50 Basic Windows Commands with Examples

Learn basic windows commands that can help you with troubleshooting, configuration, and gathering system details.

Most of these commands are built into windows so there is no need to download or install anything (the only exception is the Sysinternals commands). Also, these Windows Commands can be run from the command prompt or PowerShell console.

Let’s get started.

1. ping (test network connection)

The ping command tests network connectivity between two devices by sending ICMP echo requests. For example, computer A tests if it has connectivity to computer B by sending some packets back and forth.

The ping command is still one of my favorite tools for testing basic network connectivity. It’s fast and very easy to use. In addition, I use it for the following:

• Test for packet loss
• Test latency
• Test DNS queries
• Test connectivity with configuring new connections (can my router talk to the next hop such as the ISPs router?)

Ping Examples

To test the connectivity to another device by IP use the command below.

ping 192.168.100.1

Ping by hostname.

ping dc1.ad.activedirectorypro.com

For most windows commands you can type the command followed by /? to view the help info, it will display the full syntax and parameters. So to view the help for ping use this command:

ping /?

-l switch specifies a packet size.

ping -l 2024 192.168.5.1

-a switch will do a reverse name resolution on the IP (PTR record lookup).

ping -a 142.250.177.46

-t switch will do a continuous ping. A very popular command for testing network connectivity.

ping -a 192.168.5.1

Send any command output to a text file.

ping -t > c:\it\test-ping.txt

For more details on the ping command see Microsoft’s ping documentation.

2. ipconfig (get network adapter details)

The ipconfig command is used to display a computers TCP/IP configuration. You can display the IP info for a single or all network cards installed on a computer.

This command can also display the DNS cache on the local machine, flush DNS, release and renew the DHCP address on all network cards.

ipconfig command examples

To view the IP configuration for all network cards on a computer type the command below and press enter.

ipconfig /all

/all switch to display IP info for all network cards.

ipconfig /all

/flushdns switch to clear the local DNS resolver cache.

ipconfig /flushdns

/registerdns to trigger dynamic registration of the DNS names and IP addresses that are configured on the computer.

ipconfig /registerdns

/release to release DHCP addresses. This will release DCHP address on the network cards that are configured for DHCP.

ipconfig /release

/renew switch will renew DHCP address for all network cards.

ipconfig /renew

/displaydns switch will display the DNS client cache.

ipconfig /displaydns

3. nslookup (find dns records)

The nslookup command is used to check DNS records and troubleshoot DNS. This is a must-have command for any sysadmin or network engineer. You can do all kinds of tests to verify DNS is working correctly, you can check PTR, A, MX, SOA, and many other types of DNS records. It’s another one of my favorite windows commands for network troubleshooting.

Nslookup command examples

To test that the A record of a hostname follow these two steps

Step 1: Type nslookup and press enter

Step 2: type in a domain name and press enter

4. tracert (network troubleshooting)

The tracert command is used to track the pathway a packet takes from a source IP to the destination address. This simply means it’s going to display each hop (router) that the packet passes through to reach its destination.

This command I don’t use very often but still comes in handy when troubleshooting the network. For example, we had some speed issues with a website from our ISP, on a different ISP we had no issues. The ISP had us run a traceroute so they could see the path it took.

Tracert examples

The syntax for this command is tracert followed by the hostname or IP.

tracert google.com

This command has very few options. The only command line switch on this one that I find useful is the -d which is used to not resolve the address to hostname.

5. shutdown command

The shutdown command does exactly that, it shuts down a computer. This command is useful for shutting down or restarting local or remote computers. It also provides a quick way to see all the logs for why a computer restarted or was shut down.

shutdown examples

This command will restart computer pc2.

shutdown /r /m \\pc2

This command will shut down the remote computer.

shutdown /s /m \\pc2

View previous shutdown/restart logs.

shutdown /d

Here is an example output for the shutdown /d command. This can be useful to quickly check why a computer restarted or shutdown.

More shutdown examples

Some of these use multiple switches, refer to the help file shutdown /? for an explanation of each command switch.

Log user off of a remote computer.

shutdown /l /m \\pc2

Restart a remote computer with no countdown.

shutdown /r /m \\pc2 /t 0

Shutdown the local computer and specify the time period before shutdown in seconds.

shutdown /s /t 60

Shutdown a remote computer with a custom message.

shutdown /m \\pc2 /c "Rebooting computer, have a nice day"

Abort a system shutdown.

shutdown /a

Force applications to close without warning.

shutdown /s /f

6. gpupdate (group policy update)

The gpupdate command is used to apply group policies on a computer in a windows domain. This is a very popular command, I see a lot of helpdesk techs that use it. Sometimes you can run this command to refresh the GPOs and avoid a reboot but that doesn’t always work.

gpupdate command examples

This command will pull down any GPO changes to the computer.

gpupdate

Use /force to reapply all the GPOs on the computer.

gpupdate /force

Check out my gpupdate tutorial for more examples and a video walkthrough.

7. netstat (display network connections)

This is such an awesome command.

The netstat command displays TCP/IP connection information, ethernet stats, and the computer’s routing table. As a sysadmin I use this command on Windows servers and clients when troubleshooting connection issues. I can verify application servers are working correctly by checking that the service is running and listening for connections on the port.

netstat command examples

Display all active and listening ports.

netstat -a

Display all connections in numerical order.

netstat -a -n

Here is the output of the above command. You can see how you can verify server and client connectivity. It shows that my domain controller with IP 192.168.100.10 has established these four connections with IP 192.168.100.11.

More netstat examples

Displays the executable that is used to create the connection.

netstat -ab

Displays ethernet statistics. This is a quick way to check for network card errors and discards.

netstat -e

Displays the exe and the process ID (PID) associated with the connection.

netstat -abo

Displays the computer local routing table.

netstat -r

Displays FQDN with the connection info.

netstat -af

8. dcdiag (test domain controller)

If you are the administrator of Active Directory then you must know this command. This command will analyze the state of your domain controllers, it has over 30 built in tests. You should be running this command at regular intervals to ensure your domain environment is healthy.

dcdiag examples

To run dcdiag on a specific domain controller use this command

dcdiag /s:DC1

9. net stop and net start (windows services)

Simple command to start and stop windows services.

Examples

In this example, I will stop and start the printer spooler service.

net stop spooler

and now start the spooler service.

net start spooler

That is it for this command, there are no additional parameters.

10. systeminfo

The systeminfo command displays configuration details on a computer such as OS name and version, hardware information, boot time, logon server, and more.

There are a lot of details this command displays, I like to use this command to check the windows server uptime and when it was last booted.

You can run this command on remote computers with the /s parameter.

system info /s pc1

11. getmac (get mac address)

This command returns the MAC address from all the network cards on a system. When troubleshooting a client connection issue I will often need the computer’s MAC address so I can verify I see it connected on the switch. This command is the best way to quickly grab a computer’s MAC address.

To run it on a local computer just type getmac.

To run on a remote computer use the /s parameter.

getmac /s pc1

12. gpresult (group policy results)

The gpresult command reports on what group policies and settings are applied to a user or computer.

This is another must know command if you work with Active Directory servers.

To display all applied GPOs run this command. Note: You need to run the command prompt in administrator mode or it will not generate a full report.

gpresult /r

The above command will give a report for both user and computer applied GPOs.

and the computer settings.

More GPResult examples

Display GPOs applied to the user.

gpresult /r /scope:user

Display GPOs applied to the computer.

gpresult /r /scope:computer

Display GPOs for a remote computer.

gpresult /s pcname

Generate an HTML report.

gpresult /h c:\report.html

Send command output to a text file.

gpresult /r > c:\result.txt

13. whoami command

This command displays who is currently logged on to the local system. It also can display what groups a user belongs to. Use this command to display the logged on users group membership.

Get the current logged on user.

whoami

Display the user groups to which the current user belongs.

whoami /groups

Pretty cool right?

More whoami commands

Display the user name in UPN format

whoami /upn

Displays current domain, username and users SID

whoami /user

Displays all information for the current user

whoami /all

14. telnet client

I use the windows telnet client to test if a remote host is allowing connection on a specific port. I typically use this when someone says your firewall is blocking a program from working.

If you know the port number the application runs on you can use the command below. In this example, I installed filezilla server so port 21 should be open.

The syntax is telnet + hostname or IP + port number

telnet srv01 21

You may or may not get a response back from the remote server. In this case with filezilla I do. You could also just get a blank screen on a successful connection.

If it doesn’t get a connection you should get a message like the below.

That is all I use the telnet client for. For complete command syntax view Microsoft’s telnet documentation.

15. set (get system details)

The set command displays environment variable information.

I don’t use this command that often but still is useful to check a user’s logon server or quickly look at the environment variables.

One little trick with this command is you can type the command followed by string and it will only display those results. For example, if I want to find everything that starts with path I would use this command

set path

Now it just displays everything that starts with “path”.

16. cd (change directory)

The cd command allows you to change to another directory on your computer.

For example to change to the windows directory use this command.

cd windows

17. mkdir (make directory)

The mkdir command will create a directory or subdirectory. It creates the directory in the current directory. For example, in the command prompt, my path is c:\it, if I type mkdir folder1 it will create folder1 in the c:\it folder.

If I look in windows explorer I’ll see the folder1 directory.

18. sfc (system file checker)

The sfc command can be used to verify and replace important windows system files. If you experience a blue screen or other crashes the sfc command may fix the issue. The below command will scan all protected operating system files and repair if needed.

sfc /scannow

sfc /verifyonly

19. net use (connect to network resources)

The net use command is used to connect and remove shared sources such as network drives and printers.

In this example, I’ll map a network drive to my srv-vm1 server

net use \\srv-vm1\share

You can use net use to list resources.

To remove a resource use /delete

net use z: /delete

20. chkdsk (check disk)

The chkdsk command scans the file system on the disk and checks the integrity of the files and metadata. There are many command line options with this command so check the help menu for full details (chkdsk /?).

To check the disk in read-only mode run the below command.

chkdsk

Use /F to fix any errors found on the disk.

chkdsk /f

21. Route Print (View local routing table)

To view the local computers routing table use the route print command. This is useful when the computer has multiple network interface cards and you need to determine the route network traffic is taking.

route print

22. powercfg (Power Settings)

List and configure power settings with the powercfg command

List all power schemes:

powercfg /list

Change monitor timeout:

powercfg /change monitor-timeout-ac 5

Check out the powercfg guide from Windows Central for more examples.

23. tasklist (display running processes)

Tasklist will display the running processes on the local computer.

24. taskkill (end process)

Terminate a process by the PID number. In this example, I forcefully end process PID 1808.

taskkill /pid 1808 /f

25. format

The format command is used to format a partition on a hard drive or flash drive. This will wipe all data from the partition.

In this example, I will format the E drive to the NTFS file system.

format e:  /fs:NTFS

26. cls (clear screen)

The cls command will clear the command prompt console. This is useful when the screen has a lot of information on it and you want a blank screen.

At the windows command prompt type cls and press enter to clear the screen.

27. diskpart

Diskpart allows you to manage disks, partitions, and volumes on your local computer. You can delete, create, format, extend and shrink volumes.

To display a list of disks on the local computer is these commands.

diskpart
list disk

28. robocopy

Robocopy allows you to easily copy files and directories from one location to another. This is a very popular windows command for moving file servers to another server.

Copy files from one server to another.

robocopy c:\source \\srv-vm2\share /z /e /copyall

For more examples, check out my guide 21 robocopy examples with screenshots.

29. xcopy

Xcopy is another windows command used to copy files and folders. To copy all files and folders to a new location use this command.

xcopy c:\myfolder e:myfolder

30. del

The del command is used to delete files and folders. Deleting files with the del command does not go to the recycle bin.

Delete a single file.

del c:\it\pass.txt

Delete all exe files.

del c:\it\*.exe

Delete files and subfolders.

del c:\it\*.*

31. assoc (file association)

The assoc command displays or modifies file name extension associations.

List all current file name extension associations.

assoc

Here is an example of creating a file association. I will associate the .jpg file extension with jpegfile file type.

assoc .jpg=jpgfile 

32. schtasks (scheduled tasks)

The schtasks commands lets you add, remove, change and view scheduled tasks on the local computer.

View scheduled tasks:

schtasks

Delete a scheduled task:

SCHTASKS /Delete /TN "\Backup\Backup and Restore"

33. net user

The net user command displays user account information on a local computer or the domain.

On a PC type net user to see the computer’s account info.

To get all the user accounts from the domain controller.

net user /domain

Get domain account details.

net user username /domain

34. arp

The arp command displays and modifies the Address Resolution Protocol (ARP) cache on the local computer.

Display the arp cache for all interfaces:

arp -a

To clear the arp cache use this command:

arp -d

35. hostname

This windows command displays the host name of the computer.

hostname

36. cipher (encrypt data)

The cipher command is useful for overwriting deleted data in windows. When you delete data from Windows the data can be recovered by using data recovery software. With the cipher command, you can remove the deleted data from the disk so no one can recover it.

To overwrite deleted data on a volume use the /w switch. For example, I’ll clean the c:\it\private path

cipher /w:c:\it\private

37. fc (file compare)

The fc command compares two files and displays the difference between the two.

In this example, I’ll check the difference between two text files (ping1.txt and ping2.txt).

fc c:\it\ping1.txt c:\it\ping2.txt

38. psexec

PsExec allows you to execute commands on remote computers. This is useful when you need to troubleshoot a remote computer without taking full control of it.

In this example, I’ll run ipconfig on the remote computer pc1 to get the IP address information.

psexec \\pc1 ipconfig

To learn more check out my full psexec tutorial.

39. Sysinternals

Sysinternals is a suite of utilities developed by Mark Russinovich and Bryce Cogswell that is used to troubleshoot and monitor Windows computers. The suite of tools became very popular with IT administrators for monitoring windows processes and gathering system details. In 2006 Microsoft acquired the company and its assets.

You can download the suite of tools from the Sysinternals website.

40. rsop (group policy settings)

The RSOP command creates a report of the policies applied to a computer and user. This is useful for troubleshooting group policy settings on a local computer.

This command requires running with local administrator rights.

rsop

For more details and examples check my full Rsop tutorial.

41. mmc

mmc opens the Microsoft Management Console. You can then add/remove your own snap-ins for quick access to different management consoles.

42. dir

The dir command lists all files and directories in a specific directory.

To list the contents of the current directory use this command:

dir

To list the contents of another folder either change to that directory or type dir and its path. For example, I’ll list the contents of c:\it\private.

dir c:\it\private

If the directory has a lot of files and folders you may want to pause the directory listing so you can view it.

dir /p

43. runas

Runas allows you to run a specific tool or program as a different user. For example, you are logged in as a regular user (no administrator rights) and you need to run a program with an account that has local administrator rights.

In this example, I’m logged in as adpro\adam.reed and I’ll run a program (notepad) as the local administrator account.

runas /user:administrator c:\windows\notepad.exe

44. rmdir (remove directories)

Do you need to remove a directory? The rmdir command will delete a directory.

The default command will only delete empty directories. If you want to delete a directory and the files in the directory use the /s switch.

For example, I’ll delete the c:\it\private and all files in that directory.

rmdir c:\it\private /s

45. w32tm (time service)

The w32tm command is used to configure the windows time service settings. If you need to configure the time service to point to a network time server you can use this command to configure the settings.

To view the time service configuration run this command.

w32tm /query /computer: /configuration 

This command has a lot of options it’s more complicated than it should be. Check out the w32tm documentation page for more details.

46. msiexec (install msi files)

The msiexec command can be used to install and modify msi and MSP installer packages. This command is commonly used to silently install software using a msi installer.

Install a package.

msiexec /i c:\install_file.msi

Install a package with no user interaction.

msiexec /i c:\install_file.msi /quit

47. ver

The ver command displays the Windows version.

48. manage-bde (BitLocker)

Check bitlocker status, encrypt and decrypt data drives.

Check if bitlocker status.

manage-bde -status

Turn on bitlocker and encrypt the drive.

manage-bde -on

49. findstr

Findstr searches for patterns of text in files.

For example, I’ll look for the word food in file ping1.txt

findstr food c:\it\ping1.txt

The above command will search inside the file for any instance of the string food.

Here is what the text file looks like.

See the Microsoft findstr documentation for more examples.

50. mstsc

The mstsc command starts a remote desktop session to another computer or allows you t edit a .rdp configuration file.

Connect to the server using full screen, I’ll use 192.168.100.10 in these examples.

mstsc /f 192.168.100.10

Span rdp across multiple monitors.

mstsc /span 192.168.100.10

Is there a command to list all Windows commands?

You can type help to get a list of the system default commands.

Unfortunately, this will not list commands that have been installed by other programs like the RSAT tools. To see a complete list of commands the Microsoft Windows Commands documentation.

How do I run the command prompt as administrator?

This is a great question as some commands will not run unless the command prompt is in administrator mode.

To run the command prompt as an administrator right click on “command prompt” and select “Run as administrator”

Summary

All of these commands can be used in PowerShell or the old (and dead) Windows CMD. These commands are great no matter where you are in your IT career. I’ve used some of these commands since I started as a helpdesk tech and still use them as a sysadmin/network engineer.

Got any commands you still use? Please share them in the comment section below.