Five Windows Commands Every Administrator Needs To Know

You should always feel like a little ninja when a chance to use the command line rolls around. These command should give you an excuse to open and use the command line just a bit more.

  • wuauclt /detectnow – This command makes Windows check for updates in accordance with the settings on the workstation. This is very helpful in domain environments where you have a Windows Server Update Service (WSUS) running and want it to go grab new updates from that server and not use the Microsoft Update website and try to remember which ones you had and hadn’t approved.

  • runas /user:administrator cmd – This command is a simple RunAs command that opens command prompt. This is important to know if you want to run other programs as an administrator while leaving a user logged in. This will allows you to start and other program as administrator simply by typing it in your administrator command window. Just be sure to close it when you leave, if not the user will have open reign on the computer using your account.

  • oobe/msoobe /a – This command will start the Microsoft Product Activation Wizard. This may not be the most useful command on the enterprise environment but when it comes to reinstalling a PC for someone you know it is a necessary evil. None the less, when there is no activation link, just run the command it it will get you rolling.

  • netstat and netstat -a – These two commands shows you the IP address, port and other vital information about the connections your computer is using. These information can be helpful when trying to troubleshoot a PC that has slow internet or some type of malware issue, or when you are setting up a new service on your server and trying to determine why you can’t use a certain port because it is already in use.

  • shutdown -i – Although many people use the shutdown command to shutdown or restart computers, most people don’t know that this has a handy GUI interface which makes declaring all those parameters in the command line obsolete. Give it a shot and shut down your coworkers computer, but give them some time to see if they can figure out the shutdown -a command to abort your shutdown request. This works especially good to test the new guys skills.

I’m sure there are many commands I have forgotten to add that are just as great as these, if you think of one put it in the comments and share it with everyone else.

Read More

Remote Shutdown / Logoff Script using WMI

Have you ever been sitting at your desk working very hard trying to getting some business analytics report finished for your administrative team, only to be interrupted by the everyday user unable to log on the machine because someone else locked it. Then you have to get up and walk down there and manually login and unlock the workstation. Well this is now a thing of the past for you if you have enabled WMI and have a domain or common credentials on your network. This script will simply allow you to unlock a workstation with out getting up from your desk. Unfortunately, I didn’t write this script but I use it about every other day to unlock a workstation. It has a few good options to allow you to either Logoff / Reboot / Shutdown the workstation. This can also be helpful when the user has locked up the PC and can’t get it to restart, you can send a command from the workstation you are at for that one to restart. In way you end up using this script it will only save you time, I found it to be very reliable and super fast for resolving the locked computer situation. Also, please browse though the code as it is well commented and you can get a greater understanding of how it exactly works.

'|| Remote Shutdown.vbs
'||
'|| Created by Harvey Hendricks, MCSE, A+,
'|| March 2001
'||
'|| email: hhendrks@aramco.com
'|| hhend@swbell.net
'||
'||
'|| Based on techniques and ideas from:
'|| SMS admin, SMS Installer, & WMI forums -> http://www.myITforum.com/forums
'|| Win32 Scripting -> http://cwashington.netreach.net/
'|| Microsoft Windows Script Technologies -> http://msdn.microsoft.com/scripting
'|| Microsoft Online Library -> http://msdn.microsoft.com/library/default.asp
'|| Microsoft VBScript 5.5 documentation
'|| and Microsoft WMI SDK
'||
'||~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'|| SCRIPT LOGIC FLOW:
'|| Collects computername from user, calls function to ping the computername
'|| to determine if it is accessible, if not then display message and exit
'|| otherwise continue.
'|| Collects desired action to perform from the user, does error checking on
'|| the input to determine if it is acceptable, if not then display message
'|| and exit otherwise continue.
'|| Set variables and output messages based on the action chosen. Calls
'|| Win32Shutdown with the appropriate variable. Displays success message
'|| and exits
'||
'|| Uses WMI Win32Shutdown method from the Win32_OperatingSystem class
'|| to perform different logoff / powerdown / reboot functions
'||
'|| Testing found the following values to be effective on Win32Shutdown:
'|| Action decimal binary
'|| Logoff 0 0000
'|| Force Logoff 4 0100
'|| Reboot 2 0010
'|| Force Reboot 6 0110
'|| Powerdown 8 1000
'|| Force Powerdown 12 1100
'||
'|| Notice that the third bit from the right appears to be the "FORCE" bit.
'||
'|| A value of 1 will do a shutdown, ending at the "It is safe to turn
'|| off your computer" screen. I have no use for this and did not test it.
'||
'||
'||NOTES: - tested under Windows 2000 Pro. with ACPI compliant systems -
'|| SHOULD work under Windows NT4 without modification IF the
'|| system has compatible versions of WSH / WMI / VBscripting
'||
'||Logoff / Powerdown / Reboot:
'|| Does not work if a password protected screen saver is active or
'|| there is data to save. Either way the system waits for user input.
'||
'||Force Logoff / Force Powerdown / Force Reboot:
'|| Does not work if a password protected screen saver is active, will wait
'|| for user input. Otherwise will close open applications without saving data.
'||
'\/~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


'/\/\/\/\/\/\/\/\/\/\/\/\/\/\ start function /\/\/\/\/\/\/\/\/\/\/\/\/\/'\/\/\/\/\/\/\/\/\/\/\/\/\/\/\______________/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
function Ping(byval strName)
dim objFSO, objShell, objTempFile, objTS
dim sCommand, sReadLine
dim bReturn

set objShell = WScript.CreateObject("Wscript.Shell")
set objFSO = CreateObject("Scripting.FileSystemObject")

'Set default return value
bReturn = false

'Create command line to ping and save results to a temp file
sCommand = "cmd /c ping.exe -n 3 -w 1000 " & strName & " > temp.txt"

'Execute the command
objShell.run sCommand, 0, true

'Get the temp file
set objTempFile = objFSO.GetFile("temp.txt")
set objTS = objTempFile.OpenAsTextStream(1)

'Loop through the temp file to see if "reply from" is found,
'if it is then the ping was successful
do while objTs.AtEndOfStream <> true
sReadLine = objTs.ReadLine
if instr(lcase(sReadLine), "reply from") > 0 then
bReturn = true
exit do
end if
loop

'Close temp file and release objects
objTS.close
objTempFile.delete
set objTS = nothing
set objTempFile = nothing
set objShell = nothing
set objFSO = nothing

'Return value
Ping = bReturn
end function
'/\/\/\/\/\/\/\/\/\/\/\/\/\/\ end function /\/\/\/\/\/\/\/\/\/\/\/\/\/'\/\/\/\/\/\/\/\/\/\/\/\/\/\/\______________/\/\/\/\/\/\/\/\/\/\/\/\/\/\/



'/\/\/\/\/\/\/\/\/\/\/\ Start Main body of script /\/\/\/\/\/\/\/\/\/\/\/'\/\/\/\/\/\/\/\/\/\/\/\_________________________/\/\/\/\/\/\/\/\/\/\/\/\/
'Get computer name to operate on
ComputerName=InputBox("Enter the Machine name of the computer" & vbCRLF _
& "you wish to Shutdown / Reboot / Logoff", _
"Remote Shutdown / Reboot / Logoff", _
"ComputerName")

'if Cancel selected - exit
If (ComputerName = "") Then Wscript.Quit

'change the name to uppercase
ComputerName=UCase(ComputerName)

'ping the computername to see if it is accessible
bPingtest = ping(Computername)

If bPingtest = FALSE Then
y = msgbox ("'" & ComputerName & "' is not accessible!" & vbCRLF _
& "It may be offline or turned off." & vbCRLF _
& "Check the name for a typo." & vbCRLF, _
vbCritical, ComputerName & " NOT RESPONDING")
Wscript.Quit
end IF

'Get the action desired
Action=InputBox( _
"Select Action to perform on " & ComputerName & vbCRLF & vbCRLF _
& " 1 - Logoff" & vbCRLF _
& " 2 - Force Logoff ( NO SAVE )" & vbCRLF _
& " 3 - Powerdown" & vbCRLF _
& " 4 - Force Powerdown ( NO SAVE )" & vbCRLF _
& " 5 - Reboot" & vbCRLF _
& " 6 - Force Reboot ( NO SAVE )" & vbCRLF & vbCRLF _
& "NOTE:" & vbCRLF _
& " Using Force will close windows" & vbCRLF _
& " without saving changes!", _
"Select action to perform on " & ComputerName, "")

'if Cancel selected - exit
If (Action = "") Then Wscript.Quit

'error check input
If (INSTR("1234567",Action)=0) OR (Len(Action)>1) then
y = msgbox("Unacceptable input passed -- '" & Action & "'", _
vbOKOnly + vbCritical, "That was SOME bad input!")
Wscript.Quit
end if

' set flag to disallow action unless proper input is achieved, 1 => go 0 => nogo
flag = 0

'set variables according to computername and action
Select Case Action
Case 1 'Logoff
x = 0
strAction = "Logoff sent to " & ComputerName
flag = 1
Case 2 'Force Logoff
x = 4
strAction = "Force Logoff sent to " & ComputerName
flag = 1
Case 3 'Powerdown
x = 8
strAction = "Powerdown sent to " & ComputerName
flag = 1
Case 4 'Force Powerdown
x = 12
strAction = "Force Powerdown sent to " & ComputerName
flag = 1
Case 5 'Reboot
x = 2
strAction = "Reboot sent to " & ComputerName
flag = 1
Case 6 'Force Reboot
x = 6
strAction = "Force Reboot sent to " & ComputerName
flag = 1
Case 7 'Test dialog boxes
y = msgbox("Test complete", vbOKOnly + vbInformation, "Dialog Box Test Complete")
flag = 0
Case Else 'Default -- should never happen
y = msgbox("Error occurred in passing parameters." _
& vbCRLF & " Passed '" & Action & "'", _
vbOKOnly + vbCritical, "PARAMETER ERROR")
flag = 0
End Select

'check flag
' if equal 1 (TRUE) then perform Win32Shutdown action on remote PC
' and display a confirmation message
' if not equal 1 (FALSE) then skip the action and script ends
if flag then
Set OpSysSet=GetObject("winmgmts:{(Debug,RemoteShutdown)}//" _
& ComputerName & "/root/cimv2").ExecQuery( _
"Select * from Win32_OperatingSystem where Primary=true")
for each OpSys in OpSysSet
OpSys.Win32Shutdown(x)
y = msgbox(strAction,vbOKOnly + vbInformation,"Mission Accomplished")
next
end If

'Release objects
set OpSys = nothing
set OpSysSet = nothing

Read More