Useful Commands

Linux Commands

These are documented at Useful Linux Commands.

Windows Commands

The best place to get help with Windows Command Line utilities is the reference on Microsoft TechNet at Command-Line Reference

bcdedit - Boot Configuration Data Store Editor, see BCDEdit Command-Line Options | Microsoft Docs before using
cacls - this is deprecated, see icacls
certutil - for all things certificates, Base64 and hashing
cmdkey - small utility to work with stored credentials, does basic CRUD on save passwords
diskpart - this is the old fdisk on steroids but still the command line
dir - the classic directory listing. Note that /x shows 8.3 or short filenames
find - search for text in files
findstr - similar to find but does pattern matching
fsutil - very handy file system utility
icacls - handy utility to see and modify file and directory permissions, it replaces cacls (see below for more details)
manage-bde - this is for managing BitLocker Disk Encryption and in theory manage-bde -protectors -get C: will get the 48-digit recovery key, listed in the Password section
mklink - this is how you make symbolic link or junction in Windows
nbtstat - short for NetBIOS over TCP/IP protocol Statistics, I usually use nbtstat -a to look at a remote machine
net - this is a very handy and very powerful command, useful on Windows machines and Windows Servers (see below for more details)
netsh - very powerful "network shell" for working with networks including wi-fi, firewall and much more
netstat - this is useful when trying to see which ports are being used, add -a to see listening ports, -b to see the process or -o to see the process ID. netstat -a | find "LISTENING" will give all listening ports only
nslookup - perform a DNS lookup with either IP address or hostname, optionally specify the DNS Server
pathping - ping all the hosts in the traceroute
powercfg - manage Power profiles
rsop.msc - displays the actual Resultant Set of Policy, whereas gpresult /r displays what the RSoP should be, a subtle difference
sc - very powerful tool for managing Windows Services, see also Windows Services and Sc
systeminfo - display a variety of system information, including hotfixes, if you just want to know which domain the machines is in then systeminfo | find /i "domain" will filter the output
tracert - trace the network route to a host via ICMP Echo Request
where - handy little command to find path to a utility on the path or elsewhere, see below for more detail
w32tm - see Windows Server 2016 for details

Brief Examples

mklink /j C:\Tcl C:\Dev\Tcl this creates a Junction or Soft Link directory called C:\Tcl which just points to C:\Dev\Tcl alternatively have a look at windows/batch/relocate.cmd · master · Geoff Lawrence / Geoff Does Stuff · GitLab for another example
certutil -hashfile .\Hello.txt SHA256 produces a SHA256 checksum of the specified file, also works with MD5 and SHA1

net command

This command has many sub-commands, some of which are very powerful and I find very useful. Full documentation for the net sub-commands are available from Command-Line Reference (N)

  • net accounts - display or change the password policy
  • net computer - add computer to domain
  • net config - display server or workstation information
  • net group - for working with domain based groups
  • net help - get some help on everything else
  • net localgroup - manage local groups, including adding domain based accounts
  • net print - this seems to be list via the URL above but unavailable!
  • net session - get session information
  • net share - display or manage shares from the local computer
  • net use - list, connect or delete mapped drives
  • net user - list or manager local user accounts
  • net view - list all resources being used
There are some net sub-commands that work with Windows Services, however the sc command is much better for this.
"net" examples

If you want to create a new user then the following works well:
net user testuser * /ADD /EXPIRES:NEVER /PASSWORDCHG:NO
The * means prompt for a password but you can specify one.

icacls command

The icacls command is much more powerful than you might think. On the surface you can change file and directory permissions, which is great because it becomes easy to script and automate. However you can also save and restore ACL (Access Control List) information or more specifically DACL (Discretionary Access Control List). The subject of security and permissions is a large subject, however How Security Descriptors and Access Control Lists Work is a good starting point.

"icacls" examples

If you want to give local users modify permission on a directory and all it's files and subdirectories then use this:
icacls C:\AppsData /grant BUILTIN\Users:(OI)(CI)M /t
You can also change ownership like this:
icacls C:\AppsData /setowner DOMAIN\username /t
Note that in both cases the "/T" applies the change to the entire tree below the starting point specified, in other words the change is applied recursively.

where command

Firstly where java is a handy usage as this will search the current directory and the PATH environment variable. However where java* also returns javaw. In addition where /r . *.ps1 will find all ps1 files starting in the current folder and recursing into subdirectories and then /t show files details too, a powerful little command indeed. It is worth noting that where /r c:\ /t svn.exe is a good example of the fact that the path to search in belongs with the "/r". It always pays to read the help!

wmic

The WMI command line utility allows you to do Windows Management Instrumentation tasks. A handy example is how to use it to get the service tag on a Dell machine:
wmic bios get serialnumber
This will work on other machines and gets their serial number. The following are also useful in addition to the above:

  • BIOSVersion - {"DELL - xxxxxxx", "2.4.2", "American Megatrends - xxxxx"}
  • Manufacturer - Dell Inc.
  • ReleaseDate - 20170921000000.000000+000
  • SerialNumber - AAAA111
  • SMBIOSBIOSVersion - 2.4.2