Managing Windows Systems with Command

Managing Windows Systems

As an administrator, it’s your job to plan, organize, and track the details that keep the network running. If you’re to survive without just muddling through, you need to learn how to do those jobs quickly and efficiently. Fortunately, Windows supplies plenty of command-line tools to help you with these tasks and this chapter discusses some of the more important tools for daily systems management.

Examining System Information

Often when you are working with a user’s computer or a remote server, you’ll want to examine some basic system information, such as who is logged on, the current system time, or the location of a certain file. Commands that help you gather basic system information include

• NOW  Displays the current system time and date using a 24-hour clock, such as Sat May 9 12:30:45 2003. Available in the Windows Server 2003 Resource Kit only.
• WHOAMI  Displays the name of the user currently logged on the system, such as adatum\administrator.
• WHERE  Searches for files using a search pattern and returns a list of matching results.

To use NOW or WHOAMI, simply type the command in a command shell window and press Enter. With WHERE, the most common syntax you’ll use is

where /r baseDir filename

Here, /r is for a recursive search starting from the specified directory (\BaseDir) and including all subdirectories, and filename is the name or partial name of the file to search for, which can include wildcards. Use ? as a wildcard to match a single character and * as a wildcard to match multiple characters, such as data???.txt or data*.*. In the following example, you search the C:\ directory and all subdirectories for text files that begin with data, as follows:

where /r C:\ data*.txt

You can also search for files of all types that begin with data, as in this example:

where /r C:\ data*.*

Sometimes when you are working with a computer, you’ll want to obtain information on the system configuration or the system environment. With mission-critical systems, you may want to save or print this information for easy reference. Commands that help you gather system information include

• DRIVERQUERY  Displays a list of all installed device drivers and their properties, including module name, display name, driver type, and driver link date. With verbose output, the command also lists the driver status, state, start mode, memory usage, and file system path. Use the /V parameter to get verbose output of all unsigned drivers.
• SYSTEMINFO  Displays detailed system configuration information, including operating system version, system type, system manufacturer, processor, BIOS version, memory size, local setting, time zone setting, and network card configuration.
• NLSINFO  Displays detailed locale information, including default language, system locale, windows code page, time and number formats, time zone, and installed code pages. Available in the Windows Server 2003 Resource Kit only.

To use these commands on a local computer, simply type the command name in a command shell window and press Enter. With DRIVERQUERY, use the /V parameter to get verbose output and the /Si parameter to display properties of signed drivers, such as

driverquery /v /si

With the DRIVERQUERY and SYSTEMINFO commands, you can also specify the remote computer to query and the Run As permissions. To do this, you must use the expanded syntax, which includes the following parameters:

/S Computer /U [Domain\]User [/P Password]

where Computer is the remote computer name or IP address, Domain is the optional domain name in which the user account is located, User is the name of the user account whose permissions you want to use, and Password is the optional password for the user account. If you don’t specify the domain, the current domain is assumed. If you don’t provide the account password, you are prompted for the password.

To see how the computer and user information can be added to the syntax, consider the following examples:

Use the account adatum\wrstanek when querying MAILER1 for driver settings:

driverquery /s mailer1 /u adatum\wrstanek

Use the account adatum\administrator when querying CORPSERVER01 for system information:

systeminfo /s corpserver01 /u adatum\administrator

Tip

The basic output of these commands is in table format. You can also format the output as a list or lines of comma-separated values using /Fo List or /Fo Csv, respectively. You may wonder why you should use the various formats. That’s a good question. I recommend using the verbose list format (/Fo List /V) when you want to see all details about tasks configured on a system and when you are troubleshooting. I recommend using comma-separated values when you want to store the output in a file that may later be exported to a spreadsheet or flat-file database. Remember you can redirect the output of the DRIVERQUERY and SYSTEMINFO commands to a file using output redirection (> or >>).