basics with windows power shell
DESCRIPTION
basic shell learning experienceTRANSCRIPT
-
Basics with windows power shell
Prometheus For contact: [email protected]
-
1
Contents
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Chapter 1 Dates and Times
a. Change a Computers Date and Time
b. List Date and Time Information
c. Perform Date Arithmetic
Chapter 2 Files and Folders
a. Copy Files or Folders
b. Create a New File or Folder
c. Delete a File or Folder (Or Other Objects)
d. Move a File or Folder
e. Rename a File or Folder
f. Replicate (and Improve Upon) the DIR Command
g. Retrieve a Specific Item
h. Verify the Existence of a File or Folder
Chapter 3 Saving and Importing Data Append Data to a Text File
a. Check for the Existence of a String Value
b. Display and Save Data With One Command
c. Erase the Contents of a File
d. Output as HTML
e. Read a Text File
f. Read in a Comma-Separated Values File
g. Read in an XML File
h. Save Data as a Comma-Separated Values File
i. Save Data as an XML File
j. Save Data Directly to a Text File
k. Save Data to a Text File
Chapter 4 A-Z commands of cmd prompt
-
2
Basics with windows power shell and
command prompt
WINDOWS POWERSHELL
WINDOWS COMMAND PROMPT
-
3
Introduction
Cmdlets are the heart-and-soul of Windows PowerShell,
Microsoft's new command shell/scripting language. This series provides a task-based introduction to
Windows PowerShell cmdlets: rather than focusing on the individual cmdlets themselves, the emphasis is
on the tasks you can carry out using those cmdlets. These tasks include everything from reading and writing
text files to managing event logs to sorting and filtering data.
Classification of commands in powershell
1. Dates and Times
2. Files and Folders
3. Help and Information
4. Saving and Importing Data
5. Scripting Techniques
6. Security and Security Descriptors
7. System Administration Tasks
8. Windows PowerShell Aliases
9. Windows PowerShell Drives and Namespaces
10. Scripts and Applications
11. Windows PowerShell Sessions
-
4
1) Dates and Times
The following articles provide a brief introduction to working with dates and times in Windows PowerShell;
these tasks include such things as retrieving the current date and time, and performing date arithmetic. As
is so often the case with Windows PowerShell, the code snippets found in these articles can either be
included within a Windows PowerShell script or typed directly into the Windows PowerShell console.
a) Change a Computers Date and Time
b) List Date and Time Information
c) Perform Date Arithmetic
a) Changing a Computers Date and Time
Before explaining how to use the Set-Date cmdlet we should note that this is a cmdlet you should
use with care. For example, if youre in an Active Directory environment your workstation times must be
closely synchronized with your domain controller times; if they arent, you might not be able to log on to
the domain. Computer times are often assigned using an automatic time service; in that case, you probably
dont need to (and probably shouldnt) set dates and times by hand. However, if you do have a need to set
dates and times manually then Set-Date provides an easy way to do so.
One way to change the date/time on a computer is to use the -date parameter followed by the new date and
time. For example, suppose you want to set the date and time to 8:30 AM on June 1, 2006. Heres how you
do that:
Set-Date -date "6/1/2006 8:30 AM
Need to set the clock ahead exactly two days? This command uses the Get-Date cmdlet and the AddDays
method to advance the clock two days:
Set-Date (Get-Date).AddDays(2)
Other methods that can be used here include AddHours, AddMinutes, and AddSeconds. Need to set the
clock back 1 hour due to Daylight Saving Time? Then simply set the clock back -1 (minus 1) hours, like
this:
Set-Date (Get-Date).AddHours(-1)
-
5
b) Listing Date and Time Information
As you might expect, the Get-Date cmdlet enables you to retrieve the current date and time. As you might
also expect, there are a few other interesting tricks you can do with Get-Date, some of which well show
you momentarily.
Lets start with the simplest scenario first. If all you want is the current date and time then simply call
Get-Date without any additional parameters:
Get-Date
In return, youll get back something similar to this:
Wed May 10 10:07:25 2006
Ah, but suppose you want only the date, not the date and the time? Then just use the displayhint parameter
and specify date:
Get-Date -displayhint date
Or, if youd prefer just the time:
Get-Date -displayhint time
You can also use Get-Date to create a date-time object for any date/time. For example, this command creates
a variable named $A that maps to 12:00 AM on May 1, 2006:
$A = Get-Date 5/1/2006
Whats that? You need to map $A to 7:00 AM on May 1, 2006? Why not:
$A = Get-Date "5/1/2006 7:00 AM"
Get-Date also includes a number of methods for doing some handy-dandy date arithmetic:
Add Seconds
Add Minutes
Add Hours
Add Days
Add Months
Add Years
Need to know the date/time 137 minutes from now? This command will show you:
-
6
(Get-Date).AddMinutes(137)
c) Performing Date Arithmetic
The New-TimeSpan cmdlet provides a way to do date arithmetic within Windows PowerShell. For
example, this command tells you the number of days between todays date and New Years Eve 2006:
New-TimeSpan $(Get-Date) $(Get-Date -month 12 -day 31 -year 2006)
When this command was run on May 10, 2006 we got back the following:
Days : 235
Hours : 0
Minutes : 0
Seconds : 0
Milliseconds : 0
Ticks : 203040000000000
TotalDays : 235
TotalHours : 5640
TotalMinutes : 338400
TotalSeconds : 20304000
TotalMilliseconds : 20304000000
Note. All those who knew that there were 20,304,000,000 milliseconds between May 10, 2006 and
December 31, 2006 please raise your hands.
To use New-TimeSpan you just need to pass it a pair of date-time values. The best way to do that is to use
the Get-Date method; that helps ensure that you get a pair of date-time objects that New-TimeSpan can
work with. For our first date, we simply use the Get-Date cmdlet without any additional parameters (note
that the cmdlet must be enclosed in parentheses): $(Get-Date)
For our second date we also call Get-Date, but we tacked on the -month, -day, and -year parameters, along
with the appropriate values:
New-TimeSpan $(Get-Date) $(Get-Date -month 12 -day 31 -year 2006)
What if you need to know how long it is until a more specific time, such as 11:30 PM on December 31st?
As usual, no problem: just include the -hour and the -minute parameters along with the appropriate values
(for the hours, use the 24-hour time format). In other words:
New-TimeSpan $(Get-Date) $(Get-Date -month 12 -day 31 -year 2006 -hour 23 -minute 30)
-
7
2) Files and Folders
The following articles provide a brief introduction to carrying out file system management tasks by using
Windows PowerShell; these tasks include such things as creating, renaming, copying, and deleting files and
folders. As is so often the case with Windows PowerShell, the code snippets found in these articles can
either be included within a Windows PowerShell script or typed directly into the Windows PowerShell
console.
a) Copy Files or Folders
b) Create a New File or Folder
c) Delete a File or Folder (Or Other Objects)
d) Move a File or Folder
e) Rename a File or Folder f) Replicate (and Improve Upon) the DIR Command
g) Retrieve a Specific Item
h) Verify the Existence of a File or Folder
a) Copying Files or Folders
Want to a copy a file or folder to a new location? Then you want the Copy-Item cmdlet. For example, heres
a command that copies the file Test.txt from the C:\Scripts folder to the C:\Test folder:
Copy-Item c:\scripts\test.txt c:\test
Want to copy all the items in C:\Scripts (including subfolders) to C:\Test? Then simply use a wildcard
character, like so:
Copy-Item c:\scripts\* c:\test
Youre way ahead of us: yes, this next command copies only the .txt files in C:\Scripts to C:\Test:
Copy-Item c:\scripts\*.txt c:\test
Finally, this command puts a copy of the folder C:\Scripts inside the folder C:\Test; in other words, the
copied information will be copied to a folder named C:\Test\Scripts. Heres the command:
Copy-Item c:\scripts c:\test -recurse
-
8
Incidentally, the -recurse parameter is absolutely crucial here; leave it out and a Scripts folder will be created
in C:\Test, but none of the files and folders in C:\Scripts will be copied to the new location; youll create a
C:\Test\Scripts folder, but there wont be anything in it. Copy-Item Aliases
cpi cp copy
b) Creating a New File or Folder
New-Item is a quick and easy way to create a new file or folder on your computer. For example, suppose
you want to create a new directory named Windows PowerShell within the C:\Scripts folder. To do that
call New-Item along with: 1) the full path to the new folder; and, 2) the new item type
(which you can specify using the -type parameter and the value directory). The command in question will
look like this:
New-Item c:\scripts\Windows PowerShell -type directory
To create a new file follow the same procedure, specifying the full path name but this time setting the type
to file. This command creates the file C:\Scripts\New_file.txt:
New-Item c:\scripts\new_file.txt -type file
If the item you are trying to create already exists youll get back an error message similar to this:
New-Item : The file 'C:\scripts\new_file.txt' already exists.
However, you can override the default behavior by including the -force parameter:
New-Item c:\scripts\new_file.txt -type file -force
If you use -force the existing file New_file.txt will be replaced by the new, empty file.
And speaking of new, empty files, you can also use the -value parameter to add some data to your new file.
This command adds the phrase This is text added to the file at the same time it creates New_file.txt:
New-Item c:\scripts\new_file.txt -type file -force -value "This is text added to the file"
-
9
New-Item Aliases
Ni
c) Deleting a File or Folder (Or Other Type of Object)
The Remove-Item cmdlet does exactly what the name implies: it enables you to get rid of things once and
for all. Tired of the file C:\Scripts\Test.txt? Then delete it:
remove-Item c:\scripts\test.txt
You can also use wildcard characters to remove multiple items. For example, this command removes all
the files in C:\Scripts:
Remove-Item c:\scripts\*
There is one catch, however. Suppose C:\Scripts contains subfolders. In that case, youll be prompted as to whether or not you really do want to delete everything in the Scripts folder:
Confirm
The item at C:\test\scripts has children and the -recurse parameter was not specified.
If you continue, all children will be removed with the item. Are you sure you want to continue?
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
Is there a way to bypass this prompt? Yep; just tack the -recurse parameter onto the end of your command:
Remove-Item c:\scripts\* -recurse
Heres an interesting variation. Suppose the Scripts folder contains a bunch of files and youd like to delete them all. Wait: maybe not all, maybe youd like to leave any .wav files. No problem; just use the -exclude parameter and indicate the file types that should be excluded from the deletion:
Remove-Item c:\scripts\* -exclude *.wav
-
10
Whats that? Now youd like to remove just .wav and .mp3 files, leaving all other file types alone? All you had to do was ask (and use the -include parameter):
Remove-Item c:\scripts\* -include .wav,.mp3
As youve probably figured out, if you use the -include parameter the cmdlet will act only on those items specified as part of that parameter. (And, yes, you can specify multiple items; just separate items using
commas.) By contrast, if you use the -exclude parameter those items will be exempt from the cmdlet actions.
And yes, if you want to get really fancy you can use both -include and -exclude in the same command.
What do you suppose will happen when we run this command?
Remove-Item c:\scripts\* -include *.txt -exclude *test*
You got it: all the .txt files (as indicated by the -include parameter) in the C:\Scripts folder will be deleted,
except for any files that have the string value test anywhere in the file name (as indicated by the -exclude
parameter). Try some different variations, and it will soon make perfect sense.
Incidentally, the Remove-Item cmdlet has a -whatif parameter that doesnt actually remove anything but simply tells you what would happen if you did call Remove-Item. What do you mean that doesnt make any sense? Here, take a look at this command:
Remove-Item c:\scripts\*.vbs -whatif
If we run this command, none of the .vbs files in the folder C:\Scripts will be removed; however, we will
get back information like this, which lets us know which files would be removed if we called Remove-Item
without the -whatif parameter:
What if: Performing operation "Remove File" on Target "C:\scripts\imapi.vbs".
What if: Performing operation "Remove File" on Target "C:\scripts\imapi2.vbs".
What if: Performing operation "Remove File" on Target "C:\scripts\methods.vbs".
What if: Performing operation "Remove File" on Target "C:\scripts\read-write.vbs
".
What if: Performing operation "Remove File" on Target "C:\scripts\test.vbs".
What if: Performing operation "Remove File" on Target "C:\scripts\winsat.vbs".
In addition, you can remove things other than files and folders. For example, this command gets rid of an
alias named show:
-
11
Remove-Item alias:\show
Make a note of how you specify the location: alias:\. Thats standard notation for all Windows PowerShell drives: the drive letter followed by a colon followed by a \. For example, to switch to the Windows
PowerShell drive for environment variables use this command:
Set-Location env:\
Remove-Item Aliases
ri
rd
erase rm rmdir del
d)Moving a File or Folder
You know how it is: as soon as you have everything set up just perfect, youll invariably want (or need) to
change things. The files you put in the C:\Scripts folder? Turns out they should really be in C:\Test. Or
maybe just the .zip files should be in C:\Test. Or maybe - well, you get the idea. Can you use Windows
PowerShell to move items from one location or another? Lets put it this way: if you couldnt, it would be
pretty silly to have a cmdlet named Move-Item.
Lets take a look at a very simple example: moving a single file from one folder to another. To do that, call
Move-Item followed by, in order, the path to the file to be moved and the location to move it to. For
example, this command moves the file C:\Scripts\Test.zip to C:\Test:
Move-Item c:\scripts\test.zip c:\test
Nothing to it, huh? Because Move-Item accepts wildcards you can easily move all the .zip files in C:\Scripts
to C:\Test:
Move-Item c:\scripts\*.zip c:\test
And so on.
By default, Move-Item will not overwrite any existing files in the target folder. For example, suppose youre trying to move a file named Test.zip from C:\Scripts to C:\Test. However, C:\Test already contains a file
named Test.zip. In that case the move will fail unless you include the force parameter, which instructs
Move-Item to overwrite existing files. This command will move Test.zip to the Test folder, even if the file
C:\Test\Test.zip already exists:
-
12
Move-Item c:\scripts\test.zip c:\test -force
Also by default, you need to specify only the folder name (e.g., C:\Test) when indicating the new location
for the item. However, you do have the option to specifying a complete path when moving an item, which
will effectively move the item and then rename it. For example, this command moves the file
C:\Scripts\950.log to the C:\Test folder. Note, however, the actual target location: C:\Test\MyLog.log. That
means the command will move the file 950.log, and then rename it MyLog.log.
Heres what the command looks like:
Move-Item c:\scripts\950.log c:\test\mylog.log
Move-Item Aliases
mi
mv
move
e)Renaming a File or Folder
What can you do with the Rename-Item cmdlet? Well, one thing you can do is rename files or folders; all
you have to do is call Rename-Item followed by two parameters:
The current path for the file or folder.
The new name for the file or folder.
For example, this command renames the file C:\Scripts\Test.txt to C:\Scripts\New_Name.txt:
Rename-Item c:\scripts\test.txt new_name.txt
Rename-Item Aliases
rni ren
f)Replicating (and Extending) the DIR Command
In its basic form the Get-ChildItem cmdlet provides functionality similar to the dir command. For example,
if you simply type Get-ChildItem at the Windows PowerShell prompt youll get back information about
the objects in the current location:
-
13
Directory: Microsoft.Windows PowerShell.Core\FileSystem::C:\Documents and Settings\kenmyer
Mode LastWriteTime Length Name
---- ------------- ------ ----
d---- 3/1/2006 9:03 AM Bluetooth Software
d---s 5/10/2006 8:55 AM Cookies d----
5/9/2006 2:09 PM Desktop d-r-- 5/9/2006
8:22 AM Favorites d-r-- 5/9/2006 2:24 PM
My Documents d-r-- 3/1/2006 8:15 AM Start
Menu d---s 3/1/2006 3:41 PM UserData d--
-- 3/16/2006 3:29 PM WINDOWS
Thats all well and good, but you can do a lot more with Get-ChildItem than simply list the items found in the current location. For example, in the output above you might have noticed that there wasnt much to
look at; thats because the current location happened to be a folder that contained only a handful of
subfolders. Because of that you might have found it a bit more useful if Get-ChildItem had returned not
only the names of those subfolders but also the contents of those subfolders; that is, you might want a list
of all the files and folders in the subfolders. No problem; just add the -recurse parameter:
Get-ChildItem -recurse
Of course, you arent limited to working with only the current location; in fact, you arent limited to working
with just files and folders. Would you like to see a list of all your environment variables? Then simply pass
along the path to the environment variable drive, like so:
Get-ChildItem env:
What about all the registry subkeys found in
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall? Why not:
Get-ChildItem HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
Note. Get-ChildItem cannot be used to retrieve information about the registry values contained within a
subkey. For that you need to use the Get-ItemProperty cmdlet.
We could do this all day. For example, the -include and -exclude parameters make it easy to retrieve a
specific set of items from a location. Suppose you want information about only the .txt and .log files found
in the folder C:\Scripts? Thats easy:
-
14
Get-ChildItem c:\scripts\*.* -include *.txt,*.log
As you can see, we ask for all the files (*.*) found in the folder C:\Scripts. We then tack on the -include
parameter, specifying two file types: *.txt and *.log. (And separating the file types using a comma). What
do we get back? We get back only .txt and .log files:
Mode LastWriteTime Length Name
---- ------------- ------ ----
-a--- 4/6/2006 8:28 PM 3508 950.Log
-a--- 5/6/2006 10:06 AM 0 Employees.txt
-a--- 5/6/2006 10:06 AM 0 Employees_NODUPL.txt
-a--- 5/6/2006 10:06 AM 0 ExcelData.txt
-a--- 3/3/2006 9:24 PM 14894 methods.txt
-a--- 4/28/2006 1:36 PM 41 new_name.txt
-a--- 3/7/2006 1:44 PM 4112 read-write.txt
-a--- 4/11/2006 11:04 AM 18 servers.txt
-a--- 5/5/2006 9:09 PM 53358 tee.txt
-a--- 4/26/2006 12:28 PM 1125 temporary_print_file.txt
-a--- 5/6/2006 10:30 PM 34184 test.log
-a--- 5/9/2006 3:17 PM 58 test.txt
-a--- 4/6/2006 10:26 PM 205 test_NODUPL.txt
-a--- 4/28/2006 1:16 PM 27 x.txt
-a--- 5/8/2006 2:39 PM 25 y.txt
If we wanted to get back everything except .txt and .log files then wed simply use the exclude parameter
instead; this parameter tells Windows PowerShell which items should not be included in the returned
dataset. Heres what the command looks like:
Get-ChildItem c:\scripts\*.* -exclude *.txt,*.log
Give it a try and see what happens.
The information returned by Get-ChildItem can also be piped into the Sort-Object cmdlet, providing a way
to sort the data by in some other format. Would you rather see files sorted by size (length) than by name?
Then use this command:
Get-ChildItem c:\scripts\*.* | Sort-Object length
-
15
Or, if youd rather see the largest files listed first and the smallest files listed last, then add the -descending
parameter:
Get-ChildItem c:\scripts\*.* | Sort-Object length -descending
Get-ChildItem Aliases
gci ls dir
g) Retrieving a Specific Item
The Get-Item cmdlet makes it easy to retrieve a specific item (such as a file, a folder, or a registry key).
Why would you want to do that? Well, for one thing, it makes it very easy to retrieve the properties of those
items. For example, suppose youd like to know the last time someone accessed the C:\scripts folder. Heres a command that will retrieve that information:
$(Get-Item c:\scripts).lastaccesstime
In essence, were using Get-Item to create an object reference to C:\Scripts. Thats the reason for the
unusual syntax: the command itself - Get-Item c:\scripts - is enclosed in parentheses, with a $ pasted on
front. The property were interested in is then tacked on using standard dot notation (object.property). Want
to know the number of subkeys found in HKEY_CURRENT_USER\Software? Here you go:
$(Get-Item hkcu:\software).subkeycount
Good question: how did we know that SubkeyCount was a property of a registry key? Well, to tell you the
truth, we didnt. But thats another good use for Get-Item: we simply used Get-Item to return an object
representing HKEY_CURRENT_USER\Software and then piped that object to the Get-Member cmdlet:
Get-Item hkcu:\software | Get-Member
We then left it up to Get-Member to figure out the properties of the registry key. Get-Item Aliases
gu
-
16
h) Verifying the Existence of a File or Folder
One of the primary uses of Test-Path is to verify the existence of a file or folder. For example, this command
checks to see whether the file C:\Scripts\Test.txt exists:
Test-Path c:\scripts\test.txt
Test-Path returns True if the file exists, and returns False if the file does not exist.
As is usually the case with cmdlets, you can use wildcards with Test-Path. For example, this script tells you
whether or not there are any .wma files in C:\Scripts:
Test-Path c:\scripts\*.wma
Did someone ask if you can you check for the existence of registry keys using Test-Path? Of course you
can:
Test-Path HKCU:\Software\Microsoft\Windows\CurrentVersion
3) Saving and Importing Data
The following articles provide a brief introduction to saving and/or importing data by using Windows
PowerShell; these tasks include such things as reading and writing to text files as well as saving data in
HTML or XML format. As is so often the case with Windows PowerShell, the code snippets found in these
articles can either be included within a Windows PowerShell script or typed directly into the Windows
PowerShell console.
a) Append Data to a Text File
b) Check for the Existence of a String Value
c) Display and Save Data With One Command
d) Erase the Contents of a File
e) Output as HTML
f) Read a Text File
g) Read in a Comma-Separated Values File
h) Read in an XML File
i) Save Data as a Comma-Separated Values File
j) Save Data as an XML File
k) Save Data Directly to a Text File
-
17
l) Save Data to a Text File
a)Appending Data to a Text File
One use of the Add-Content cmdlet is to append data to a text file. For example, this command adds the
words The End to the file C:\Scripts\Test.txt:
Add-Content c:\scripts\test.txt "The End"
By default Add-Content tacks the new value immediately after the last character in the text file. If youd prefer to have The End listed on a separate line, then simply insert `n (Windows PowerShell lingo for new line) into the value being written to the file. In other words:
Add-Content c:\scripts\test.txt "`nThe End"
Seeing as how you asked, here are some of the other special characters that can be used in Windows
PowerShell output:
`0 -- Null
`a -- Alert
`b -- Backspace
`n -- New line
`r -- Carriage return
`t -- Horizontal tab
`' -- Single quote
`" -- Double quote
Keep in mind that some of these characters are intended for use only from the Windows PowerShell prompt.
For example, the special character `a causes your computer to beep. Dont believe us? Try this command and see what happens:
Write-Host `a
One nice feature of Add-Content is the fact that it accepts wildcard characters. For example, suppose you
want to add a timestamp to the end of all the .log files in the C:\Scripts folder. This command will do just
that:
-
18
$A = Get-Date; Add-Content c:\scripts\*.log $A
As you can see, here were simply assigning the current date and time to a variable named $A, then
appending the value of that variable to all of the .log files in C:\Scripts. Add-Content Aliases
ac
b) Checking for the Existence of a String Value
What can you do with the Select-String cmdlet? Well, one thing you can do is determine whether or not a
specific string value exists in a text file. For example, suppose the file C:\Scripts\Test.txt is a log file that
contains the following information:
Operation succeeded, 5/1/2006
Operation succeeded, 5/2/2006
Operation failed, 5/3/2006
Operation succeeded, 5/4/2006
Operation succeeded, 5/5/2006
Youd like to be able to quickly scan the contents of the file and see whether the word Failed appears anywhere. If it does, that means one of your operations failed; if it doesnt, that means all of your operations succeeded. (And yes, seeing as how were talking about failed operations we do hope youre not a surgeon.) Heres how you can do that:
Get-Content c:\scripts\test.txt | Select-String "Failed" -quiet
What were doing here is using the Get-Content cmdlet to retrieve the contents of the file
C:\Scripts\Test.txt. Were then piping those contents to the Select-String cmdlet and asking SelectString to search for the target string. By adding the -quiet parameter we get back a True if the string is found and
nothing if the string is not found. If we leave off the -quiet parameter then Windows PowerShell returns
each line in the text file that includes the target string:
Operation failed, 5/3/2006
Another Select-String parameter that you might find useful is -casesensitive, which performs a casesensitive
search of, in this case, the text file. This particular command will return nothing, meaning that the target
string Failed could not be found:
-
19
Get-Content c:\scripts\test.txt | Select-String "Failed" -quiet -casesensitive
Why couldnt Failed be found in the text file? Thats easy: based on letter case, theres no such string in the file. The file contains the string failed with a lowercase f, while the target search string is Failed with
an uppercase F. If you change the target string to failed (or remove the -casesensitive parameter) the
command returns True.
b)Display Data and Save That Data with One Command
The Tee-Object cmdlet enables you to display data in the Windows PowerShell window and to save that
same data to a text file, all with a single command. For example, this command uses the GetProcess cmdlet
to retrieve information about all the processes currently running on the computer,
then uses Tee-Object to simultaneously display the data on-screen and save that data to the file
C:\Scripts\Test.txt:
Get-Process | Tee-Object -file c:\scripts\test.txt
Tee-Object Aliases
Tee
c)Erasing the Contents of a File
The Clear-Content cmdlet enables you to erase the contents of a file without deleting the file itself. For
example, suppose you run this command:
Clear-Content c:\scripts\test.txt
When you execute that command the file Test.txt will still be in the folder C:\Scripts; there just wont be any data of any kind in the file:
Windows PowerShell
Did we hear someone ask if wildcard characters can be used with Clear-Content? You bet; this command
erases the contents of any file in C:\Scripts whose file name starts with the letter E:
-
20
Clear-Content c:\scripts\e*
And, no, you are not limited to erasing only text files. Want to delete all the data in an Excel spreadsheet?
Hey, why not:
Clear-Content c:\scripts\test.xls
And this command erases contents of the Word document C:\Scripts\Test.doc:
Clear-Content c:\scripts\test.doc
Clear-Content Aliases
clc
d) Saving Data as an HTML File
No offense to the console window or a text file, but sometimes its hard to beat HTML as an output device (for one thing, HTML gives you more formatting options and flexibility). Fortunately the ConvertTo-Html
cmdlet makes it very easy to view Windows PowerShell output in a Web page. For example, this command
uses the Get-Process cmdlet to retrieve information about all the processes running on the computer. The
output from Get-Process is piped to the ConvertTo-Html cmdlet, which creates an HTML table out of that
data. In turn, that table is piped to the Set-Content cmdlet, which saves the information as a Web page
(C:\Scripts\Test.htm). That sounds like a lot of work, yet the command is as simple as this:
Get-Process | ConvertTo-Html | Set-Content c:\scripts\test.htm
The resulting Web page looks something like this:
Windows PowerShell
-
21
Good point: the table is a bit unwieldy; thats because the large number of properties returned by GetProcess results in a corresponding large number of columns in the table. This revised command limits the properties
displayed in the table to Name, Path, and FileVersion:
Get-Process | ConvertTo-Html name,path,fileversion | Set-Content c:\scripts\test.htm
Our simplified Web page looks like this:
Windows PowerShell
Much better.
But not perfect. By default the title assigned to the Web page is the less-than-scintillating HTML Table.
With that in mind, this command uses the -title parameter to change the window title to Process Information:
Get-Process | ConvertTo-Html name,path,fileversion -title "Process Information" | Set-Content
c:\scripts\test.htm
-
22
Were definitely on the right track now.
Lets do one last thing. As you can see, the only information we have on our Web page is the data table. If youd like to preface the table with some explanatory information then simply include the body parameter followed by the text youd like to appear on the page:
Get-Process |
ConvertTo-Html name,path,fileversion -title "Process Information" -body "Information about the processes
running on the computer." |
Set-Content c:\scripts\test.htm
Granted, we didnt add much value here. But at least the resulting Web page gives you a hint of the kinds of things you can do:
Windows PowerShell
-
23
We should also point out that information configured using the -body parameter is HTML; that means the
parameter can include any valid HTML tags. Want to display your preface using the style? Then just
include the and tags:
Get-Process |
ConvertTo-Html name,path,fileversion -title "Process Information" -body "Information about the
processes running on the computer." |
Set-Content c:\scripts\test.htm
Or, to put it a bit more graphically:
Windows PowerShell
If youve ever wondered why the Scripting Guys arent Web page designers, well, consider the preceding screenshot Exhibit A. But now that you know how ConvertTo-HTML works you can do better.
-
24
e) Reading a Text File
What can you do with the Get-Content cmdlet? Well, one thing you can do is quickly read and display
the contents of a text file. For example, this command displays the contents of the file C:\Scripts\Test.txt:
Get-Content c:\scripts\test.txt
And heres what youll get:
Hey, we never said it was exciting, just that it was useful.
How useful? Heres a simple, but telling example. Suppose you have a text file (C:\Scripts\Test.txt) that contains the names of two or more computers. Youd like to use WMI to retrieve information about the BIOS installed on each of those computers. Here you go:
Get-Content c:\scripts\test.txt | Foreach-Object {Get-Wmiobject -computername $_ win32_bios}
Assuming you have just two computers list in the text file youll get back information similar to this:
SMBIOSBIOSVersion : 68DTT Ver. F.0D
Manufacturer : Hewlett-Packard
Name : EPP runtime BIOS - Version 1.1
SerialNumber : CND60723S7
Version : HP - 22110520
-
25
SMBIOSBIOSVersion : A03
Manufacturer : Dell Computer Corporation
Name : Phoenix ROM BIOS PLUS Version 1.10 A03
SerialNumber : HTVNX41
Version : DELL - 7
Good question: how does that command work? The first part is pretty self-explanatory: we just use Get-
Content to read the contents of the text file. Now, lets take a look a look at the second half of the command:
ForEach-Object {Get-Wmiobject -computername $_ win32_bios}
What were doing here is passing the contents of the text file (our computer names) to the ForEachObject cmdlet. As it turns out, Get-Content automatically creates an array based on the content it is retrieving; in
the case of a text file, each line in the file will be a single item in the array. The ForEachObject simply takes
the contents of the file, one line at a time, and calls the Get-WmiObject cmdlet, providing Get-Wmiobject
with a different line from the file (using the default pipeline variable $_) repeatedly until all lines have been
read. Get-Wmiobject then connects to the computer and retrieves information from the Win32_BIOS class.
Confused? Try it on your set of computers and see what happens.
Because Get-Content automatically creates an array consisting of each line in the file, that means you can
also use the Measure-Object cmdlet to easily count the number of lines in the file, a task people like to do
on a regular basis:
Get-Content c:\scripts\test.txt | Measure-Object
The preceding command returns data similar to this:
Count : 124 Average :
Sum :
Maximum :
Minimum :
Property :
Interesting question: what if you want to return only the first x number of lines in the file? In that case
simply add the -totalcount parameter followed by the number of lines to retrieve. This command returns
only the first five lines in the file Test.txt:
Get-Content c:\scripts\test.txt -totalcount 5
-
26
To get the last five lines in the text file simply read the file using Get-Content, then have Select-Object pick
out the last five items for you:
Get-Content c:\scripts\test.txt | Select-Object -last 5
Get-Content Aliases
gc
type
cat
f)Read in a Comma-Separated Values File
The Import-Csv cmdlet provides a way for you to read in data from a comma-separated values file (CSV)
and then display that data in tabular format within the Windows PowerShell console. For example, suppose
you have a file named C:\Scripts\Test.txt, a file that contains the following data:
Name,Department,Title
Pilar Ackerman,Research,Manager
Jonathan Haas,Finance,Finance Specialist
Ken Myer,Finance,Accountant
You say youd like to view that data on-screen, and in a table, to boot? Then just call Import-Csv followed by the path to the file you want to open:
import-Csv c:\scripts\test.txt
In turn, Windows PowerShell will give you output that looks like this:
Name Department Title
---- ---------- -----
Pilar Ackerman Research Manager
-
27
Jonathan Haas Finance Finance
Specialist Ken Myer Finance
Accountant
Thats cool. But if you really want to have some fun - well, good point: if you really want to have some fun youd probably do something other than import CSV files. Lets put it this way: if you want to have some relative fun, pipe the imported data to the Where-Object cmdlet. For example, this command retrieves only
those employees who work for the Finance department:
Import-Csv c:\scripts\test.txt | Where-Object {$_.department -eq "Finance"}
Heres what the resulting dataset looks like:
Name Department Title
---- ---------- -----
Jonathan Haas Finance Finance
Specialist Ken Myer Finance
Accountant
Granted, the right side of the pipeline is bit cryptic looking. However, its not all that hard to interpret. The $_ is simply Windows PowerShell notation for the current object; the current object, of course, is the text
file C:\Scripts\Test.txt. The .department is standard dot notation; this is no different than referring to a WMI property by saying something like objItem.Name. All were saying is that, for the text file in question, we want to check the value of the Department property (i.e., the Department field). If the field is equal to
(-eq) Finance we want to see it; if its not equal to Finance then we dont want to see it.
Suppose we wanted to see the records for all employees except those from the Finance Department. In that
case wed use this command, with -ne meaning not equal to:
Import-Csv c:\scripts\test.txt | Where-Object {$_.department -ne "Finance"}
That command returns the following data:
Name Department Title
---- ---------- -----
Pilar Ackerman Research Manager
Can you have more than one item in a where clause? Sure: just combine the two criteria with -and or or.
For example, this command returns only accountants who work in the Finance department:
-
28
Import-Csv c:\scripts\test.txt | Where-Object {$_.department -eq "Finance" -and $_.title -eq "Accountant"}
What does that mean? That means youll get back information like this:
Name Department Title
---- ---------- -----
Ken Myer Finance Accountant
Meanwhile, this command returns a list of employees who either work in the Research department or are
accountants:
Import-Csv c:\scripts\test.txt | Where-Object {$_.department -eq "Research" -or $_.title -eq "Accountant"}
You can probably guess what information we get back when we run that command:
Name Department Title
---- ---------- -----
Pilar Ackerman Research Manager
Ken Myer Finance Accountant
Cool.
Import-Csv Aliases
Ipcsv
g) Reading in an XML File
Heres a tough one for you. If the Export-Clixml cmdlet enables you to save data as an XML file, then what do you suppose the Import-Clixml cmdlet lets you do? OK, so maybe it wasnt all that tough after all. At any rate, youre right: Import-Clixml will import an XML file that was saved using Export-Clixml and then rebuilds the Windows PowerShell object for you. For example, suppose you use the GetChildItem cmdlet
-
29
to retrieve a collection of files found in the folder C:\Scripts; you then use the Export-Clixml cmdlet to save
that information as an XML file:
Get-ChildItem c:\scripts | Export-Clixml c:\scripts\files.xml
Any time you feel like it you can retrieve that data using Import-Clixml; simply call the cmdlet followed
by the name of the file to import. For example, this command retrieves the data and stores it in a variable
named $A:
$A = Import-Clixml c:\scripts\files.xml
So what will $A be equal to? It will be equal to the collection of files that were in C:\Scripts at the time you
originally ran Get-ChildItem. Take a look at our Windows PowerShell session:
The best part is that $A is not simply a collection of string data, but an actual Windows PowerShell object.
How do we know that? Try piping $A through the Sort-Objectcmdlet and see what happens:
$A | Sort-Object length
h) Saving Data as a Comma-Separated Values File
The Export-Csv cmdlet makes it easy to export data as a comma-separated values (CSV) file; all you
need to do is call Export-Csv followed by the path to the CSV file. For example, this command uses
Get-Process to grab information about all the processes running on the computer, then uses Export-Csv
to write that data to a file named C:\Scripts\Test.txt:
Get-Process | Export-Csv c:\scripts\test.txt
-
30
The resulting text file will look something like this:
#TYPE System.Diagnostics.Process
__NounName,Name,Handles,VM,WS,PM,NPM,Path,Company,CPU,FileVersion,ProductVersion,Descri
p tion,Product,BasePriority,
ExitCode,HasExited,ExitTime,Handle,HandleCount,
Id,MachineName,MainWindowHandle,MainWindowTitle,MainModule,
MaxWorkingSet,MinWorkingSet,Modules,NonpagedSystemMemorySize,
NonpagedSystemMemorySize64,
PagedMemorySize,PagedMemorySize64,PagedSystemMemorySize,PagedSystemMemorySize64,PeakP
agedMemorySize,
PeakPagedMemorySize64,PeakWorkingSet,PeakWorkingSet64,
PeakVirtualMemorySize,PeakVirtualMemorySize64,
PriorityBoostEnabled,PriorityClass,PrivateMemorySize,PrivateMemorySize64,PrivilegedProcessorTime,
ProcessName,
ProcessorAffinity, Responding,SessionId,StartInfo,StartTime,SynchronizingObject,
Threads,TotalProcessorTime,UserProcessorTime,VirtualMemorySize,VirtualMemorySize64,EnableRaisi
ngEvents,
StandardInput,StandardOutput,StandardError,WorkingSet,WorkingSet64,Site,Container
Process,alg,110,33714176,3698688,1273856,5400,C:\WINDOWS\System32\alg.exe,"Microsoft
Corporation",0.046875,
"5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)",5.1.2600.2180,"Application Layer Gateway Service",
"Microsoft? Windows? Operating
System",8,,False,,2140,110,788,.,0,,"System.Diagnostics.ProcessModule
( alg.exe)",1413120,204800,System.Diagnostics.ProcessModuleCollection, 5400,5400,1273856,1273856
,65756,65756,
1347584,1347584,3747840,3747840,35024896,35024896 ,True,Normal, 1273856,1273856,00:00:00.03
12500,alg,1,True,0,
System.Diagnostics.ProcessStartInfo,"5/19/2006 7:37:03
AM",,System.Diagnostics.ProcessThreadCollection,
00:00:00.0468750,00:00:00.0156250,33714176,33714176,False,,,,3698688,3698688,,
By default, data is saved in ASCII format. What if youd prefer to save the data in Unicode format (or maybe UTF7 or UTF8)? No problem; just add the -encodingparameter followed by the desired format:
Get-Process | Export-Csv c:\scripts\test.txt -encoding "unicode"
You might have noticed that the first line in the resulting CSV file lists the .NET object type:
-
31
#TYPE System.Diagnostics.Process
If youd just as soon not have the .NET object type in your output file then simply include the notype parameter:
Get-Process | Export-Csv c:\scripts\test.txt -notype
Another parameter you might find useful is -force. Suppose Test.txt is a read-only file: that enables people
to access, but not change, the contents of the file. Thats great, until it comes time to use Export-Csv and update the contents of the file. Heres what happens if you try to export text to a readonly file:
PS C:\Documents and Settings\gstemp> Get-Process | Export-Csv c:\scripts\test.txt Export-Csv
: Access to the path 'C:\scripts\test.txt' is denied.
Thats where -force comes into play. Suppose you add -force to your export command:
Get-Process | Export-Csv c:\scripts\test.txt -force
In that case, Windows PowerShell will temporarily clear the read-only attribute from the file, update the
contents, and then reset the read-only attribute. The end result: the file gets updated, but when Export-Csv
is finished the file will still be marked as read-only.
Export-Csv Aliases
Epcsv
i)Saving Data as an XML File
Of course you can save Windows PowerShell output in XML format; what else would you use the
Export-Clixml cmdlet for? This simple command uses the Get-Processcmdlet to retrieve information
about all the processes running on the computer. That information is then piped to the Export-Clixml
cmdlet, which in turn saves the data as an XML file named C:\Scripts\Test.xml:
-
32
Get-Process | Export-Clixml c:\scripts\test.xml
The resulting XML file will look something like this:
By default Export-Clixml overwrites any existing copy of C:\Scripts\Test.xml. If youd prefer not to overwrite Test.xml then simply include the -noclobber parameter in your command:
Get-Process | Export-Clixml c:\scripts\test.xml -noclobber
If you run this command and Test.xml already exists youll get back the following error message:
Export-Clixml : File C:\scripts\test.xml already exists and NoClobber was specified.
And, no, the Scripting Guys didnt come up with the name NoClobber. But we wish we had!
j) Saving Data Directly to a Text File
-
33
The Out-File cmdlet enables you to send pipelined output directly to a text file rather than displaying that
output on screen. For example, this command retrieves process information using Get-Process, then uses
Out-File to write the data to the file C:\Scripts\Test.txt:
Get-Process | Out-File c:\scripts\test.txt
By default Out-File saves the data exactly the way that data appears in your Windows PowerShell console.
That means that some of the data could end up truncated. For example, take a look at the results of running
Get-Process in the console:
Windows PowerShell
If you look closely, youll notice that the name of at least one process (PhotoshopElementsF ) could not be fully displayed onscreen. In turn, thats exactly how this line will look in the saved text file: 61 5 1240 660 30 0.05 1084 PhotoshopElementsF...
Thats a problem, but its an easy problem to solve: just include the -width parameter and specify a different line width (in characters) for the text file. For example, this revised command sets the line width to 120
characters:
Get-Process | Out-File c:\scripts\test.txt -width 120
And heres what that same line looks like in the new and improved text file:
61 5 1240 660 30 0.05 1084 PhotoshopElementsFileAgent
h) Saving Data to a Text File
-
34
The primary use of Set-Content is to write data to a text file. For example, this command writes the text
This is a test to the text file C:\Scripts\Test.txt:
Set-Content c:\scripts\test.txt "This is a test"
Note that this replaces the existing contents of Test.txt with the new text specified in the command. To
append text to a file, use the Add-Content cmdlet.
Set-Content Aliases
Sc
-
35
4) A-Z COMMANDS OF WINDOWS COMMAND
PROMPT
A number of Windows 8 Command Prompt commands are very similar to MS-DOS commands. However,
the Command Prompt in Windows 8 is not MS-DOS so the commands are not correctly referred to as MS-
DOS commands. I do have a list of DOS commands if you really are using MS-DOS and are interested.
Append
The append command can be used by programs to open files in another directory as if they were located in
the current directory.
The append command is not available in 64-bit versions of Windows 8.
Arp
The arp command is used to display or change entries in the ARP cache.
Assoc
The assoc command is used to display or change the file type associated with a particular file extension.
Attrib
-
36
The attrib command is used to change the attributes of a single file or a directory.
Auditpol
The auditpol command is used to display or change audit policies.
Bcdboot
The bcdboot command is used to copy boot files to the system partition and to create a new system BCD
store.
Bcdedit
The bcdedit command is used to view or make changes to Boot Configuration Data.
Bdehdcfg
The bdehdcfg command is used to prepare a hard drive for BitLocker Drive Encryption.
Bitsadmin
The bitsadmin command is used to create, manage, and monitor download and upload jobs.
While the bitsadmin command is available in Windows 8, you should know that it is being phased out. The
BITS PowerShell cmdlets should be used instead.
Bootcfg
The bootcfg command is used to build, modify, or view the contents of the boot.ini file, a hidden file that
is used to identify in what folder, on which partition, and on which hard drive Windows is located.
The bootcfg command was replaced by the bcdedit command beginning in Windows Vista. Bootcfg is still
available in Windows 8 but it serves no real value since boot.ini is not used.
Bootsect
The bootsect command is used to configure the master boot code to one compatible with Windows 8
(BOOTMGR).
The bootsect command is only available from the Command Prompt in System Recovery Options.
Break
The break command sets or clears extended CTRL+C checking on DOS systems.
The break command is available in Windows 8 to provide compatibility with MS-DOS files but it has no
effect in Windows 8 itself.
Cacls
The cacls command is used to display or change access control lists of files.
-
37
Even though the cacls command is available in Windows 8, it's being phased out. Microsoft recommends
that you use the icacls command instead.
Call
The call command is used to run a script or batch program from within another script or batch program.
The call command has no effect outside of a script or batch file. In other words, running the call command
at the Command Prompt will do nothing.
Cd
The Cd command is the shorthand version of the chdir command.
Certreq
The certreq command is used to perform various certification authority (CA) certificate functions.
Certutil
The certutil command is used to dump and display certification authority (CA) configuration information
in addition to other CA functions.
Change
The change command changes various terminal server settings like install modes, COM port mappings, and
logons.
Chcp
The chcp command displays or configures the active code page number.
Chdir
The chdir command is used to display the drive letter and folder that you are currently in. Chdir can also
be used to change the drive and/or directory that you want to work in
Checknetisolation
The checknetisolation c Chglogon
The chglogon command enables, disables, or drains terminal server session logins.
Executing the chglogon command is the same as executing change logon.
Chgport
The chgport command can be used to display or change COM port mappings for DOS compatibility.
-
38
Executing the chgport command is the same as executing change port.
Chgusr
The chgusr command is used to change the install mode for the terminal server.
Executing the chgusr command is the same as executing change user.
Chkdsk
The chkdsk command, often referred to as check disk, is used to identify and correct certain hard drive
errors.
Chkntfs
The chkntfs command is used to configure or display the checking of the disk drive during the Windows
boot process.
Choice
The choice command is used within a script or batch program to provide a list of choices and return of the
value of that choice to the program.
Cipher
The cipher command shows or changes the encryption status of files and folders on NTFS partitions.
Cmd
The cmd command starts a new instance of the command interpreter. to test apps that require network
capabilities
Cmdkey
The cmdkey command is used to show, create, and remove stored user names and passwords.
Cmstp
The cmstp command installs or uninstalls a Connection Manager service profile.
Color
The color command is used to change the colors of the text and background within the Command Prompt
window.
-
39
Command
The command command starts a new instance of the command.com command interpreter.
The command command is not available in 64-bit versions of Windows 8.
Comp
The comp command is used to compare the contents of two files or sets of files.
Compact
The compact command is used to show or change the compression state of files and directories on NTFS
partitions.
Convert
The convert command is used to convert FAT or FAT32 formatted volumes to the NTFS format.
Copy
The copy command does simply that - it copies one or more files from one location to another.
Cscript
The cscript command is used to execute scripts via Microsoft Script Host.
The cscript command is most commonly used to manage printing from the command line with scripts like
prncnfg.vbs, prndrvr.vbs, prnmngr.vbs, and others.
Date
The date command is used to show or change the current date
Debug
The debug command starts Debug, a command line application used to test and edit programs.
The debug command is not available in 64-bit versions of Windows 8.
Defrag
The defrag command is used to defragment a drive you specify. The defrag command is the command line
version of Microsoft's Disk Defragmenter.
Del
The del command is used to delete one or more files. The del command is the same as the erase command.
-
40
Dir
The dir command is used to display a list of files and folders contained inside the folder that you are
currently working in. The dir command also displays other important information like the hard drive's serial
number, the total number of files listed, their combined size, the total amount of free space left on the drive,
and more.
Diskcomp
The diskcomp command is used to compare the contents of two floppy disks.
Diskcopy
The diskcopy command is used to copy the entire contents of one floppy disk to another.
Diskpart
The diskpart command is used to create, manage, and delete hard drive partitions.
Diskperf
The diskperf command is used to manage disk performance counters remotely.
The diskperf command was useful for disk performance counter administration in Windows NT and 2000
but are permanently enabled in Windows 8.
Diskraid
The diskraid command starts the DiskRAID tool which is used to manage and configure RAID arrays.
Dism
The dism command starts the Deployment Image Servicing and Management tool (DISM). The DISM tool
is used to manage f Dispdiag
The dispdiag command is used to output a log of information about the display system.
Djoin
The djoin command is used to create a new computer account in a domain.
Doskey
The doskey command is used to edit command lines, create macros, and recall previously entered
commands.
-
41
Dosx
The dosx command is used to start DOS Protected Mode Interface (DPMI), a special mode designed to give
MS-DOS applications access to more than the normally allowed 640 KB.
The dosx command is not available in 64-bit versions of Windows 8.
The dosx command (and DPMI) is only available in Windows 8 to support older MS-DOS programs.
Driverquery
The driverquery command is used to show a list of all installed drivers.
Echo
The echo command is used to show messages, most commonly from within script or batch files. The echo
command can also be used to turn the echoing feature on or off.
Edit
The edit command starts the MS-DOS Editor tool which is used to create and modify text files.
The edit is not available in 64-bit versions of Windows 8.
Edlin
The edlin command starts the Edlin tool which is used to create and modify text files from the command
line.
The edlin command is not available in 64-bit versions of Windows 8.
Endlocal
The endlocal command is used to end the localization of environment changes inside a batch or script file.
Erase
The erase command is used to delete one or more files. The erase command is the same as the del command.
Esentutl
The esentutl command is used to manage Extensible Storage Engine databases.
Eventcreate
The eventcreate command is used to create a custom event in an event log.
-
42
Exe2Bin
The exe2bin command is used to convert a file of the EXE file type (executable file) to a binary file.
The exe2bin command is not available in 64-bit versions of Windows 8.
Exit
The exit command is used to end the Command Prompt session that you're currently working in.
Expand
The expand command is used to extract a single file or a group of files from a compressed file.
Extrac32
The extrac32 command is used to extract the files and folders contained in Microsoft Cabinet (CAB) files.
The extrac32 command is actually a CAB extraction program for use by Internet Explorer but can be used
to extract any Microsoft Cabinet file. Use the expand command instead of the extrac32 command if
possible.
Fastopen
The fastopen command is used to add a program's hard drive location to a special list stored in memory,
potentially improving the program's launch time by removing the need for MS-DOS to locate the
application on the drive.
The fastopen command is not available in 64-bit versions of Windows 8. Fastopen only exists in 32-bit
versions of Windows 8 to support older MS-DOS files
Fc
The fc command is used to compare two individual or sets of files and then show the differences between
them.
Find
The find command is used to search for a specified text string in one or more files.
Findstr
The findstr command is used to find text string patterns in one or more files.
Finger
The finger command is used to return information about one or more users on a remote computer that's
running the Finger service.
-
43
Fltmc
The fltmc command is used to load, unload, list, and otherwise manage Filter drivers.
Fondue
The fondue command, short for Features on Demand User Experience Tool, is used to install any of the
several optional Windows 8 features from the command line.
Optional Windows 8 features can also be installed from the Programs and Features applet in Control Panel.
For
The for command is used to run a specified command for each file in a set of files. The for command is
most often used within a batch or script file.
Forfiles
The forfiles command selects one or more files to execute a specified command on. The forfiles command
is most often used within a batch or script file.
Format
The format command is used to format a drive in the file system that you specify.
Drive formatting is also available from Disk Management within Windows 8.
Fsutil
The fsutil command is used to perform various FAT and NTFS file system tasks like managing reparse
points and sparse files, dismounting a volume, and extending a volume.
Ftp
The ftp command can used to transfer files to and from another computer. The remote computer must be
operating as an FTP server.
Ftype
The ftype command is used to define a default program to open a specified file type.
Getmac
The getmac command is used to display the media access control (MAC) address of all the network
controllers on a system.
-
44
Goto
The goto command is used in a batch or script file to direct the command process to a labeled line in the
script.
Gpresult
The gpresult command is used to display Group Policy settings.
Gpupdate
The gpupdate command is used to update Group Policy settings.
Graftabl
The graftabl command is used to enable the ability of Windows to display an extended character set in
graphics mode.
The graftabl command is not available in 64-bit versions of Windows 8.
Graphics
The graphics command is used to load a program that can print graphics.
The graphics command is not available in 64-bit versions of Windows 8.
Help
The help command provides more detailed information on other Command Prompt commands.
Hostname
The hostname command displays the name of the current host.
The hwrcomp command is used to compile custom dictionaries for handwriting recognition.
Hwrreg
The hwrreg command is used to install a previously compiled custom dictionary for handwriting
recognition.
Icacls
The icacls command is used to display or change access control lists of files. The icacls command is an
updated version of the cacls command
-
45
If
The if command is used to perform conditional functions in a batch file.
Ipconfig
The ipconfig command is used to display detailed IP information for each network adapter utilizing TCP/IP.
The ipconfig command can also be used to release and renew IP addresses on systems configured to receive
them via a DHCP server.
Irftp
The irftp command is used to transmit files over an infrared link.
Iscsicli
The iscsicli command starts the Microsoft iSCSI Initiator, used to manage iSCSI.
Kb16
The kb16 command is used to support MS-DOS files that need to configure a keyboard for a specific
language.
The kb16 command is not available in 64-bit versions of Windows 8.
Klist
The klist command is used to list Kerberos service tickets. The klist command can also be used to purge
Kerberos tickets.
Ksetup
The ksetup command is used to configure connections to a Kerberos server.
Ktmutil
The ktmutil command starts the Kernel Transaction Manager utility.
Label
The label command is used to manage the volume label of a disk.
Licensingdiag
The licensingdiag command is a tool used to generate a text-based log and other data files that contain
product activation and other Windows licensing information.
Loadfix
-
46
The loadfix command is used to load the specified program in the first 64K of memory and then runs the
program.
The loadfix command is not available in 64-bit versions of Windows 8.
Lodctr
The lodctr command is used to update registry values related to performance counters.
Logman
The logman command is used to create and manage Event Trace Session and Performance logs. The logman
command also supports many functions of Performance Monitor.
Logoff
The logoff command is used to terminate a session.
Lpq
The lpq command displays the status of a print queue on a computer running Line Printer Daemon (LPD).
Lpr
The lpr command is used to send a file to a computer running Line Printer Daemon (LPD).
The lpr command is not available by default in Windows 8 but can be enabled by turning on the LPD Print
Service and LPR Port Monitor features from Programs and Features in Control Panel.
Makecab
The makecab command is used to losslessly compress one or more files. The makecab command is
sometimes called Cabinet Maker.
Manage-bde
The manage-bde command is used to configure BitLocker Drive Encryption from the command line.
Md
The md command is the shorthand version of the mkdir command.
Mem
The mem command shows information about used and free memory areas and programs that are currently
loaded into memory in the MS-DOS subsystem.
The mem command is not available in 64-bit versions of Windows 8.
-
47
Mkdir
The mkdir command is used to create a new folder.
Mklink
The mklink command is used to create a symbolic link.
Mode
The mode command is used to configure system devices, most often COM and LPT ports.
More
The more command is used to display the information contained in a text file. The more command can also
be used to paginate the results of any other Command Prompt command.
Mountvol
The mountvol command is used to display, create, or remove volume mount points.
Move
The move command is used to move one or files from one folder to another. The move command is also
used to rename directories.
Mrinfo
The mrinfo command is used to provide information about a router's interfaces and neighbors
Msg
The msg command is used to send a message to a user.
Msiexec
The msiexec command is used to start Windows Installer, a tool used to install and configure software.
Muiunattend
The muiunattend command starts the Multilanguage User Interface unattended setup process.
Nbtstat
-
48
The nbtstat command is used to show TCP/IP information and other statistical information about a remote
computer.
Net
The net command is used to display, configure, and correct a wide variety of network settings.
Net1
The net1 command is used to display, configure, and correct a wide variety of network settings.
Netcfg
The netcfg command is used to install the Windows Preinstallation Environment (WinPE), a lightweight
version of Windows used to deploy workstations.
Netsh
The netsh command is used to start Network Shell, a command-line utility used to manage the network
configuration of the local, or a remote, computer.
Netstat
The netstat command is most commonly used to display all open network connections and listening ports.
Nlsfunc
The nlsfunc command is used to load information specific to a particular country or region.
The nlsfunc command is not available in 64-bit versions of Windows 8 and is only available in 32-bit
versions to support older MS-DOS files.
Nltest
The nltest command is used to test secure channels between Windows computers in a domain and between
domain controllers that are trusting other domains.
The nltest command was first available in Windows 8.
Nslookup
The nslookup is most commonly used to display the hostname of an entered IP address. The nslookup
command queries your configured DNS server to discover the IP address.
Ocsetup
-
49
The ocsetup command starts the Windows Optional Component Setup tool, used to install additional
Windows features.
Openfiles
The openfiles command is used to display and disconnect open files and folders on a system.
Path
The path command is used to display or set a specific path available to executable files.
Pathping
The pathping command functions much like the tracert command but will also report information about
network latency and loss at each hop.
Pause
The pause command is used within a batch or script file to pause the processing of the file. When the pause
command is used, a Press any key to continue... message displays in the command window.
Ping
The ping command sends an Internet Control Message Protocol (ICMP) Echo Request message to a
specified remote computer to verify IP-level connectivity.
Pkgmgr
The pkgmgr command is used to start the Windows Package Manager from the Command Prompt. Package
Manager installs, uninstalls, configures, and updates features and packages for Windows.
Pnpunattend
The pnpunattend command is used to automate the installation of hardware device drivers
Pnputil
The pnputil command is used to start the Microsoft PnP Utility, a tool used to install a Plug and Play device
from the command line.
Popd
The popd command is used to change the current directory to the one most recently stored by the pushd
command. The popd command is most often utilized from within a batch or script file.
Powercfg
The powercfg command is used to manage the Windows power management settings from the command
line.
-
50
Print
The print command is used to print a specified text file to a specified printing device.
Prompt
The prompt command is used to customize the appearance of the prompt text in Command Prompt.
Pushd
The pushd command is used to store a directory for use, most commonly from within a batch or script
program.
Pwlauncher
The pwlauncher command is used to enable, disable, or show the status of your Windows To Go startup
options.
Qappsrv
The qappsrv command is used to display all Remote Desktop Session Host servers available on the network.
Qprocess
The qprocess command is used to display information about running processes.
Query
The query command is used to display the status of a specified service.
Quser
The quser command is used to display information about users currently logged on to the system.
Qwinsta
The qwinsta command is used to display information about open Remote Desktop Sessions.
Rasautou
The rasautou command is used to manage Remote Access Dialer AutoDial addresses.
Rasdial
-
51
The rasdial command is used to start or end a network connection for a Microsoft client.
Rd
The rd command is the shorthand version of the rmdir command.
Reagentc
The reagentc command is used to configure the Windows Recovery Environment (RE).
Recover
The recover command is used to recover readable data from a bad or defective disk.
Reg
The reg command is used to manage the Windows Registry from the command line. The reg command can
perform common registry functions like adding registry keys, exporting the registry, etc.
Regini
The regini command is used to set or change registry permissions and registry values from the command
line.
Register-cimprovider
The register-cimprovider command is used to register a Common Information Model (CIM) Provider in
Windows 8.
Regsvr32
The regsvr32 command is used to register a DLL file as a command component in the Windows Registry.
Relog
The relog command is used to create new performance logs from data in existing performance logs.
Rem
The rem command is used to record comments or remarks in a batch or script file.
Ren
-
52
The ren command is the shorthand version of the rename command.
Rename
The rename command is used to change the name of the individual file that you specify.
Repair-bde
The repair-bde command is used to repair or decrypt a damaged drive that's been encrypted using BitLocker.
Replace
The replace command is used to replace one or more files with one or more other files.
Reset
The reset command, executed as reset session, is used to reset the session subsystem software and hardware
to known initial values.
Rmdir
The rmdir command is used to delete an existing and completely empty folder.
Robocopy
The robocopy command is used to copy files and directories from one location to another. This command
is also called Robust File Copy.
The robocopy command is superior to the more simple copy command because robocopy supports many
more options.
Route
The route command is used to manipulate network routing tables.
Rpcping
The rpcping command is used to ping a server using RPC.
Runas
The runas command is used to execute a program using another user's credentials.
Rwinsta
-
53
The rwinsta command is the shorthand version of the reset session command.
Sc
The sc command is used to configure information about services. The sc command communicates with the
Service Control Manager.
Schtasks
The schtasks command is used to schedule specified programs or commands to run a certain times. The
schtasks command can be used to create, delete, query, change, run, and end scheduled tasks.
Sdbinst
The sdbinst command is used to deploy customized SDB database files.
Secedit
The secedit command is used to configure and analyze system security by comparing the current security
configuration to a template.
Set
The set command is used to enable or disable certain options in Command Prompt.
Setlocal
The setlocal command is used to start the localization of environment changes inside a batch or script file.
Setspn
The setspn command is used to manage the Service Principal Names (SPN) for an Active Directory (AD)
service account.
Setver
The setver command is used to set the MS-DOS version number that MS-DOS reports to a program.
The setver command is not available in 64-bit versions of Windows 8.
Setx
The setx command is used to create or change environment variables in the user environment or the system
environment.
Sfc
-
54
The sfc command is used to verify and replace important Windows system files. The sfc command is also
referred to as System File Checker and Windows Resource Checker.
Share
The share command is used to install file locking and file sharing functions in MS-DOS.
The share command is not available in 64-bit versions of Windows 8. Share is only available in 32-bit
versions of Windows 8 to support older MS-DOS files.
Shift
The shift command is used to change the position of replaceable parameters in a batch or script file.
Shutdown
The shutdown command can be used to shut down, restart, or log off the current system or a remote
computer.
Sort
The sort command is used to read data from a specified input, sort that data, and return the results of that
sort to the Command Prompt screen, a file, or another output device.
Start
The start command is used to open a new command line window to run a specified program or command.
The start command can also be used to start an application without creating a new window.
Subst
The subst command is used to associate a local path with a drive letter. The subst command is a lot like the
net use command except a local path is used instead of a shared network path.
Sxstrace
The sxstrace command is used to start the WinSxs Tracing Utility, a programming diagnostic tool.
Systeminfo
The systeminfo command is used to display basic Windows configuration information for the local or a
remote computer.
Takeown
The takeown command is used to regain access to a file that that an administrator was denied access to
when reassigning ownership of the file.
-
55
Taskkill
The taskkill command is used to terminate a running task. The taskkill command is the command line
equivalent of ending a process in Task Manager in Windows.
Tasklist
"Displays a list of applications, services, and the Process ID (PID) currently running on either a local or a
remote computer.
Tcmsetup
The tcmsetup command is used to setup or disable the Telephony Application Programming Interface
(TAPI) client.
Telnet
The telnet command is used to communicate with remote computers that use the Telnet protocol.
The telnet command is not available by default in Windows 8 but can be enabled by turning on the Telnet
Client Windows feature from Programs and Features in Control Panel.
Tftp
The tftp command is used to transfer files to and from a remote computer that's running the Trivial File
Transfer Protocol (TFTP) service or daemon.
The tftp command is not available by default in Windows 8 but can be enabled by turning on the TFTP
Client Windows feature from Programs and Features in Control Panel.
Time
The time command is used to show or change the current time.
Timeout
The timeout command is typically used in a batch or script file to provide a specified timeout value during
a procedure. The timeout command can also be used to ignore keypresses
Title
The title command is used to set the Command Prompt window title.
Tlntadmn
The tlntadmn command is used to administer a local or remote computer running Telnet Server.
The tlntadmn command is not available by default in Windows 8 but can be enabled by turning on the
Telnet Server Windows feature from Programs and Features in Control Panel.
Tpmvscmgr
-
56
The tpmvscmgr command is used to create and destroy TPM virtual smart cards.
Tracerpt
The tracerpt command is used to process event trace logs or real-time data from instrumented event trace
providers.
Tracert
The tracert command is used to show details about the path that a packet takes to a specified destination.
Tree
The tree command is used to graphically display the folder structure of a specified drive or path.
Tscon
The tscon command is used to attach a user session to a Remote Desktop session.
Tsdiscon
The tsdiscon command is used to disconnect a Remote Desktop session.
Tskill
The tskill command is used to end the specified process
Type
The type command is used to display the information contained in a text file.
Typerperf
The typerperf command displays performance data in the Command Prompt window or writes the data to
specified log file.
Tzutil
The tzutil command is used to display or configure the current system's time zone. The tzutil command can
also be used to enable or disable automatic Daylight Saving Time adjustments.
-
57
Unlodctr
The unlodctr command removes Explain text and Performance counter names for a service or device driver
from the Windows Registry.
Vaultcmd
The vaultcmd command is used to create, remove, and show stored credentials.
Ver
The ver command is used to display the current Windows version.
Verify
The verify command is used to enable or disable the ability of Command Prompt to verify that files are
written correctly to a disk.
Vol
The vol command shows the volume label and serial number of a specified disk, assuming this information
exists.
Vssadmin
The vssadmin command starts the Volume Shadow Copy Service administrative command line tool which
displays current volume shadow copy backups and all installed shadow copy writers and providers.
W32tm
The w32tm command is used to diagnose issues with Windows Time.
Waitfor
The waitform command is used to send Wbadmin
The wbadmin command is used start and stop backup jobs, display details about a previous backup, list the
items within a backup, and report on the status of a currently running backup.
Wecutil
The wecutil command is used to mange subscriptions to events that are forwarded from WS-Management
supported computers.
Wevtutil
The wevtutil command starts the Windows Events Command Line Utility which is used to manage event
logs and publishers.
-
58
Where
The where command is used to search for files that match a specified pattern.
Whoami
The whoami command is used to retrieve user name and group information on a network.
Winrm
The winrm command is used to start the command line version of Windows Remote Management, used to
manage secure communications with local and remote computers using web services.
Winrs
The winrs command is used to open a secure command window with a remote host.
or wait for a signal on a system.
Winsat
The winsat command starts the Windows System Assessment Tool, a program that assesses various
features, attributes, and capabilities of a computer running Windows.
Wmic
The wmic command starts the Windows Management Instrumentation Command line (WMIC), a scripting
interface that simplifies the use of Windows Management Instrumentation (WMI) and systems managed
via WMI.
Wsmanhttpconfig
The wsmanhttpconfig command is used to manage aspects of the Windows Remote Management (WinRM)
service.
Xcopy
The xcopy command can copy one or more files or directory trees from one location to another.
Xwizard
The xwizard command, short for Extensible Wizard, is used to register data in Windows, often from a
preconfigured XML file.
-
This book was distributed courtesy of:
For your own Unlimited Reading and FREE eBooks today, visit:http://www.Free-eBooks.net
Share this eBook with anyone and everyone automatically by selecting any of the options below:
To show your appreciation to the author and help others have wonderful reading experiences and find helpful information too,
we'd be very grateful if you'd kindlypost your comments for this book here.
COPYRIGHT INFORMATION
Free-eBooks.net respects the intellectual property of others. When a book's copyright owner submits their work to Free-eBooks.net, they are granting us permission to distribute such material. Unless otherwise stated in this book, this permission is not passed onto others. As such, redistributing this book without the copyright owner's permission can constitute copyright infringement. If you
believe that your work has been used in a manner that constitutes copyright infringement, please follow our Notice and Procedure for Making Claims of Copyright Infringement as seen in our Terms of Service here:
http://www.free-ebooks.net/tos.html