Useful commands for SysAdmins
Posted by SysAdmin Tools on
CLICK ON THE BANNER TO CHECK OUT OUR FREE AND PREMIUM TOOLS HERE
Get the serial number or service tag of a device
wmic bios get serialnumber
Show the logged in user on a remote device.
wmic /node:"workstation-name" computersystem get username
Show the PID associated with a listening port or show the listening port number associated with a PID
netstat -ano | find "portnumber"
netstat -ano | find "pid"
Find the session ID for a Remote Desktop User and log them off
query user | find "username"
logoff <ID of session>
Quickly find .exe files in the C:\Users directory where RansomWare often hides.
dir C:\Users /B /S /A | find ".exe"
Disable sleep and shutdown
reg ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoClose /t REG_DWORD /d 1 /f
powercfg /setactive "Always On"
powercfg.exe -change -standby-timeout-ac 0
Enable sleep and shutdown
reg DELETE HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoClose
powercfg /setactive "Portable/Laptop"
powercfg.exe -change -standby-timeout-ac 2
Get the HyperV Host name that a VM is running on
reg query "HKLM\Software\Microsoft\Virtual Machine\Guest\Parameters"
Create a local admin user from the command line
net user AdminUser1 P@$$w0rd!@# /ADD
net localgroup Administrators AdminUser1 /ADD
Allow an incoming port through windows firewall
Create the rule
netsh advfirewall firewall add rule name="TCP Port 6624" dir=in action=allow protocol=TCP localport=6624
To delete the rule.
netsh advfirewall firewall delete rule name="TCP Port 6624" protocol=TCP localport=6624
.
Find a share and path on a large file server
net share | find "sharename"
Quickly install Telnet Client
dism /online /Enable-Feature /FeatureName:TelnetClient
CLICK ON THE BANNER TO CHECK OUT OUR FREE AND PREMIUM TOOLS HERE