# 15 Best Windows CMD Commands

In this post, I’m going to show you the best Windows cmd commands that every network and system administrator should know.

In fact:

I still prefer these basic windows commands over PowerShell for basic troubleshooting tasks. The good thing is these commands are compatible with PowerShell so you can use them from the Windows command prompt or PowerShell console.

## What are Windows CMD Commands?

Windows commands are small programs that interact with the operating system to provide you with systems information. They are also used to automate many IT operations that administrators must perform. PowerShell is the predecessor to the Windows command prompt but it still remains part of the Windows operating system. All windows commands can be run from the PowerShell console and used in scripts.

Although PowerShell is the preferred choice for automating operations there are still many great Windows commands that you should know. They are still the best option for basic network and computer troubleshooting. In addition, they are great for getting systems details like the IP address, hostname, and so on.

When an IT technician works on a computer they will often use windows commands to get system details and troubleshoot an issue. In this guide, I walk through many of those commands used by the helpdesk and sysadmins.

## 1. ping

The ping command tests network connectivity between two devices by sending ICMP echo requests. For example, computer A tests if it has connectivity to computer B by sending some packets back and forth.

The ping command is still one of my favorite tools for testing basic network connectivity. It’s fast and very easy to use. In addition, I use it for the following:

• Test for packet loss
• Test latency
• Test DNS queries
• Test connectivity with configuring new connections (can my router talk to the next hop such as the ISPs router?)

### Ping Example

To test the connectivity to another device by IP or hostname use the command below

ping 192.168.100.10

or by hostname

ping dc1.ad.activedirectorypro.com

For most windows commands you can type the command followed by /? to view the help info, it will display the full syntax and parameters. So to view the help for ping use this command:

ping /?

### More Ping Examples

-l switch specifies a packet size

ping -l 2024 192.168.5.1

-a switch will do a reverse name resolution on the IP (PTR record lookup)

ping -a 142.250.177.46

-t switch will do a continuous ping. A very popular command for testing network connectivity.

ping -a 192.168.5.1

Send any command output to a text file

ping -t > c:\it\test-ping.txt

Here is the ping command ran from PowerShell. It’s the exact same syntax as using CMD.

For more details on the ping command see Microsoft’s ping documentation.

## 2. ipconfig

ipconfig is used to display system TCP/IP configuration. You can display the IP info for a single or all network cards installed on a computer.

But.. Wait there is more!

This command can also display the DNS cache on the local machine, flush DNS, release and renew the DHCP address on all network cards.

### ipconfig command example

To view the IP configuration for all network cards on a computer type the command below and press enter

ipconfig /all

Here are some additional parameters that I find useful. Remember you can type ipconfig /? to view the entire command syntax and list of parameters.

### More ipconfig examples

/all switch to display IP info for all network cards

ipconfig /all

/flushdns switch to clear the local DNS resolver cache

ipconfig /flushdns

/registerdns to trigger dynamic registration of the DNS names and IP addresses that are configured on the computer

ipconfig /registerdns

/release to release DHCP addresses. Will release DCHP address on the network cards that are configured for DHCP.

ipconfig /release

/renew switch will renew DHCP address for all network cards

ipconfig /renew

/displaydns switch will display the DNS client cache.

ipconfig /displaydns

## 3. nslookup

The nslookup command is used to check DNS records and troubleshoot DNS. This is a must-have command for any sysadmin or network engineer. You can do all kinds of tests to verify DNS is working correctly, you can check PTR, A, MX, SOA, and many other types of DNS records. It’s another one of my favorite windows commands for network troubleshooting.

### Nslookup command example

To test that the A record of a hostname follow these two steps

Step 1: Type nslookup and press enter

Step 2: type in a domain name and press enter

## 4. tracert

The tracert command is used to track the pathway a packet takes from a source IP to the destination address. This simply means it’s going to display each hop (router) that the packet passes through to reach its destination.

This command I don’t use very often but still comes in handy when troubleshooting the network. For example, we had some speed issues with a website from our ISP, on a different ISP we had no issues. The ISP had us run a traceroute so they could see the path it took.

### Tracert example

The syntax for this command is tracert followed by the hostname or IP.

tracert google.com

This command has very few options. The only command line switch on this one that I find useful is the -d which is used to not resolve the address to hostname.

## 5. shutdown command

The shutdown command does exactly that, it shuts down a computer. This command is useful for shutting down or restarting local or remote computers. It also provides a quick way to see all the logs for why a computer restarted or was shut down.

### shutdown examples

This command will restart computer pc2

shutdown /r /m \\pc2

This command will shut down the remote computer

shutdown /s /m \\pc2

View previous shutdown/restart logs

shutdown /d

Here is an example output for the shutdown /d command. This can be useful to quickly check why a computer restarted or shutdown.

### More shutdown examples

Some of these use multiple switches, refer to the help file shutdown /? for an explanation of each command switch.

Log user off of a remote computer

shutdown /l /m \\pc2


Restart a remote computer with no countdown

shutdown /r /m \\pc2 /t 0

Shutdown local computer and specify time period before shutdown in seconds

shutdown /s /t 60

Shutdown a remote computer with a custom message

shutdown /m \\pc2 /c "Rebooting computer, have a nice day"

Abort a system shutdown

shutdown /a

Force applications to close without warning

shutdown /s /f

## 6. gpupdate command

The gpupdate command is used to apply group policies on a computer in a windows domain. This is a very popular command, I see a lot of helpdesk techs that use it. Sometimes you can run this command to refresh the GPOs and avoid a reboot but that doesn’t always work.

### gpupdate command examples

This command will pull down any GPO changes to the computer

gpupdate

Use this option to reapply all the GPOs on the computer.

gpupdate /force

## 7. netstat

This is such an awesome command.

The netstat command displays TCP/IP connection information, ethernet stats, and the computer’s routing table. As a sysadmin I use this command on Windows servers and clients when troubleshooting connection issues. I can verify application servers are working correctly by checking that the service is running and listening for connections on the port.

### netstat command examples

Display all active and listening ports

netstat -a

Display all connections in numerical order

netstat -a -n

Here is the output of the above command. You can see how you can verify server and client connectivity. It shows that my domain controller with IP 192.168.100.10 has established these four connections with IP 192.168.100.11.

### More netstat examples

Displays the executable that is used to create the connection

netstat -ab

Displays ethernet statistics. This is a quick way to check for network card errors and discards

netstat -e

Displays the exe and the process ID (PID) associated with the connection.

netstat -abo

Displays the computer local routing table

netstat -r

Displays FQDN with the connection info.

netstat -af

## 8. dcdiag

If you are the administrator of Active Directory then you must know this command. This command will analyze the state of your domain controllers, it has over 30 built in tests. You should be running this command at regular intervals to ensure your domain environment is healthy.

### dcdiag examples

To run dcdiag on a specific domain controller use this command


dcdiag /s:DC1


## 9. net stop and net start

Simple command to start and stop windows services

### Examples

In this example, I will stop and start the printer spooler service

net stop spooler

and now start the spooler service

net start spooler

That is it for this command, there are no additional parameters.

## 10. systeminfo

The systeminfo command displays configuration details on a computer such as OS name and version, hardware information, boot time, logon server, and more.

There are a lot of details this command displays, I typically use it to check last boot time, logon server, and OS version.

You can run this command on remote computers with the /s parameter

system info /s pc1

## 11. getmac

This command returns the MAC address from all the network cards on a system. When troubleshooting a client connection issue I will often need the computer’s MAC address so I can verify I see it connected on the switch. This command is the best way to quickly grab a computer’s MAC address.

To run it on a local computer just type getmac.

To run on a remote computer use the /s parameter

getmac /s pc1

## 12. gpresult

The gpresult command reports on what group policies and settings are applied to a user or computer.

This is another must know command if you work with Active Directory servers.

To display all applied GPOs run this command. Note: You need to run the command prompt in administrator mode or it will not generate a full report.

gpresult /r

The above command will give a report for both user and computer applied GPOs.

and the computer settings

### More GPResult examples

Display GPOs applied to the user

gpresult /r /scope:user

Display GPOs applied to the computer

gpresult /r /scope:computer

Display GPOs for a remote computer

gpresult /s pcname

Generate an HTML report

gpresult /h c:\report.html

Send command output to a text file

gpresult /r > c:\result.txt

## 13. whoami command

This command displays who is currently logged on to the local system. It also can display what groups a user belongs to. Use this command to display the logged on users group membership.

whoami /groups

Pretty cool right?

### More whoami commands

Display the user name in UPN format

whoami /upn

Displays current domain, username and users SID

whoami /user

Displays all information for the current user

whoami /all

## 14. telnet client

I use the windows telnet client to test if a remote host is allowing connection on a specific port. I typically use this when someone says your firewall is blocking a program from working.

If you know the port number the application runs on you can use the command below. In this example, I installed filezilla server so port 21 should be open.

The syntax is telnet + hostname or IP + port number

telnet srv01 21

You may or may not get a response back from the remote server. In this case with filezilla I do. You could also just get a blank screen on a successful connection.

If it doesn’t get a connection you should get a message like the below.

That is all I use the telnet client for. For complete command syntax view Microsoft’s telnet documentation.

## 15. set

The set command displays environment variable information.

I don’t use this command that often but still is useful to check a user’s logon server or quickly look at the environment variables.

One little trick with this command is you can type the command followed by string and it will only display those results. For example, if I want to find everything that starts with path I would use this command

set path

Now it just displays everything that starts with “path”.

## Basic Windows Commands

Here are some additional basic commands.

• CD – Use this command to change directories
• MKdir – This command is used to create new directories
• SFC – System file Checker
• Net use – This command is used to map a drive to a network share
• CHKDSK – Scans the drive for errors
• Route – Displays the local routing table
• Powercfg – Manage power settings
• Tasklist – Get a current list of running programs
• Taskkill – Stop a program from running
• Format – Format a disk from the command line
• cls – Clear the screen. This comes in useful when the screen is a mess.
• Diskpart – Displays disk partition
• Robocopy – Great command to copy files and directories
• Xcopy – Another command used to copy files and directories

### How do I open the command prompt?

Click Start and type cmd.

Click on the command prompt

### Is there a command to list all Windows commands?

You can type help to get a list of the system default commands.

Unfortunately, this will not list commands that have been installed by other programs like the RSAT tools. To see a complete list of commands the Microsoft Windows Commands documentation.

### How do I run the command prompt as administrator?

This is a great question as some commands will not run unless the command prompt is in administrator mode.

To run the command prompt as an administrator right click on “command prompt” and select “Run as administrator”

### How do I get my IP address from the command prompt?

Use the command ipconfig. Use the command ipconfig /all to display IP information for all network adapters.

### How do I get my hostname?

Use the command hostname.

## Summary

There you go the top 15 windows commands that I still use on a regular basis. All of these commands can be used in PowerShell or the old (and dead) Windows CMD. These commands are great no matter where you are at in your IT career. I’ve used some of these commands since I started as a helpdesk tech and still use them as a sysadmin/network engineer.

Got any commands you still use? Please share them in the comment section below.

## Recommended Tool: Permissions Analyzer for Active Directory

This FREE tool lets you get instant visibility into user and group permissions and allows you to quickly check user or group permissions for files, network, and folder shares.

You can analyze user permissions based on an individual user or group membership.