---------CMD-------- rundll32.exe keymgr.dll , KRShowKeyMgr ---> Check cashed credentials, if any. rundll32.exe user32.dll, LockWorkStation ---> Lock computer. fsutil file createnew c:\temp\text.txt 100 ---> Creates file c:\temp\text.txt 100 bytes in size netsh lan sh int ---> Show network interfaces netsh int sh int ---> Show all interfaces set devmgr_show_nonpresent_devices=1 ---> Make Device Manager to show non present devices net files ---> show locked files sc start [service name] ---> start service; Can start/stop service on remote computer as well sc config messenger start= demand ---> Enable service sc queryex ---> Find Service info including PID taskkill /f /pid ---> Kill service by PID C:\Windows\System32\Sysprep\Sysprep.exe /oobe /generalize /shutdown ---> In Vista/2k8 - following command reseal (generalize) and shut down the computer dir "C:\folder" /b/s |find /v /c "::" ---> Count files in folder netsh int ip reset ---> Reset TCP/IP Stack netsh interface ipv4 add neighbors "InterfaceName" IPAddress MACAddress store=active|persistant ---> Add ARP Entry netsh interface ipv4 delete neighbors "InterfaceName" IPAddress ---> Remove ARP Entry route print ---> Show routing table netdom query fsmo ---> List who owns FSMO roles qwinsta /server:<serverName> ---> List logged in users to the Server logoff <sessionID> /server:<serverName> ---> Logoff user by Session ID from remote server rwinsta /server:<serverName> <sessionID> ---> Same as above, logoff remote session certlm.msc ---> Computer Cert Store || certmgr.msc ---> User Cert Store netsh http add iplisten <ipaddress> ---> Add IP address to IIS IP pool netsh Winhttp set proxy <proxy:port> ---> Set system wide proxy netsh winhttp show proxy ---> Show system wide proxy config
--------Windows Time Config-------- w32tm /config /manualpeerlist:"0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org 3.pool.ntp.org" /syncfromflags:manual /reliable:yes /update w32tm /config /syncfromflags:domhier /update ---> Sync with DC w32tm /query /configuration w32tm /query /source ---> Show the current source w32tm /query /peers ---> Display peers and communication status to them w32tm /stripchart /computer:<name or IP> ---> Compare local time with NTP server
--------LINUX------- iptables -t nat -A PREROUTING -p tcp --dport 3389 -j DNAT --to-destination 1.1.1.1:3389 ---> Forward port 3389 scxadmin -stop ; scxadmin -start ---> Restart SCOM agent (ps -ef | grep omi) tcpdump -npi eth0 host <IP Address> ---> Show TCP Dump for IP address
--------PowerShell-------- get-help <command> ---> Show help for the command; like man command in Linux New-PSSession -ComputerName <Comp Name> -Credential | Enter-PSSession ---> Create session and connect to remote Computer PowerShell Start-Process -FilePath "<path_toScript>" -Verb RunAs ---> Run executable or script with Admin Priveledges Set-Location -Path cert:\localmachine\my ---> Browse to LocalMachine->Personal certificate store Import-PfxCertificate -FilePath "<Path To .pfx>" ---> Import certificate in pfx format get-wmiObject win32_product | ft name, IdentifyingNumber ---> List installed software with GUID set-aduser -identity <username> -add @{attribute="text"} ---> Set AD User custom attribute to "Text" (can be -add -remove -clear -replace) Get-WmiObject -class MSFC_FCAdapterHBAAttributes -namespace "root\WMI" | Select DriverVersion, FirmwareVersion, Manufacturer, Model, SerialNumber | ft -AutoSize ---> List HBA Adapters on local Comp Set-SmbServerConfiguration -EnableSMB1Protocol $false -Force ---> Disable SMB v1 on Windows Machine Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False ---> Disable Firewall Wmic /namespace:\\root\microsoftdfs path dfsrreplicatedfolderinfo get 'replicationgroupname,replicatedfoldername,state' ---> Show DFSR Status Get-SMBOpenFile | Close-SmbOpenFile ---> Get list of open files and then close the connection get-disk -Number 1 | Initialize-Disk -PartitionStyle GPT -PassThru | New-Partition -UseMaximumSize -DriveLetter D | Format-Volume -FileSystem NTFS -NewFileSystemLabel "DDD" ---> Initialize disk 1 as GPT, Create partition D, format it as NTFS and label it DDD $Listener = [System.Net.Sockets.TcpListener]666; $Listener.Start(); start-sleep -Seconds 90 ---> Listen on port 666 for 90 seconds
--------Nutanix-------- ncc health_checks run_all ---> Run health check for the cluster export ZKLDRPATH="/appliance/logical/leaders"; for i in `zkls $ZKLDRPATH | grep -v vdisk`; do len=`echo $i | wc -c`; if [ $len -gt 40 ]; then continue; fi; lnode=`zkls "$ZKLDRPATH/$i" | head -1`; ldr=`zkcat $ZKLDRPATH/$i/$lnode`; echo $i $ldr; done ---> Show current masters for each role in the cluster allssh sudo cat /proc/meminfo | grep -i Available ---> Show free RAM on each node in cluster cvm_shutdown -P now ---> Gracefully shutdown CVM
ps -A --no-headers --format fname,rss --sort=-rss | grep cimserve ---> Check memory usage of cimserver
srvadmin-services.sh start ---> Start DellOpenManage services on ESX box