Windows Command Line Administration ® Instant Reference John Paul Mueller Acquisitions Editor: Agatha Kim Development Editor: Jennifer Leland Technical Editor: Russ Mullen Production Editor: Liz Britten, Eric Charbonneau Copy Editor: Cheryl Hauser Editorial Manager: Pete Gaughan Production Manager: Tim Tate Vice President and Executive Group Publisher: Richard Swadley Vice President and Publisher: Neil Edde Book Designer: Maureen Forys, Happenstance Type-O-Rama Compositor: JoAnn Kolonick, Happenstance Type-O-Rama Proofreader: Jen Larsen, Word One Indexer: Ted Laux Project Coordinator, Cover: Lynsey Stanford Cover Designer: Ryan Sneed Cover Image: iStockphoto Copyright © 2010 by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada ISBN: 978-0-470-65046-2 No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600 Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose No warranty may be created or extended by sales or promotional materials The advice and strategies contained herein may not be suitable for every situation This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services If professional assistance is required, the services of a competent professional person should be sought Neither the publisher nor the author shall be liable for damages arising herefrom The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Web site may provide or recommendations it may make Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was written and when it is read For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S at (877) 762-2974, outside the U.S at (317) 572-3993 or fax (317) 572-4002 Wiley also publishes its books in a variety of electronic formats Some content that appears in print may not be available in electronic books Library of Congress Cataloging-in-Publication Data Mueller, John, 1958Windows command line administration instant reference / John Paul Mueller p cm Includes bibliographical references and index ISBN 978-0-470-65046-2 (pbk.), ISBN: 978-0-470-93107-3 (ebk), ISBN: 978-0-470-93090-8 (ebk), ISBN: 978-0-470-93086-1 (ebk) Command languages (Computer science)—Handbooks, manuals, etc Microsoft Windows (Computer file)—Handbooks, manuals, etc Operating systems (Computers)—Handbooks, manuals, etc I Title QA76.7.M79 2010 005.4’46—dc22 2010032265 TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc and/or its affiliates, in the United States and other countries, and may not be used without written permission Windows is a registered trademark of Microsoft Corporation in the United States and/or other countries All other trademarks are the property of their respective owners Wiley Publishing, Inc., is not associated with any product or vendor mentioned in this book 10 Dear Reader, Thank you for choosing Windows Command Line Administration Instant Reference This book is part of a family of premium-quality Sybex books, all of which are written by outstanding authors who combine practical experience with a gift for teaching Sybex was founded in 1976 More than 30 years later, we’re still committed to producing consistently exceptional books With each of our titles, we’re working hard to set a new standard for the industry From the paper we print on, to the authors we work with, our goal is to bring you the best books available I hope you see all that reflected in these pages I’d be very interested to hear your comments and get your feedback on how we’re doing Feel free to let me know what you think about this or any other Sybex book by sending me an email at nedde@wiley.com If you think you’ve found a technical error in this book, please visit http://sybex.custhelp.com Customer feedback is critical to our efforts at Sybex Best regards, Neil Edde Vice President and Publisher Sybex, an Imprint of Wiley This book is dedicated to Claudia Meyer, who has taught me a great deal about human spirit and the ability to come back after a crisis She has been an inspiration to me Acknowledgments T hanks to my wife, Rebecca, for working with me to get this book completed I really don’t know what I would have done without her help in researching and compiling some of the information that appears in this book She also did a fine job of proofreading my rough draft and page proofing the result Rebecca also keeps the house running while I’m buried in work Russ Mullen deserves thanks for his technical edit of this book He greatly added to the accuracy and depth of the material you see here Russ is always providing me with great URLs for new products and ideas However, it’s the testing Russ does that helps most He’s the sanity check for my work Russ also has different computer equipment from mine, so he’s able to point out flaws that I might not otherwise notice Matt Wagner, my agent, deserves credit for helping me get the contract in the first place and taking care of all the details that most authors don’t really consider I always appreciate his assistance It’s good to know that someone wants to help A number of people read all or part of this book to help me refine the approach, test the coding examples, and generally provide input that all readers wish they could have These unpaid volunteers helped in ways too numerous to mention here I especially appreciate the efforts of Eva Beattie, Jonathan S Weissman, and Osvaldo Téllez Almirall who provided general input, read the entire book, and selflessly devoted themselves to this project Finally, I would like to thank Pete Gaughan, Agatha Kim, Jennifer Leland, Liz Britten, Cheryl Hauser, and the rest of the editorial and production staff at Sybex for their assistance in bringing this book to print It’s always nice to work with such a great group of professionals and I very much appreciate the friendship we’ve built over the few years About the Author J ohn Mueller is a freelance author and technical editor He has writing in his blood, having produced 86 books and over 300 articles to date The topics range from networking to artificial intelligence and from database management to heads-down programming Some of his current books include a Windows command line reference, books on VBA and Visio 2007, a C# design and development manual, and an IronPython programmer’s guide His technical editing skills have helped over 52 authors refine the content of their manuscripts John has provided technical editing services to both Data Based Advisor and Coast Compute magazines He’s also contributed articles to magazines like DevSource, InformIT, SQL Server Professional, Visual C++ Developer, Hard Core Visual Basic, asp.netPRO, Software Test and Performance, and Visual Basic Developer Be sure to read John’s blog at http://www.amazon.com/gp/blog/id/AQOA2QP4X1YWP When John isn’t working at the computer, you can find him in his workshop He’s an avid woodworker and candle maker On any given afternoon, you can find him working at a lathe or putting the finishing touches on a bookcase He also likes making glycerin soap and candles, which comes in handy for gift baskets You can reach John on the Internet at JMueller@mwt.net John is also setting up a Web site at http://www.mwt.net/~jmueller/ Feel free to look and make suggestions on how he can improve it One of his current projects is creating book FAQ sheets that should help you find the book information you need much faster Contents Introduction xix Part I: Command Line Basics Chapter 1: Configuring the Local Machine Configure the Command Window Set the Window Options Change the Font Choose a Window Layout Define the Text Colors Set the Environment Manage Environment Variables with the Set Command Manage Environment Variables with the SetX Utility Perform Common Tasks Clear the Display Determine the Operating System Version Start an Application Work with Services Shut Down the System Obtain Command Line Help Chapter 2: Making Remote Connections Configure the Remote System Change Security and Basic Setup Setup Remote Administrator Use the Remote Desktop Connection Application Create a Connection Use a Saved Connection Set the Display Access Local Resources Run a Configuration Program Optimize Performance Terminate a Session Use the Start Menu Use the Logoff Utility Chapter 3: Automating Tasks View and Manage Tasks Using Scheduled Tasks Configure the Task Scheduler View Tasks 4 10 10 13 16 16 16 16 18 19 20 23 24 25 28 30 30 35 35 36 38 38 39 40 40 41 42 43 44 viii Contents Create New Tasks Delete Existing Tasks Manage Tasks Using the SchTasks Command Use the /Create Switch Use the /Delete Switch Use the /Query Switch Use the /Change Switch Use the /Run Switch Use the /End Switch Part II: Managing Data Chapter 4: Working with File and Directory Objects Manage Directory Objects Find Directories Find Directories Using Patterns View the Current Directory Change the Current Directory Create Directories Move Directories Rename Directories Remove a Directory Display a Directory Structure Manage File Objects Find Files Find Files in Sorted Order Find Files by Attribute Find Files Using Patterns Copy Files Perform Bulk File Transfers Remove Files Move Files Rename a File Set File Attributes Work with File Associations and Types Determine File Associations Create File Associations Determine File Types Create File Types Make Data Links Create Simple Hard Links View Simple Hard Links Delete Simple Hard Links Create Hard Links Using the New Technique Create Symbolic Links Create Junctions 46 50 51 51 53 53 54 54 54 55 57 58 58 59 60 60 61 61 61 62 62 63 63 64 65 66 68 69 70 71 71 71 72 72 73 73 73 74 75 75 75 76 76 77 536 environment variables environment variables creating and changing, 12 displaying, 11–12, 12 equations in, 13 expanding, 12–13 on other machines, 15 Set command, 10–13, 11 SetX utility, 13–15 system-level, 15 user input, 13 user-level, 14 Environment Variables dialog box, 13–14, 14 eol keyword, 411 equal signs (=) for properties, 215 equations in environment variables, 13 Erase command extensions, 378 files, 70 hard links, 75–76 ErrorLevel clause, 405, 415 errors drive, 86 file systems, 84 try catch statements, 486 escape codes in ANSI.SYS, 382 Ethernet statistics, 179 event logs, 254–256, 256 Event Trace Logs (ETL), 281–282 Event Viewer, 20 EventCreate utility, 254–255, 257 events, system See system events EventTriggers utility, 257–259 EventTriggers /Delete command, 261 EventTriggers /Query command, 261 executing scripts, 442–445 execution rights, 481–483 Exit command batch files, 406–407 command processor, 372 DiskPart, 120 Expanded Memory Manager (EMM), 383–384 ExpandEnvironmentStrings method, 490 expanding environment variables, 12–13 Expected shutdown category, 20 Experience tab for Remote Desktop Connection, 33, 38–39, 39 exporting local security policies, 345–346 logs, 269–270 registry entries, 356–357, 367 expressions, regular, 82 Extend command, 120 extended characters in filenames, 83–84 extended memory, 385–387 Extended Memory Block (EMB) handles, 386 Extended Memory Specification (XMS), 385 extended partitions, 115–116 extending volumes, 119–120 extensions, command, 374, 377–380 external intrusion protection See viruses and external intrusions F FastOpen utility, 381 file IDs, 133 File System Utility See FSUtil (File System Utility) file systems information on, 87–88 monitoring, 83–86 repairing, 90–91 filenames completion characters, 374 extended characters in, 83–84 support, 84–85 files access, 127–132, 128 accessible, 384 associations, 72–74 attributes, 71–72 batch See batch files bulk transfers, 69–70 compressing, 85 copying, 68–69 data, displaying, 92–97, 94, 97 data links, 74–77 dirty bit, 86–87 disconnecting users from, 133 encryption, 85, 122–125 finding, 63–67, 68 finding strings in, 81–83 iterating with For command, 410–412, 412 looping through lists of, 407–409 management commands, 514–515 moving, 71 networks, 155–156 owners, 132 ownership, 134–135 quotas, 88–90 removing, 70–71 renaming, 71 scanning, 339, 340 shared, detecting, 132–134 status, 106–107, 106 types, 73–74 users, 125–127, 126 Files setting, 384 FileSystemObject object, 490 Filter Current Log dialog box, 265, 265–266 help filters logs, 265–266, 265–266 TaskKill and TaskList, 347–350, 348 WinRM, 197, 198 Find utility, 81–82 finding directories, 58–59 domains, 218–219 files, 63–64 by attribute, 65–66 with patterns, 66–67, 68 sorted order, 64–65 strings in, 81–83 hidden servers, 219 SIDs, 130 FindStr utility, 82–83 Firewall context, 477 FixBoot utility, 118 FixMBR utility, 118 flags Verifier settings, 342–343 volumes, 91 Flexible Single Master Operations (FSMO), 226–227 flow control in batch files, 414–418 Font tab, 7, fonts for command window, 7, For command, 409–410 complex file iterations, 410–412 extensions, 378–379 variable substitution, 412–414 forcing logoffs, 144 foreground color, 395 forests, 218 ForFiles utility, 407–409 Format utility, 103–104 formatting data in WMIC, 306–310, 307–309 formatting disks, 103–104 FQDNs (Fully Qualified Domain Names), 178, 333 fragmentation, 109–110, 109 FSDir alias, 293 FSMO (Flexible Single Master Operations), 226–227 FSUtil (File System Utility), 83 FSUtil Behavior command, 83–86 FSUtil Behavior QuotaNotify command, 90 FSUtil Dirty command, 86–87 FSUtil FSInfo command, 87–88 FSUtil Hardlink command, 75 FSUtil Quota command, 89–90 FSUtil Repair command, 84, 86, 90–91 FType command extensions, 379 overview, 72–74 full screen for command window, full user names, 221 FullName property, 450 FullPrivilegeAuditing option, 324–325 Fully Qualified Domain Names (FQDNs), 178, 333 G $G prompt, 60 general applications security, 347–351, 348 General tab for Remote Desktop Connection, 31, 31, 34 GET action in WMIC, 289 GetEnvironmentVariable method, 456 GetMAC command, 140 GetObject method, 452–453 GetScriptEngine method, 454 Globally Unique Identifiers (GUIDs), 105, 321–322 GoTo command extensions, 379 overview, 414 GPResult command, 328–330 GPUpdate command, 330 GrafTabl Utility, 389 granting permissions, 130–131 graphics character support, 389 greater than signs (>) as output redirection pointer, 94–95 Group alias, 293 group policies, 328 managing, 330 results, 328–330 Group Policy Update (GPUpdate) utility, 330 groups Active Directory adding, 233–234 editing, 246 interaction with, 223–224 listing, 240–241 networks adding, 146–147 deleting, 148 users, 148–149 viewing, 147–148, 147–148 user membership, 221–222 GUIDs (Globally Unique Identifiers), 105, 321–322 H hard drives See disks and disk drives hard links, 75–76 hardware commands, 515 help BCDEdit, 316–317 best practices, 523 537 538 Help utility command line, 20–21 CScript and WScript, 442 Net utility, 156–157 NetSH command, 474–475, 475 SecEdit, 344 WinRM, 192 WMIC, 302–306, 302–306 Help utility, 21 helper DLLs, 473, 474 hidden files, encrypting, 124–125 hidden servers, finding, 219 hiding servers, 152–153 High Memory Area (HMA), 382 HIMEM.SYS driver, 385–387 history, command, hives, registry, 354–355, 355 HMA (High Memory Area), 382 holding print jobs, 158 hostnames, listing, 219–220 HTTPS listeners, 202–204, 202 I ICACLS utility, 127–128, 128 ICACLS /Deny command, 131 ICACLS /FindSID command, 130 ICACLS /Grant command, 130–131 ICACLS /Remove command, 131 ICACLS /SetOwner command, 132 ICACLS /Verify command, 132 ID setting for primary partitions, 115 IDEController alias, 293 identity of system users, 332–333 If command extensions, 379 overview, 414–418 IMAGENAME filter, 348 impersonating users, 480 importing local security policies, 346 registry entries, 357, 367–368 Inactive command, 118 inactive partitions, 118 inheritance rights, 128, 130 Initiate command for volume repair, 91 input redirection, 95 install mode, 482–483 interactive processing in batch files, 403–406 Interactive property, 450 Interface context in NetSH, 477 interfaces for WScript, 449 Internet Protocol (IP), 166 DNS resolver cache, 168–169 information for, 166–168, 167 releasing connections, 169 renewing adapter addresses, 168 renewing DHCP addresses and registering DNS names, 169 Internet Protocol (IP) Security Protocol Working Group, 360 Interrupt 15h interface, 385 intervals connection refresh, 180 repeating tasks, 52 intrusion protection See viruses and external intrusions invoking methods on resources, 205 IP Security (IPSec) monitor, 360 IPConfig utility, 166, 167 IPConfig /DisplayDNS, 168 IPConfig /FlushDNS command, 169 IPConfig /RegisterDNS command, 169 IPConfig /Release command, 169 IPConfig /Renew command, 168 IPConfig /Renew6 command, 168 IPSec (IP Security) monitor, 360 IRQ alias, 294 Item property, 454 J JavaScript basics, 436–438 mapping network drives, 483–487 Job alias, 46, 294 junctions, 77 K Kerberos authentication, 312, 397 keyboards for remote computers, 37 keys, registry, 354–355, 355 deleting, 357 exporting, 356–357 importing, 357 L Label command, 103 labels for volumes, 103 language attribute, 441 language support, 387–388 Large option for cursor, last access attribute, 86 layout for command window, 8–9, Layout tab, 8, LDAP Policies command, 225 Length property, 454 less than symbols (