1. Repadmin /replsummary
- (This is a great command it gives you a snapshot of the state of your active
directory replication and how long it is since a partition has replicated). You
should not expect to see longer than 1 hour since last replication if
everything is healthy. The number of dots at the beginning of this command -3
denotes a DC. This lists up to 50 DCs per line, so two lines is 97 !
2. Repadmin /showrepl /repsto - This command displays the replication partners for each naming context that is held on the specified DC. This enables you to build a picture of the replication topology.
3. Repadmin /queue - This command run against a particular DC determines if its replication queue has any entries. If it has it may indicated it is overloaded.
4. Repadmin /viewlist * - this lists all the DCs in the Forest. This is limited at this point to output upto 999 DCs
By default, if no directory partition is provided in the parameter, the command performs its operations on the
configuration directory partition.
For examples of how to use this command, see Examples.
Repadmin
Netdiag
Netdiag command will allow you to test and isolate network connectivity problems on all types of client computers. Once launched, Netdiag perform a series of tests to determine the operational status of communication between your network and client computers.
Netdiag is available with the support tools included with Windows Server 2000 and Windows Server 2003. With Windows Server 2008, all these tools have been integrated, allowing the removal of these tools have to deliver media. However the Netdiag was not the subject of integration since the Dcdiag makes network test options equivalent.
The syntax of the command netdiag:
netdiag[/q] [/v] [/ a] [/debug] [/d:domainname] [/fix] [/dcaccountenum] [/test:TestNamet] [/skip:TestName]
netsh -c diag
netsh diag>connect iphost chicagotech.net 80
Result:
IPHost (chicagotech.net)
IPHost = chicagotech.net
Port = 80
Server appears to be running on port(s) [80]
How to configure the TCP/IP protocol
The following command configures the interface named chicagotechnet with the static IP address 10.0.5.99, the subnet mask of 255.255.255.0, and a default gateway of 10.0.5.1:
set address name="chicagotechnet" source=static addr=10.0.5.99 mask=255.255.255.0 gateway=10.0.5.1
1) netsh -c firewall
2) set portopening tcp 8080
How to run netsh
To run a netsh command, you can start netsh from the Cmd.exe prompt and change to the context that contains the command you want to use. Or you can do netsh -c option. If the contexts that are not available to you, you may receive an error message. For example, if you type netsh -c firewall at the Netsh command prompt, you change to the firewall context, but if you do not have firewall installed the following message appears:
The following command was not found: firewall.
How to use netsh to configure remote computer
To switch the specified adapter from a static address to DHCP, type the following command:
netsh interface ip set address "chicagotechnet" dhcp
To change to a static address, type the following command:
netsh interface ip set address "chicagotechnet" static ipaddr subnetmask gateway metric.
For troubleshooting TCP/IP issue, you may need to reset the TCP/IP protocol stack configurations on your interface. To do that, use this command: netsh int ipv4 reset resetlog.txt
2. Repadmin /showrepl /repsto - This command displays the replication partners for each naming context that is held on the specified DC. This enables you to build a picture of the replication topology.
3. Repadmin /queue - This command run against a particular DC determines if its replication queue has any entries. If it has it may indicated it is overloaded.
4. Repadmin /viewlist * - this lists all the DCs in the Forest. This is limited at this point to output upto 999 DCs
5. Netdom /query FSMO - This is a nice quick command to
display which server(s) currently hold the Forest and Domain Wide FSMO roles.
Repadmin /syncall
Synchronizes a specified domain controller with all of its
replication partners.By default, if no directory partition is provided in the
For examples of how to use this command, see Examples.
Syntax
repadmin /syncall [] []
Parameters
|
Parameter
|
Description
|
|
DSA |
Specifies the host name of a domain controller. For
detailed syntax, see Repadmin . |
|
|
Specifies the distinguished name of the directory
partition. |
|
|
The flags in the following list are supported.
|
Examples
The following example synchronizes the target domain controller will all its partners, including domain controllers in other sites. The output displays the partners by their distinguished names, rather than their globally unique identifiers (GUIDs). This example aborts the command if any one partner is not available:repadmin /syncall dst-dc01 dc=contoso,dc=com /d /e /a
Additional references
Command-Line Syntax KeyRepadmin
Netdiag
Netdiag command will allow you to test and isolate network connectivity problems on all types of client computers. Once launched, Netdiag perform a series of tests to determine the operational status of communication between your network and client computers.
Netdiag is available with the support tools included with Windows Server 2000 and Windows Server 2003. With Windows Server 2008, all these tools have been integrated, allowing the removal of these tools have to deliver media. However the Netdiag was not the subject of integration since the Dcdiag makes network test options equivalent.
The syntax of the command netdiag:
netdiag[/q] [/v] [/ a] [/debug] [/d:domainname] [/fix] [/dcaccountenum] [/test:TestNamet] [/skip:TestName]
The detailed parameters
of the netdiag are:
- /q: This parameter specifies an output message and simplified
display only error messages.
- /v: This setting allows you to run Netdiag mode and display
detailed information regarding the action taken.
- /l: This setting allows you to export the output of the message
to a file Netdiag.log. This file will be created in the same directory
where the command was executed Netdiag.
- /debug: This parameter allows you to execute the command in debug
mode. This mode has an output more detailed than the / v.
- /d: domainname: This parameter allows you to locate a domain
controller in the specified domain.
- /fix: This parameter is used to correct minor problems for example
relating to the DNS (Domain Name Server) and test domain controller, as
follows:
- DNS: If the
computer is a domain controller, Netdiag.exe verifies all the DNS entries
in the Netlogon.dns file to determine if they are correct. In addition,
Netdiag.exe updates the appropriate entries if it detects a problem.
- Test
domain controller: If the domain GUID cached
in a local computer on your primary domain is different than the domain
GUID stored in a domain controller, Netdiag attempts to update the domain
GUID on the local computer.
- /dcaccoutenum: This parameter allows you to enumerate the user accounts from
the domain controller.
- /test:
TestName: This setting lets you specify the
tests you want to execute. If you want to specify more tests, please
separate each name with a space test. TestName must have one of the
following values:
- Autonet: test of the address APIPA
(Automatic Private IP Addressing)
- Bindings:
test link
- Browser:
test and redirect the browser
- Dclist
test from the list of domain controllers
- DefGw:
test of the default gateway
- DNS: DNS
test (Domain Name Service)
- DsGetDc:
test of the discovery of the domain controller
- Ipconfig:
test the IP address configuration
- IpLoopBk:
test loopback ping the IP address
- IPSec:
test IPSec (Internet Protocol security)
- IPX test:
IPX Protocol (Internetwork Packet Exchange)
- Kerberos:
Kerberos Test
- Ldap:
Test LDAP (Lightweight Directory Access Protocol)
- Member:
test of belonging to the field
- Modem:
diagnostic modem
- NbtNm:
test name NetBIOS over TCP / IP (NetBT)
- Ndis:
test queries the NIC
- NetBTTransports:
NetBT transports test
- Netstat:
Netstat information test
- NetWare:
NetWare test
- Road test
of the routing table
- Trust:
test Relations Approval
- WAN: test
of the configuration of wide area network (WAN)
- WINS:
test Service (WINS Windows Internet Naming Services)
- Winsock:
Winsock test
- /skip:TestName
: This setting lets you specify the tests that
you do not want to run, replacing TestName by one or more elements in the
list of parameter / test: TestName. If you want to specify more tests,
please separate with a space.
Example 1 -
DSQuery to list all the OUs in your domain
Let us find how many Organizational
Units are there in your domain? This command will produce a listing of all OUs
with this command.
dsquery ou
dc=mydom,dc=com
or
dsquery ou domainroot
or
dsquery ou domainroot
Learning Points
Note 1: dc does NOT mean domain
controller, it means domain context.
Note 2: The dc commands are not case
sensitive, but they dislike spaces.
dc=mydom, dc=com will draw an error.
dc=mydom, dc=com will draw an error.
Note 3: If you haven't got any OUs
(Organizational Units), I seriously suggest that you create some to organize
your users.
Note 4: Best of all, in this
scenario, you can substitute domainroot for dc=cp.
˚
Example 2 - To
find all users in the default Users folder with DSQuery
In this example we just want to
trawl the users folder and find out who is in that container.
dsquery user
cn=users,dc=cp,dc=com
Learning Points
Note 1: The default users' folder is
actually a container object called cn=users. My point is if you try
ou=users, the command fails.
Note 2: I queried users, however
dsquery requires the singular user, not userS. Other objects that you can
query are computer (not computers!), group or even contact.
Challenge 1: Substitute OU=xyz
for cn=users, where xyz is the name of your OU. Unfortunately, cn=users
domainroot does not work.
Challenge 2: Substitute
computer for user
Example 3 -
DSQuery to list all your Domain Controllers
Suppose you want to list all of your
domain controllers, (not computers). Which command do you think would
supply the information?
dsquery server
dsquery server domainroot
dsquery server dc=cp,dc=com
dsquery server domainroot
dsquery server dc=cp,dc=com
Learning Points
Note 1: Amazingly, dsquery server,
the simplest command get the job done.
Note 2: I thank Jim D for pointing
out that we want here is the singular 'server'.
Example 4 - To
query the FSMO roles of your Domain Controllers
Here is a wonderful command to find
the FSMO roles (Flexible Single Master Roles) -hasfsmo. The arguments,
which correspond to the 5 roles are: schema, rid, name, infr and pdc.
dsquery server
-hasfsmo schema
Learning Points
Note 1: The command is -hasfsmo
not ?hasfsmo as in some documents.
Example 5 -
DSQuery to find all users whose name begins with smith*
This DSQuery example shows two ways
to filter your output and so home in on what you are looking for. Let us
pretend that we know the user's name but have no idea which OU they are to be
found. Moreover, we are not sure whether their name is spelt Smith,
Smithy or Smithye.
dsquery user domainroot -name smith*
or
dsquery user dc=cp,dc=com -name smith* d
or plain
dsquery user smith*
or
dsquery user dc=cp,dc=com -name smith* d
or plain
dsquery user smith*
Learning Points
Note 1: Remember to type the singular
user.
Note 2: Probably no need to introduce
*, you probably realize it's a wildcard.
Note 3: -name is but one of a
family of filters. -desc or -disabled are others.
Example 6 -
DSQuery to filter the output with -o rdn
The purpose of -o rdn is to reduce
the output to just the relative distinguished name. In a nutshell rdn
strips away the OU=, DC= part which you may not be interested in.
dsquery user
-name smith* -o rdn
Learning Points
Note 1: o is the letter oh (not a
number). In my minds eye o stands for output.
Note 2: There is a switch -o dn, but
this is not a switch I use.
Summary -
DSQuery
Knowledge is power. The DS
family in general and DSQuery in particular, are handy commands for
interrogating Active Directory from the command line. Perhaps the day
will come when you need to find a user, computer or group without calling for
the Active Users and Computers GUI. Next try DSGet.
What's
Netsh?
Netsh
is a command-line scripting utility that allows you to, either locally or
remotely, display, modify or script the network configuration of a computer
that is currently running. The following examples based on XP SP2.
How
to check the connection and opened portnetsh -c diag
netsh diag>connect iphost chicagotech.net 80
Result:
IPHost (chicagotech.net)
IPHost = chicagotech.net
Port = 80
Server appears to be running on port(s) [80]
How to configure the TCP/IP protocol
The following command configures the interface named chicagotechnet with the static IP address 10.0.5.99, the subnet mask of 255.255.255.0, and a default gateway of 10.0.5.1:
set address name="chicagotechnet" source=static addr=10.0.5.99 mask=255.255.255.0 gateway=10.0.5.1
How to configure Wireless using netsh
To configure an defined wireless network, use
this command: netsh wlan connect ssid=”mySSID” name=”WLAN-Profil1”
To show your current wireless settings, use this command: netsh wlan show settings
To add an already exported wireless network profile, use this command: netsh wlan add profile filename="Wireless Network Connection-BOW.xml"
To show your current wireless settings, use this command: netsh wlan show settings
To add an already exported wireless network profile, use this command: netsh wlan add profile filename="Wireless Network Connection-BOW.xml"
How to export and import
network configuration to a file
With netsh, you can export and import your
computer network configuration easy. To export your configuration, just do:
netsh –c interface dump > test.txt
When
you import this configuration, use this command
netsh
–f test.txt
How to use netsh commands for remote access
(ras)
You can administer remote access servers by
typing netsh and then ras. Following are some commands manage RAS:
• show
activeservers
• show
client
• dump
• show
tracing
• set
tracing
• show
authmode
• set
authmode
• add
authtype
•
delete authtype
• show
authtype
• add
link
•
delete link
• show
link
• add
multilink
•
delete multilink
• show
multilink
• add
registeredserver
•
delete registeredserver
• show
registeredserver
• show
user
• set
user
•
Netsh ras diagnostics context commands
•
Netsh ras IP context commands
•
Netsh ras AppleTalk context commands
•
Netsh ras AAAA context commands
How
to open port 8080 using netsh1) netsh -c firewall
2) set portopening tcp 8080
How to run netsh
To run a netsh command, you can start netsh from the Cmd.exe prompt and change to the context that contains the command you want to use. Or you can do netsh -c option. If the contexts that are not available to you, you may receive an error message. For example, if you type netsh -c firewall at the Netsh command prompt, you change to the firewall context, but if you do not have firewall installed the following message appears:
The following command was not found: firewall.
How to run Netsh with a script
If
you need to run netsh with many configurations, you can create a script for
each configuration and then run it using this command: netsh
–f How to use netsh to configure remote computer
You can configure
remote computer uisng netsh with options “-r” for the machine, “-u” for the
username, and “-p” for the password, for example: netsh -r cbg001314 -u cbg001314\blin
-p password lan show config.
How
to switch between static ip and DHCP To switch the specified adapter from a static address to DHCP, type the following command:
netsh interface ip set address "chicagotechnet" dhcp
To change to a static address, type the following command:
netsh interface ip set address "chicagotechnet" static ipaddr subnetmask gateway metric.
How
to reset IP protocol using netsh
For troubleshooting TCP/IP issue, you may need to reset the TCP/IP protocol stack configurations on your interface. To do that, use this command: netsh int ipv4 reset resetlog.txt
No comments:
Post a Comment