel, you can also see which printer drivers are installed on your system and browse printers by whether they have print jobs or not. You can also view and manage print servers from here.
print-management-administrative-tool

Resource Monitor


                                   More Article
The Resource Monitor tool displays information about your hardware resource usage — CPU, disk, network, and memory. The tool also breaks down usage by application, so you can see which applications are writing to your disk drive or which running processes are using the most network bandwidth.
windows-8.1-resource-monitor

Services

            More Article                          

The Services tool displays the services installed on your Windows system and allows you to manage them. Services are low-level programs that run in the background. Many of these services are included with Windows and perform essential system tasks.
We don’t recommend disabling services — you won’t see a noticeable speed-up with modern systems. You could also cause problems if you disable necessary services.
windows-8.1-services-tool

System Configuration

The System Configuration window is the same as the MSConfig tool you can use to tweak your startup and boot settings. On Windows 7, it can also be used to manage startup programs — but you should use the startup manager integrated into the Task Manager on Windows 8 and 8.1.
system-configuration-or-msconfig-administrative-tool[4]

System Information

The System Information window displays information about the hardware components installed in your computer and your Windows configuration. You can view the exact model numbers of your hardware components from here. It’s not the most user-friendly hardware listing tool, but it is integrated into Windows.
This tool also shows you some information about your Windows system — for example, you can see a list of environment variables and their values.
system-information-tool-on-windows

Task Scheduler


           More Article
Windows uses the Task Scheduler to automatically run processes at scheduled times. The Task Scheduler application allows you to set your own programs to run on a schedule, view your system’s scheduled tasks, and manage them.
task-scheduler-windows-8.1

Windows Firewall with Advanced Security

The Windows Firewall may seem like a simple tool, but it’s actually very powerful. The advanced firewall configuration application allows you to create and manage advanced firewall rules. For example, you could use this tool to block specific applications from connecting to the Internet or only allow connections to a server program from a specific IP address.
windows-firewall-with-advanced-security

Windows Memory Diagnostic

The memory diagnostic tool checks your random access memory (RAM) for defects. Run it and your computer will restart.
This tool works like memtest86+ — it writes data to different sectors of your RAM and reads it back. If it gets different data back, it knows your RAM is malfunctioning. This is usually a hardware problem and can generally be solved by replacing at least one stick of RAM.
windows-memory-diagnostic-tool

Windows PowerShell (x86)

PowerShell is an advanced scripting environment. For people who actually need a command-line interface on Windows, PowerShell is a powerful successor to the Windows Command Prompt. If you don’t need a powerful command-line interface, this isn’t for you.
windows-powershell-on-windows-8.1[4]

Windows PowerShell ISE (x86) & Windows PowerShell ISE


          More Article
The PowerShell Integrated Scripting Environment (ISE) provides a graphical interface on top of PowerShell. This tool was added later and provides a more powerful, full-featured interface than the standard PowerShell console.
Both 32-bit (the “x86” version) and 64-bit versions are available if you’re using a 64-bit version of Windows.
what-is-windows-powershell-ise

Many of the tools here shouldn’t be tampered with unless you know what you’re doing. For example, you could disable important system services or scheduled tasks, causing problems with Windows.

Every Admin Should Know These Commands Active Directory 1.   To quickly list all the groups in your domain, with members, run this c...