Microsoft Windows

Microsoft WindowsMicrosoft Windows started out life back in 1981, with its first version, Windows 1.0. Initially it received mixed reviews, with quite a lot of criticism, saying that it had potential, but didn’t meet expectations. Over the years it has grown in popularity, currently with around 90% of the worlds desktop and laptop computers using one of the versions mentioned below.

Windows 11 is the most recent version of Windows, released on 5 October 2021 and is available as a free upgrade for Windows 10 users, where the computer meets the required specification.

Useful Links

Windows 8 arrived on the scene in October 2012, with significant changes to the interface to allow for its use on tablets, as well as desktops and laptops. This new interface came under criticism for its potential for being confusing and difficult to learn. A major update came along in October 2013, Windows 8.1, to address some of these criticisms and also included some additional improvements.

Useful Links

Windows 7 was released in October 2009, to address some of the issues of Windows Vista, its predecessor, rather than to introduce something radically different. In doing this it maintained compatibility with both hardware and software available for Vista.

Useful Links

Windows Vista was released in January 2007, more than five years after the previous release, Windows XP. Although Windows Vista offered security improvements over XP, which gained it some positive reviews, it was heavily criticised for its high system requirements and more restrictive licensing terms. This lead to many people not migrating away from Windows XP.

Useful Links

Windows XP was released in October 2001, with sales of its licenses stopping in June 2008, except for netbooks, which went on until October 2010. The end of life for Windows XP came on 8 April 2014, when extended support for the operating system came to an end. This also marked the end of security updates and the availability of free support information.

Useful Links

As well as these desktop and laptop versions of Windows, there are also separate versions that run on servers, which come under the Windows Server brand. Below are the versions that are still being supported by Microsoft. When Microsoft releases a new version of Windows Server, there are two phases of support, mainstream support and extended support. Mainstream support is the first phase, where Microsoft provide new features or enhancements to existing features, along with bug fixes and security updates. This usually lasts for about five years, after which the product enters the extended support phase. This again lasts for about five years, during which time Microsoft provides bug fixes and security updates only. These phases may be longer and are subject to being changed by Microsoft.

Windows Server 2022 is the most recent version, which was released on 18 August 2021. It will receive mainstream support until 13 October 2026 and extended support until 14 October 2031.

Useful Links

Windows Server 2019 was originally released on 2 October 2018, however, due to an issue found with in-place upgrades, its distribution was paused four days later. After the issue was resolved, it was re-released on 13 November 2018.

Windows Server 2019 will receive mainstream support until 9 January 2024 and extended support thereafter until 9 January 2029.

Useful Links

Windows Server 2016 was released on 12 October 2016 and is currently in the mainstream support phase until 11 January 2022, after which extended support will run until 12 January 2027.

Useful Links

Windows Server 2012 was originally released on 4 September 2012, with Windows Server 2012 R2 being released the following year on 18 October 2013. Both releases reached the end of mainstream support on 9 October 2018, but will receive extended support until 10 October 2023.

Useful Links

Windows Server 2008 was originally released on 27 February 2008, followed by Windows Server 2008 R2 on 22 October 2009. Both reached the end of mainstream support on 13 January 2015, with extended support ending on 14 January 2020.

Useful Links

Shell Commands

The Shell is a command language interpreter that executes commands read from a standard input device, such as a keyboard, or from a file. Each command has a number of options, or switches, as they are known, which tailor the output of the command in question. A switch follows the command, and is made of a '/', followed by one or more letters of the alphabet. Commands such as 'netstat' differ slightly, with options following the command, that start with a '-' and are followed by one or more letters of the alphabet.

diskpart

This allows you to manage disks, volumes, partitions and virtual hard disks on a computer. Issuing the 'diskpart' command starts the 'dispart' command prompt.

diskpart

Once within the 'diskpart' command prompt, the disks on the computer can be listed and one can be selected.

list disk
select disk 0

Once the disk has been selected, a primary partition can be created.

create partition primary

This partition should then be visible when 'list partition' is run.

list partition

The new partition can be selected from the list.

select partition 1

Once the partition is selected, it can be formatted.

format FS=NTFS quick

A drive letter can also be assigned.

assign letter=x

If at any time help is required, whilst inside the 'diskpart' command prompt, the 'help' command can be used.

help

In order to exit the 'diskpart' utility, 'exit' must be specified.

exit

More

date

Allows for the system date to be viewed and changed. If the 'date' command is used with no additional options, it will display the current system date and allow for the entry of a new date. Specifying the '/t' option just displays the current system date.

date
date /t

More

hostname

Displays the name of the machine.

hostname

More

sc query

Displays active services and drivers.

sc query

More

systeminfo

Displays system information relating to the machine the command is run on.

systeminfo

More

time

Allows for the system time to be viewed and changed. If the 'time' command is used with no additional options, it will display the current system time and allow for the entry of a new time. Specifying the '/t' option just displays the current system time.

time
time /t

More

whoami

Displays the username of the current user. The information is displayed in the format 'hostname\username'

whoami

More

format

As the name suggests, 'format' can be used to format mass storage. Both the file system and volume label can be specified using the 'fs' and 'v' switches respectively.

format e: /fs:NTFS /v:Backup

It is also possible to perform a quick format using the 'q' switch.

format e: /q /fs:NTFS /v:Backup

More

help

The 'help' command can be used, in conjunction with a specified command, such as 'dir', to get help on this command. It should be noted that a lot of commands have a '?' switch, which can be used to display the same help information.

help dir
dir /?

More

ipconfig

This shows TCP/IP and network adapter information, including the IPv4 address, the subnet mask and the default gateway.

ipconfig

In order to include additional information, such as DNS and DHCP server information, the 'all' switch can be added.

ipconfig /all

If it is required to release the current DHCP information and discard the IP address, the 'release' switch can be used.

ipconfig /release

In order to renew the DHCP information and obtain a new IP address, the 'renew' switch can be utilised.

ipconfig /renew

It is also possible to display the DNS cache on the local machine.

ipconfig /displaydns

If it is necessary to clear the DNS cache on the local machine, this can be achieved using the 'flushdns' option.

ipconfig /flushdns

More

gpupdate

Active Directory Group Policy is usually updated automatically at start-up, however, an update can be forced using 'gpupdate' with the 'f' switch, whilst the system is running.

gpupdate /force

With appropriate permissions, a Group Policy update can also be forced on another specified machine on the network.

gpupdate /target:computer-name /force

Again, with the appropriate permissions, an update can be forced on another user on the network.

gpupdate /target:user-name /force

More

gpresult

This can be used to verify Group Policy settings for the current computer. The 'r' switch signifies that a summary should be displayed.

gpresult /r

Group Policy settings for a particular user on a domain can also be obtained using 'gpresult'.

gpresult /user domain-name/user-name /v

More

tasklist

This shows all tasks running on the system in a similar fashion to Task Manager. The information displayed includes the 'Image Name', which can be the name of an executable file, such as 'notepad.exe', and the Process ID (PID).

tasklist

More

taskkill

This can be used, for example to end all tasks associated with a particular application, or end an individual process using the Process ID.

taskkill /IM notepad.exe
taskkill /PID 1234 /t

The 't' switch used with 'taskkill' also ensures that any child processes are ended.

More

cls

Clear the command prompt window of any previously run commands, along with their results.

cls

More

exit

Close the command prompt window.

exit

More

cd

Change the current directory. A '\' can be used to move to the route of the current drive.

cd \

Move to a directory called 'Demo' that resides in the current location.

cd Demo

Move to the 'Windows' directory at the root of the 'c' drive.

cd c:\Windows

This move to the 'Windows' folder can also be done without the drive letter.

cd \Windows

Move up one level from the current location.

cd ..

Return the user to their home directory.

cd ~

More

dir

Displays a list of files and subdirectories in a directory, either the current working directory, or one that is specified. The 'p' switch lists the results a page at a time. The enter key is needed to proceed to the next page. The contents of a directory, other than the current working directory, can be listed by specifying the path, either relative from the current location, or the full path. The 's' switch can be used to include the contents of subdirectories in the list displayed.

dir
dir /p
dir /p Windows
dir /p C:\Windows
dir /p /s C:\Windows

If only a subset of files is required in the listing, then the wildcard, '*', can be used, to, for example, list all files with a '.txt' extension.

dir /p *.txt

It should be noted that the list produced from the above does not include hidden, or system files. These can be listed using the 'ah' and 'as' switches respectively. Listing subdirectories only can also be achieved with the 'ad' switch.

dir /p /ah
dir /p /as
dir /p /ad

More

drive_letter:

Move to a different drive, using the drive letter, for example, the 'd' drive.

d:
more

View the contents of a file. The spacebar can be used to page down in the file. When done, press 'q' to return to the command prompt.

more file1.txt

More

tree

Display folders in a tree like structure. Using the 'tree' command on its own will display the folder structure starting from the current location, and includes all its sub-folders. Alternatively, a path can be specified.

tree
tree C:\demo

More

net

Net commands can be used to perform numerous tasks on Windows operating systems, from Windows XP onwards, as well as server versions. Below are just a few of these.

Display all available net commands.

net

Get help on a net command.

net help user

Show all the computers on the network.

net view

List the shares on the current computer, or a specified computer or server.

net share
net view computer-name
net view \\server-name

Share a folder called ‘stuff’ on the current computer.

net share shareit=c:\stuff

Map a network share to a drive letter.

net use z: \\server-name\share-name

See the users on the system in question.

net user

Add a local user to the current computer.

net user username password /add

Delete a specified local user on the current computer.

net user username /delete

List the local groups on the system in question.

net localgroup

View the current password requirements.

net accounts

More

nslookup

This can be used to lookup information from DNS servers, such as canonical names and IP addresses.

nslookup www.stuartsplace.com

If you get a non-authoritative answer it means that it is from local cache, rather than the DNS server that would normally provide DNS information for the website in question.

A lookup can also be done in the other direction, by using an IP address.

nslookup 8.8.8.8

More

netstat

Used to determine what type of network connections are occurring inbound as well as outbound from the machine in question. It shows the protocol, local address, including the ephemeral port number, foreign address, including ephemeral port number, and the state.

netstat

Specifying the 'a' option displays more detail, showing all connections and listening ports.

netstat -a

To include the name of the executable involved in creating the connection or listening port, the 'b' option can be used.

netstat -b

The 'f' option will include the fully qualified domain name, where there is one, for foreign addresses.

netstat -f

To simplify the output, the 'n' option can be utilised.

netstat -n

To display the routing table, the 'r' option can be specified.

netstat -r

More

tracert

This is a diagnostic tool that can be used to determines the route, from the current machine, to a destination, by sending Internet Control Message Protocol (ICMP) echo packets to the destination. The resulting information shows the time taken in milliseconds to each router, as well as the IP address. It should be noted that some routers are design not to return back any details, so you may not get all the information you require.

tracert www.stuartsplace.com

This also works with an IP address.

tracert 8.8.8.8

More

chkdsk

This checks the file system and file system metadata of a volume for logical and physical errors. If run on its own, this command will only display any issues.

chkdsk

In order to check and fix the error that have been found, the 'f' switch needs to be used. It should be noted that if the disk in question is in use, a prompt will appear asking for confirmation for the check to happen following the next restart.

chkdsk /f

The 'r' switch includes all the functionality of 'f', with the addition of an analysis of physical disk errors. Again, this would need to be performed following a restart if the disk is in use.

chkdsk /r 

More

dism

The Deployment Image Servicing and Management tool (DISM) is used to manage Windows Imaging Format (WIM) files, as well as check and fix your current system image online with Microsoft. The health of the current image can be checked and corrected as follows.

dism /online /cleanup-image /restorehealth

Information relating to a specified Windows image file can also be obtained.

dism /Get-WIMInfo /WimFile:d:\sources\boot.wim

More

sfc

System File Checker scans all protected system files to verify their integrity and repair any issues.

sfc /scannow

More

shutdown

The 'shutdown' command can be used to logoff, shutdown, or restart a computer. The 'l' switch is for logging off, the 'r' switch is to for a system restart, and 's' is to shut the system down.

shutdown /l
shutdown /r
shutdown /s

It is also possible to delay a shutdown or restart by a specified number of seconds using the 't' switch.

shutdown /r /t 60
shutdown /s /t 60

If it is necessary to abort a time delayed shutdown or restart, the 'a' switch can be used.

shutdown /a

More

ping

The 'ping' command is a utility that tests the reachability of a host over an IP network, such as a Local Area Network (LAN), or the Internet. It uses Internet Control Message Protocol (ICMP) echo request messages to contact the host and corresponding replies are received if the host is reachable. By default, in Windows, four echo request messages are sent, so four responses should be received. Included with each response is the corresponding IP address, the round-trip time in milliseconds and the time to live (TTL), which signifies how many hops it took to reach the destination.

ping www.stuartsplace.com

If a different number of echo requests is desired from the default, the 'n' switch can be used, followed by the number of messages.

ping /n 2 www.stuartsplace.com

To continue sending echo requests until either Ctrl+Enter is used to interrupt the command, or Ctrl+C is used to quite the command, the 't' switch can be used.

ping /t www.stuartsplace.com

An IP address can also be used with the 'ping' command, instead of a domain name. Here, the IP address of one of Google's DNS servers is used.

ping 8.8.8.8

The 'a' switch can be utilised when trying to ping an IP address to resolve it to a hostname. In the case of the Google DNS server in the previous example, the hostname 'dns.google', will be returned.

ping /a 8.8.8.8

More

copy

Copy one or more files to a different location.

copy example.txt e:

The '*' wildcard can be used to, for example, copy all files of a specified type from the current location, or simply copy all files.

copy *.txt e:
copy *.* e:

In order to verify that the new files have been written correctly, the 'v' switch can be used.

copy /v *.txt e:

If files of the same name already exist in the destination location, a confirmation message will appear asking if they need to be overwritten. These messages can be suppressed using the 'y' switch.

copy /v /y *.txt e:

More

xcopy

Copies files and directories, including subdirectories. Note that, subdirectories, along with their contents, will only be copied if the 's' switch is used. As with the 'copy' command, the 'v' switch can be used to verify that the new files have been written correctly, and the 'y' switch can be used to suppress any messages requesting confirmation to overwrite files. The 's' switch does not include empty subdirectories. If these are required then the 'e' switch needs to be included, instead of 's'.

xcopy c:\Demo e:
xcopy /s c:\Demo e:
xcopy /s /v /y c:\Demo e:

By default, 'xcopy' does not include system and hidden files. To includes these, the 'h' switch needs to be used. The 'xcopy' command is also network aware, so UNC paths can be used.

More

robocopy

Robust copy is a more powerful version of 'xcopy'. Like 'xcopy' it is network aware, but it includes additional features such as a restartable mode, with the 'z' switch, that allows a copy to resume after it has been interrupted. The 's' and the 'e' switches operate in the same way as 'xcopy', with 's' including subdirectories and their contents, except empty ones, and 'e' adding in the empty ones as well.

robocopy /e /z c:\Demo e:

More

move

The 'move' command can be used to move and rename files and directories.

To rename a file firstly the current name must be specified and then the new name. If the file isn't in the current location, then the path would need to be included also.

move example.txt example2.txt

If the destination file name already exists a prompt will appear asking for confirmation. To suppress the confirmation message, the 'y' switch can be used.

move /y example.txt example2.txt

The renaming of directories works in the same manner.

Files and directories can be moved by specifying what you want to move and the destination where they need to be moved to.

move example.txt e:

Wildcards, such as the '*' can be used in a similar way as when a copy is taking place, for example, selecting all text files, or all files regardless of type.

move *.txt e:
move *.* e:

More

rename

Rename a file in a similar fashion to the 'move' command.

rename example.txt example2.txt

More

del

Delete one or more files and directories.

del example.txt

Multiple files can also be deleted by specifying one name after another.

del example.txt example2.txt

To delete all text files in one go from the current location, the '*' wildcard can be used.

del *.txt

All files, regardless of type, can be deleted by using the '*' wildcard either side of a '.'. In this instance confirmation will need to be given.

del *.*

In order to delete all files and folders, including their contents, a single '*' wildcard can be used.

del *

More

erase

Works in the same way as the 'del' command to delete files and directories.

More

md

Create a directory.

md Demo

More

mkdir

Works in the same way as the 'md' command to create a directory.

More

rd

Delete a directory.

rd Demo

Note that this will only delete the directory if it is empty. To remove a directory, along with its contents, the 's' switch needs to be used.

rd /s Demo

More

rmdir

Works in the same way as the 'rd' command to delete a directory.

More

type

The 'type' command can be used to display the contents of a file or files in a terminal window. Where more than one file name is specified, the file contents is displayed one after the other.

type example.txt
type example.txt example2.txt

It can also be used to append the contents of one file to the end of another. If the destination file doesn't already exist, then it gets created.

type example.txt >> example2.txt

More

echo

The 'echo' command is often used to display text out to the terminal, as part of a batch file, for example, however, it can be used to create a file with the specified text in it. It should be noted that if the file already exists, it will get overwritten.

echo This is file3. > example3.txt

The command can also be used to append the specified text to an existing file by replacing '>' with '>>'. If the file doesn't already exist, then it gets created.

echo This is file3. >> example3.txt

More

Useful Links

General

Sandboxes and Application Isolation

System Information Software

Podcasts