Windows

From Cheatsheet
Jump to navigationJump to search


Important applications

Desktop

SSH

Code / Automation

  • VSCodium
  • Intellij Idea

Databases

  • DBeaver

Windows management

Hypervisors

  • Hyper-V
  • VirtualBox
  • VMWare Worststation

Server

Powershell

Checks

Network

# List open ports and related IP-addresses
Get-NetTCPConnection

# Test the network-connection to a specific IP and port
Test-NetConnection -ComputerName 192.168.200.20 -InformationLevel "Detailed" -Port 443

# List basic interface information
Get-NetAdapter

# List basic interface address information
Get-NetIPConfiguration

# "To show only the listening ports we need to filter for all items in the Listen state with the remote address of 0.0.0.0"
get-nettcpconnection | where {($_.State -eq "Listen") -and ($_.RemoteAddress -eq "0.0.0.0")}

# "You can add additional fields like the process ID for each port. Changing the fields from the default requires selecting each one you want and then piping to ft (format-table)."
get-nettcpconnection | where {($_.State -eq "Listen") -and ($_.RemoteAddress -eq "0.0.0.0")} | Select LocalAddress,LocalPort,RemoteAddress,RemotePort,State,OwningProcess | ft

# "This example will get the name of the process associated with each item."
get-nettcpconnection | where {($_.State -eq "Listen") -and ($_.RemoteAddress -eq "0.0.0.0")} | select LocalAddress,LocalPort,RemoteAddress,RemotePort,State,@{Name="Process";Expression={(Get-Process -Id $_.OwningProcess).ProcessName}} | ft

Active Directory

# List available dcdiag commands
dcdiag /h

# Test all servers in this site
dcdiag /a

# Test all servers in the enterprise
dcdiag /e

# Test specific Active Directory components
dcdiag /test:connectivity
dcdiag /test:kccevent
dcdiag /test:topology
Group Policy
# Show currently applied Group Policy objects
gpresult /R

Commands

# Import users from file my-users.csv
csvde -i -f .\my-users.csv -v

# Import data from another AD using company-1.ldf
ldifde -v -i -f .\company-1.ldf

# Check for users that have been inactive for longer than 2 weeks
dsquery user -inactive 2

# Add user Kenpachi to the OU Captain, in the Seireitei.local domain, and add the description 'Strongest sword' to his account
dsadd user "CN=Kenpachi,ou=Captain,dc=Seireitei,dc=local" -desc "Strongest sword"

# Find all users that haven't changed their password in the last 10 days
dsquery user -stalepwd 10

## patienten5.csv
 # GivenNAme,Surname,Name,SamAccountNAme,Description,Department,EmployeeID,Path,Enabled,Password,PasswordNeverExpires
 # User,local1,Userlocal1,Userlocal1,Userlocal1,IT,189478,"OU=test,DC=BMC,DC=local",$True,a$$w0rd,$True
 # User,local2,Userlocal2,Userlocal2,Userlocal2,IT,187516,"OU=test,DC=BMC,DC=local",$True,a$$w0rd,$True

# Import and create users Userlocal1 and Userlocal2 from the given .csv file, and populate certain fields with the given values
Import-Csv -Path .\patienten5.csv | New-ADUser

# Add various metadata values to the Kirby user, located in the Protagonists OU, existing in the Dreamland.local domain
dsmod user "CN=Kirby,ou=Protagonists,dc=Dreamland,dc=local" -office Skyborn -Title Hungry -dept Mental -webpg www.dreamland.local/Kirby -company Dreamland.local

# Find all users with the description 'Wrestler', and modify their manager to be 'Hulk Hogan' located in the Legendary OU in the WWE domain
dsquery user -desc Wrestler | dsmod user -mgr "cn=Hulk Hogan,OU=Legendary,DC=WWE,dc=local"

# Turn all disabled users within the WuTang folder into enabled users
dsquery user ou=WuTang,dc=Clan,dc=local -disabled -limit 0 | dsmod user -disabled no

# Create folder 2019 in the Students OU
New-ADOrganizationalUnit -Name "2019" -Description "The year 2019" -Path "OU=Students,DC=Rotterdam,DC=.nl

Active Directory

# Check what has yet to be replicated
repadmin /queue

# Perform a Consistency Check for the local server
repadmin /kcc

# Show basic replication information, neighbours, last attempts and their statuses
repadmin /showrepl

# Show statistical data concerning replication
repadmin /replsummary

# Replicate Active Directory changes/settings/configuration
repadmin /syncall
Group Policy
# Force a Group Policy update on the device you execute this on
gpupdate /force

Firewall

# Turn off your Firewall entirely
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled false

Command Prompt

Checks

Common

# Open the System information window
msinfo32

Network

# List all available routes
route print

# List detailed Network information
ipconfig /all

Commands

Common

# Open Server Configuration menu for common configuration
sconfig

# Logout the current user
logoff

# Open User Management
lusrmgr.msc

# Add this machine (SRV01) to domain clinic.local, ask for a password prompt for the Administrator user password
NETDOM JOIN SRV01 /Domain:clinic.local /UserO:Administrator /PasswordO:* /SecurePasswordPrompt
Shutdown or restart
# Shutdown the computer
shutdown /s

# Restart the computer (60 seconds time-out)
shutdown /r

# Shutdown the computer in 200 seconds
shutdown /t 200

# Restart the computer right now
shutdown /r /t 0

# Abort a timed shutdown
shutdown /a
Windows Update

https://learn.microsoft.com/en-us/windows-server/administration/server-core/server-core-servicing 

# For Windows Server Core, use the sconfig menu for easy Windows Update configuration
sconfig
# Check current configured settings
%systemroot%\system32\Cscript %systemroot%\system32\scregedit.wsf /AU /v

# Disable automatic updates
Net stop wuauserv
%systemroot%\system32\Cscript %systemroot%\system32\scregedit.wsf /AU 1
Net start wuauserv

# Enable automatic updates
Net stop wuauserv
%systemroot%\system32\Cscript %systemroot%\system32\scregedit.wsf /AU 4
Net start wuauserv

# Update and install updates
Wuauclt /detectnow
License
# For Windows Server Core, use the sconfig menu for easy license installation and activation
sconfig
# Install a license key
slmgr.vbs /ipk ASDI1-POQW2-QOWE5-ASDP0-QWEI3

# Activate installed license key
slmgr.vbs /dli

# Verify active license
slmgr.vbs /dli

Network

# Add a route for a specific network
route add 192.168.15.0 mask 255.255.255.0 192.168.15.1

# Delete a route for a specific network
route delete 192.168.15.0 mask 255.255.255.0 192.168.15.1

Firewall

# Allow ICMPv4 communication inwards
netsh advfirewall firewall add rule name="ICMPv4 Allow" protocol="icmpv4:8,any" dir=in action=allow

Shares

net share sharename=folderpath /grant:username,permissions
permission: Read, Change or Full

# Create the folder and share it with a user
mkdir C:\Shares\Users\Mike
net share MyShareName="C:\Shares\Users\Mike" /grant:"big.mike,FULL"

# Delete the share
net share MyShareName /DELETE

# Create a share but with multi-user access
net share Karel="C:\Shares\Users\Mike" /grant:"Big.Mike,FULL" /grant:"Big.John,READ" /grant:"Administrator,FULL"

Sysprep

  1. Download and install updates;
  2. Restart;
  3. Repeat step 1 and 2 until no more updates are available;
  4. Optionally disable automatic updates;
  5. Set the proper timezone;
  6. Set proper keyboard/region format;
  7. Optionally activate your license;
  8. Optionally enable Remote Desktop - "Allow remote connections to this computer"
  9. Optionally take a snapshot before the sysprep;
  10. Perform a Sysprep (see commands below).
# Sysprep
C:\Windows\System32\Sysprep\sysprep.exe /generalize /shutdown

# Sysprep using an unattend.xml
C:\Windows\System32\Sysprep\sysprep.exe /generalize /shutdown /unattend:C:\Windows\System32\Sysprep\unattended.xml
Retrieved from "https://wiki.brammerloo.nl/index.php?title=Windows&oldid=695"