in

11 Critical Windows Commands for Mastering Server Administration

default image

As a fellow system administrator, I know how indispensable the Windows command line can be for managing servers. After spending years in the trenches, these 11 commands have proven to be my go-to Swiss Army knives for daily tasks and troubleshooting.

I want to share my insider tips and hard-earned knowledge to help you master these essential Windows tools like a pro. Consider this your handbook for becoming a command line guru!

Why Learn Windows Commands?

Before we dive in, let me convince you of why learning Windows commands should be a top priority:

  • Flexibility – You can accomplish many tasks without a GUI. This allows remote management and scripting.

  • Speed – Keying a few commands is often much faster than clicking through menus and screens.

  • Power – You unlock under-the-hood access to tweak, optimize, and configure your systems.

  • Efficiency – Automate repetitive tasks through batch files and scripting.

  • Troubleshooting – Commands give you visibility into processes, resources, connections, etc. to pinpoint issues.

  • Control – Fine-grained control to forcefully kill processes, edit registry settings, refresh policies, flush DNS, etc.

  • Documentation – Output can be piped to a file for logging or documentation.

The command line gives you surgical precision for both simple and advanced tasks. Let‘s dive into the commands I use daily.

1. tasklist – Quickly View Running Processes

To get a bird‘s eye view of what‘s running on your system, tasklist is my go-to for a quick snapshot. Say you noticed your CPU usage spike and want to see the culprits. tasklist will show all running processes with their PID and memory usage.

Here‘s a common example:

C:\>tasklist /FO CSV /NH 
"svchost.exe","716","31,328 K"
"MicrosoftEdge.exe","33220","121,660 K"
"Registry","88","43,544 K" 

The /FO CSV provides comma-separated output for easy analysis. I use this constantly when I see a resource spike or just want to audit what‘s running on a server.

Pro Tip: Pair tasklist with FindStr to filter for a specific process.

C:\>tasklist | FindStr /i explorer.exe
explorer.exe                     3476 Console                    1      43,544 K

This filters running processes for those matching "explorer.exe" and highlights matches. Super useful for identifying rogue or intensive applications.

2. taskkill – Forcefully Terminate Processes

When you need to eradicate a misbehaving process, taskkill is your friend. Say Internet Explorer is frozen, unresponsive, and slowing your system. taskkill can forcibly terminate it:

C:\>taskkill /IM iexplore.exe /F
SUCCESS: Sent termination signal to process ‘iexplore.exe‘ with PID 6780.

This gracefully shuts down the process, allowing it to clean up resources. For abrupt termination, the /F parameter forcefully kills it right away.

You can also use the PID if known:

C:\>taskkill /PID 6780 /F 

I mainly use taskkill as a last resort when all else fails. It‘s a lifesaver when you have an unresponsive app or process that you need to vanquish ASAP.

3. ipconfig – Quickly Check IP Address and Network Settings

To validate network connectivity and view your IP address configuration, ipconfig is the ticket. It shows your assigned IP address, subnet mask, default gateway, DNS servers and more.

C:\>ipconfig

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : example.com
   Link-local IPv6 Address . . . . . : fe80::8c56:6b3d:f74c:f123%11
   IPv4 Address. . . . . . . . . . . : 192.0.2.112 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.0.2.1

This output lets me quickly verify my network settings and troubleshoot connectivity issues if servers can‘t communicate.

Pro Tip: ipconfig /flushdns is handy for clearing your DNS cache if needed.

4. netstat – Check Open Connections and Listening Ports

If you suspect network communication issues, netstat provides a live view of open connections and listening ports.

It‘s like a network monitor giving you a play-by-play snapshot of how your system is communicating.

C:\>netstat 

Proto  Local Address          Foreign Address        State           
TCP    127.0.0.1:2869         127.0.0.1:49764        ESTABLISHED
TCP    127.0.0.1:49764        127.0.0.1:2869         ESTABLISHED
TCP    192.0.2.112:139        0.0.0.0:0              LISTENING
TCP    192.0.2.112:445        0.0.0.0:0              LISTENING
TCP    192.0.2.112:3389       0.0.0.0:0              LISTENING

With netstat, I can identify suspicious connections, view programs listening on ports, list routing tables, spot unclosed connections, and more. It‘s invaluable for network troubleshooting when latency or connectivity issues arise.

5. systeminfo – Quick System Configuration Overview

To get a high level overview of system specifications and configuration, I use systeminfo. It reports details like:

  • OS name and version
  • Hardware such as CPU, RAM, and disks
  • Network settings, domain membership, etc.
C:\>systeminfo

OS Name:                   Microsoft Windows Server 2022
OS Version:                10.0.20348 N/A Build 20348
OS Manufacturer:           Microsoft Corporation
[...] 
Total Physical Memory:     32,768 MB
[...]
Domain:                    exampledomain

This gives me key details at a glance without having to dig through control panels or hunt down specifics. It‘s great for documentation and gives you the 50,000 foot view.

6. net – Manage Network Shares and Services

The versatile net command lets you view and manage a variety of network resources. A few examples I regularly use:

C:\>net view \\SERVER01

Lists shared folders on SERVER01. Helpful to check connectivity status.

C:\>net use X: \\SERVER01\share

Maps X: drive to SERVER01‘s share. Useful for quick access instead of hunting through Network locations.

C:\>net stop "Print Spooler"

Stops the Print Spooler service. Helps restart flaky services instead of rebooting.

C:\>net user User1 /active:no

Quickly disable a user account without having to open the GUI.

net gives you easy access to network shares, users, groups, domains, and services right from the prompt. It can come in very handy for connectivity testing and managing resources.

7. nslookup – Troubleshoot DNS and Hostname Resolution

One of the first things I do when troubleshooting network issues is use nslookup to verify DNS resolution and hostname lookups.

It queries your configured DNS servers to resolve a hostname to an IP address, or vice versa.

C:\>nslookup www.google.com
Server:  UnKnown
Address:  192.0.2.23

Non-authoritative answer:
Name:    www.google.com
Address:  142.250.190.78

This validates that my DNS settings are working properly. I can also specify a DNS server for querying:

C:\> nslookup www.google.com 8.8.8.8

If name resolution is failing, nslookup helps identify whether it‘s a DNS server issue or local misconfiguration. It‘s an invaluable first step in diagnosing connectivity and browsing problems.

8. reg – Modify the Registry from the Command Line

Most Windows settings are stored in the registry, so it needs to be accessible from the command line for managing systems. The reg command lets me modify registry keys and values without having to open regedit.

For example, I can add a new registry value:

C:\>reg add HKCU\Software\MyApp /v Setting /t REG_DWORD /d 1

Or export part of the registry for backup:

C:\>reg export HKCU\Software\MyApp MyApp-Registry-Backup.reg

I can also query registry values:

C:\>reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion" /v ProductName

Lists the Windows edition.

With great power comes great responsibility. reg gives you raw access to tweak critical OS settings, so make sure you have backups and follow syntax precisely.

9. gpupdate – Force Group Policy Updates

Sometimes I need to urgently apply an updated group policy rather than wait for background refresh. gpupdate forces this by contacting the domain controller and retrieving the latest settings right away.

C:\>gpupdate /force

Updating policy... 

User Policy update has completed successfully.
Computer Policy update has completed successfully.

This verifies my policy changes were applied and activated immediately. Be mindful this can override local policy edits if conflicts arise.

I mainly use gpupdate /force after making changes on the domain controller to propagate them ASAP instead of the default 90 minute refresh cycle.

10. powershell – Launch Powershell from Cmd Prompt

With powershell, I can launch Powershell sessions directly from cmd.exe to access .NET objects, advanced functions, scripting capabilities, etc.

C:\>powershell
Windows PowerShell 
Copyright (C) Microsoft Corporation. All rights reserved.

PS C:\> Get-Process

Starts an interactive console. I can also run scripts:

C:\>powershell -File script.ps1

Or execute a cmdlet and return to prompt:

C:\>powershell Get-Service

This gives me the best of both worlds: classic cmd.exe with PowerShell‘s programming power. I probably use powershell prompts 10x more than plain cmd nowadays.

11. wmic – Query System Management Data via WMI

Last but not least, wmic unlocks access to system management data through WMI (Windows Management Instrumentation).

C:\>wmic bios get serialnumber, version

This gets my BIOS info directly from low-level WMI data, which many other native commands can‘t tap into.

Other handy examples:

C:\>wmic logicaldisk get size, freespace, caption  

C:\>wmic process list

C:\>wmic cpu get name, currentclockspeed, l2cachesize

With proper querying, you can access management info that other tools just don‘t expose.

I hope this guide has shed light on my bread-and-butter Windows commands as a sysadmin. Mastering these 11 tools is guaranteed to make you a significantly more effective server administrator. Treat this post as your handy desk reference for when you need to tap into the power of the command line!

Let me know in the comments if you have any other favorite commands or tricks to share.

Written by