great tools that many folks havent yet met or dont know well enough Presented by Mark Minasi helpminasicom 1 WSV350 Where The Treasury Came From Since late 1997 Ive written a monthly column first called This Old Resource Kit and later Windows Power Tools ID: 594163
Download Presentation The PPT/PDF document "A Power Tools Treasury:" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
A Power Tools Treasury:great tools that many folks haven't yet met (or don't know well enough)
Presented by Mark Minasihelp@minasi.com
1
WSV350Slide2
Where The Treasury Came FromSince late 1997, I've written a monthly column first called "This Old Resource Kit" and later "Windows Power Tools"
In it, I try to find a utility program that most people don't know, or perhaps don't know in enough detail to know a trick or two inI've done this several times before, so consider this "volume 4"I've listed the ones I've covered before at the end of the talk so if you like, you can look into them
2Slide3
TopicsRobocopy
recipesWiping disksWrangling licensing with SLMGRFOR once, FOR now, FOR ever!Scriptable power configuration with powercfg
Partition Magic's replacement, Diskpart
3Slide4
TopicsEmailing from the command line
Automatic, scheduled event log archiving with wevtutilWatching your tickets with KLISTA SteadyState
replacement: SteadierStateOld faithfuls: a list of tools from past talks to look into
4Slide5
RobocopyEven if you've
heard of this…In short, it is a fast, reliable, flexible tool for bulk file copies, whether across networks or within systemsIt has, however, a very frightening syntax and so many pass it up, which is a shame
It's an even bigger shame as robocopy is in WinPE as well and thus is a welcome tool in repair/deployment scenarios
5Slide6
Robocopyuses
Simple block file transfersBuilt to be scheduled
Can be set up to automatically compare two copies of a set of files/folders and keep them in syncYou can control the bandwidth it usesYou can control its processor intensityBypasses common file/folder permission problems
6Slide7
Robocopybasic copying
robocopy
sourcedir destdir filespecex:
robocopy
c:\files e:\destfiles
This will copy all files at the top level of c:\files to e:\destfiles, creating the e:\destfiles folder if necessary
robocopy
c:\files e:\destfiles *.txt
Same, but only text files
7Slide8
Robocopyadd copying folders
add /s to copy subdirectories but only copies ones with files in themadd /e to copy all subdirectories, even the empty ones
add /lev:number to only copy the top number folder levels from the source
/
mov
to move, not copy
8Slide9
Robocopyadd the "
robo"
Moving big blocks of data often gets stopped for some reason/z = "if it fails, try it again in 30 seconds… one million times… until it works"/b = "if it fails because the admin lacks access to a file or two, get sneaky and use the backup privilege"
/
zb
= both /b and /z
/
r:
n
= change "
milllion
" /
w:
n
= change 30s
9Slide10
Robocopykeeping two folders identical
The /mir ("mirror") option will
Scan the source and destination foldersLocate any folders on the destination that are no longer on the source and delete them on the destinationLocate files/folders changed or new on the source (relative to the destination) and update the destination
add /sec /
secfix
to keep NTFS ACLS synced
10Slide11
Robocopy"
I don't understand why it's doing what it's doing…"
Join the club!<grin>The answer is to get verbose loggingadd /v /log:filespecTechNet magazine also published a free GUI for it; search "Utility Spotlight
Robocopy
" and you'll find it
11Slide12
Robocopyrepeating something once I have it right: jobs
You can create a file with an ".rcj
" extension, or let Robocopy do it for you with the /save option, likerobocopy c:\src e:\dest /
mir
/
save:myjob
You can then re-do the command with
robocopy
/
job:myjob
Even create new ones
robocopy
/
job:myjob
/
secfix
/save:job2
12Slide13
Robocopyspeeding things up
If you find that you're moving data along but not maxing out the system RAM, CPU or disk-wise, create more than one thread with /
mt:numthreads. Manual says it can go to 128, I use 16… example with large file:robocopy
c:\files x:\
boot.wim
/mt:16
Here, I have a big file, know the permissions are okay, but want things to get speedy
That's about one quarter of what
Robocopy
can do but I can't spend more time on it… but start using it and you'll become a fan
13Slide14
Wiping DisksSo… how do you wipe volumes before discarding them? (I'll use E: in my examples)
If using Bitlocker, try this (it's instantaneous):manage-
bde –forcerecovery e:These will take longer:
format e: /
p:
numberofpasses
format e: /p:3
format e:, and then type
cipher /
w:e
:\
14Slide15
Wrangling Licensesan evil, but a necessary one…
Slmgr.vbs lets you script or quickly access a lot of things about Win 7 licensingFirst, tell the system to use the command-line scripting engine
cscript //h:cscript
Then
slmgr
commands, like
slmgr
–
xpr
(shows remaining time before grace period expires)
15Slide16
What SLMGR Can Do
slmgr –rearm gives you 30 (Win 7)/60 (2008 R2) more days' grace periodslmgr
–dli, -dlv return licensing infoslmgr –upk
removes a product key
slmgr
–
ipk
key
installs a product key
slmgr
–
ato
activates Windows 7
slmgr
–
skms
kmsservernameorip
port#
activates with KMS location information, e.g.
slmgr
–
skms
kms1.bigfirm.com
16Slide17
FORthe original Windows power tool
Most folks hate scripting, but know that one of the beauties of scripting is that it lets you take one simple command and tell the computer to re-do it "x" times, or under some conditions, or something like that
FOR lets you do that in several ways – by the numbers, with the contents of a file, with the contents of a folder, and more
17Slide18
FOR and FilesEver worked with a CLI program that didn't take wild cards? FOR can help
for %a in (searchitem) do (something with %a)Example: my own chml tool can't take wildcards, like
chml b*.txt, but this would work:for %a in (b*.txt) do (chml
%a)
18Slide19
FOR by the Numbers: /LSuppose I needed 500 test user accounts
I can create one user account like this:net user user001 swordfish /addBut 499 more? That's where FOR helps
for /L %i in (1,1,500) do (net user user%i swordfish /add)
19Slide20
For and File Contents: /FRemember the first example being able to have Windows re-execute an app over and over but to feed it a different file every time?
That only let us specify files with wildcardsNow take it a step further with for /f, which lets us get more refined with lists of filenames rather than just wildcard patterns
20Slide21
For /F ExampleI was looking over a few hundred pictures but didn't have my usual tools (
Lightroom etc).So basically I was just flipping through the pictures with one window and typing the names of the good ones in a Notepad window and the excellent ones in another Notepad window (I had very little screen space and so couldn't have a bunch of Explorer windows open)
21Slide22
For /F ExampleUltimately I wanted to copy just good pictures and the excellent pictures into another folder
This command did it:for /f %i in (c:\pix\good.txt
c:\pix\great.txt) do copy c:\newpics\%i c:\keepers
22Slide23
Seize the Power(cfg)
Powercfg is a power-related CLI tool that made its debut in XP SP2 and has changed significantly in Vista and then Windows 7Big uses:Set power profiles from the CLI, simplifying deployment and changes
Control power things that you can't get to from the GUIDiagnose sleep-related disordersSmoke out power-suckers
23Slide24
Powercfg and Power Setup
To choose a particular power profile ("balanced," "max savings," etc), usepowercfg –setactive
GUID-of-power-schemeYou can get the GUIDs withpowercfg
-list
24Slide25
Powercfg and Hibernation
Ever notice that you can't really control sleep and hibernation in Vista and Win 7?
25Slide26
Powercfg and Hibernation
Run "powercfg –h on" and you'll get the power to control hibernation again
26Slide27
Powercfg and Laptops
Ever had a laptop that can't seem to sleep, or wakes up at undesired and unpleasant times? Find out why it woke:powercfg –
lastwakeFind out what's not working that should be to let you get max power savings:
powerfg
-energy
27Slide28
VHD Resize
As you probably know, VHDs are the way that Microsoft packages the imaginary hard drives that virtual machines need on MS's VM management tools (VMWare uses VMDKs, in contrast)You may also know that with Win 7/R2, VHDs aren't just for VMs, as they can be attached to physical systemsSlide29
VHD Resize
Sometimes it'd be convenient to be able to compact or expand a VHDThis wasn't really possible pre-Hyper-V, but do you really want to fire up a Hyper-V server just to resize a VHD?The easier way is to learn a bit of
diskpartSlide30
What You Need
Assume we've got a VHD named "test.vhd"It must be an expandable VHD…fixed VHDs cannot be shrunk, as it's really just a compactionThe diskpart
command is "compact vdisk"You can enlarge either fixed or expandable VHDs, in contrastDiskpart command is "expand vdisk"Slide31
To Shrink
First, select the vhd to give it the focus:diskpart
select vdisk file=e:\test.vhdThen compact it with compact vdisk:
compact vdiskSlide32
To Expand
Again, select:diskpart
select vdisk file=e:\test.vhdNow use "expand vdisk maximum=dddd
"
expand vdisk maximum=1000Slide33
Partition/Volume ResizeTo shrink (or enlarge) a partition/volume, start
diskpart and select the partition/volumeThen you can either tell diskpart how much to shrink the volume with the command
shrink desired=megabytes minimum=megabytesOr find out how far it could shrink the volume:
shrink
querymax
Just "shrink" shrinks it as much as possible
33Slide34
Shrink Querymax Example
34Slide35
Volume ExtensionSimilar syntax
extend just extends the current volume as far as it can go on this diskextend size=megabytes
extends it as far as specifiedYou can also go to Disk Manager, right-click on a partition/volume and do the same things from the GUI
35Slide36
Mklink: Symbolic Links
Lets you make Windows think that a file share is a subdirectoryHelps if you run out of letters or need to "lie" to Windows, leading it to believe that a share is actually a local foldermklink
/d c:\myphotos \\S2\photosMakes Windows think the share \\S2\photos is a local folder "c:\myphotos"
36Slide37
Automating Email Notifications
Many's the time that I've cooked up a batch file or some other scheduled task and wished that I could have it email me when doneSo how to tell your system to e-mail you from a command line?
Heck, if you've got an SMS phone, then you could even have it text youAnswer: blat, from www.blat.net
37Slide38
Blat
Command-line SMTP client; example:blat - -body “Event ID 763 happened!” –server mail.bigfirm.com –to mark@mmco.com –f noone@bigfirm.com –subject “Event 763 alert” –u
joe –pw swordfishThe "blat - -body" is no typo
38Slide39
More Blat
The –u and –pw assume that your SMTP server needs logons; BLAT supports GSSAPI so it can do secure logons to Microsoft and other SMTP serversFree downloadEven includes the source
You can pre-store most of the parameters in the RegistryAnd if you're using PowerShell (you should!), there's send-mailmessage
39Slide40
Schedule-able Event Loggingwevtutil
does a number of things and is CLI and so can be scheduledTo back up and clear a log, usewevtutil cl logname /
bu:filetobackuptoexample:wevtutil
cl Security /
bu
:\\s1\
centralELbackups
\01012001.evtx
40Slide41
Extract a Critical SummaryCommand to get all "critical "or "events" from the System log
wevtutil qe System "/q:*[System [(Level=1 or Level=2)]]" /
f:textDemystified, that'swevtutil
qe
logname
"q:
xpathquery
" /
f:text
(You need /
f:text
because the default is XML. No, I have no idea why…)
41Slide42
Creating Xpath Query Strings
Ready for the good news: you don't have to create Xpath strings… Event Viewer will do it for youGo to the Event Viewer GUI and use the GUI tool to create the "give me Error or Critical stuff" query: right click the log, choose Filter Current Log and use the check boxes and text fields to create the query
42Slide43
You'll see something like this:Now click the "XML" button…
43Slide44
Now take the stuff between "Select" and "/Select," pop it into the "/q:" part and you've got your command
(Take the output, blat it to your phone….)
44Slide45
KLISTA big security concern nowadays is, "did Kerberos or NTLM log me on?"
KLIST is the quick and easy answerIf KLIST returns no data, you were logged on with NTLMIf it shows you your Kerberos tickets, you were logged on with Kerberos
45Slide46
WHOAMIVery useful tool for smoking out "why can't I…" sorts of issues
To testOpen a command promptRun whoami
/all /fo list > mysec.txtRun the appIf it fails, look in mysec.txt for your privileges and group memberships… you have what you need to figure out why it failed
46Slide47
SteadierStateMany of us have public-access computers (school labs, libraries,
etc)Need a fast way to un-do whatever the public user didMicrosoft used to offer a free utility called "SteadyState" to accomplish that, but doesn't any longer
If you're using Windows 7 Enterprise or Ultimate, I've created a (free) similar tool www.steadierstate.com
47Slide48
Thanks!I hope I showed you at least one neat new power tool
I'd love to hear about your favorites, feel free to drop me a lineI'm at help@minasi.comDon’t forget the evaluationsThanks for attending!
48Slide49
Related Content: Reference
As I've discussed many tools in the past,
here's a list that quickly points you to some
of the terrific power tools I've discussed in past talks in case you've never heard of them before
Google
Bing them
or drop me a line if you need to know moreSlide50
Tools To KnowRepadmin
: complete CLI control/diagnostic for solving AD replication problemsRepadmin /experthelp reveals even moreNetdom
renames computers, joins/unjoins, resets domain connections, lots moreDelprof deletes user profilesCsvde creates AD users
en masse
Tokensz
tracks if your user token can't fit in Kerberos
50Slide51
Tools To Knowspn_query
and setspn helps find problems with AD authentication in client-server appsnetsh lets you do almost anything with your network interface, protocol, firewall, many IP-related server tools (like DHCP)
wbadmin lets you control and schedule CompletePC backupDism lets you work with and do offline updates on Windows deployment images
51Slide52
Tools to KnowImageX
creates and deploys Windows images in a Ghost-like mannerSc manages services in ways that no other tool canPnputil lets you force-feed drivers to Windows systems (Vista and later)
Manage-bde gives you access to BitLocker features that the GUI and GPs do not
52Slide53
Tools To Knowipconfig
, getmac, ping, arp, portqry,
pathping control and monitor protocol-level thingsnet user, net share, net use, net account etc control local and domain-based accountsshutdown does local and remote shutdown
dnscmd
offers complete control of your DNS servers, way more than the GUI
53Slide54
Tools to KnowEventcreate
is a CLI way to add an event to an event logw32tm controls and monitors the Win32 Time Servicewusa, wuaclt
control Windows Updatedsadd, dsmod, dsacls and the other ds* tools offer extensive (if complex) CLI AD control
Takeown
lets you take ownership of files and folders
54Slide55
Tools To Knowcacls
, xcacls, icacls and subinacl offer varying levels of control of permissions on files, folders, services
etcChml and regil let you control Windows Integrity Levels (WILs) on files/folders and Registry keys
And that's it… until the next collection!
55Slide56
SIA, WSV, and VIR Track Resources
DOWNLOAD Windows Server 2012
Release Candidate
microsoft.com/
windowsserver
#TEWSV350
DOWNLOAD
Microsoft System Center 2012 Evaluation
microsoft.com/
systemcenter
Hands-On Labs
Talk to our Experts at the TLCSlide57
Resources
Connect. Share. Discuss.
http
://europe.msteched.com
Learning
Microsoft Certification & Training Resources
www.microsoft.com/learning
TechNet
Resources for IT Professionals
http://microsoft.com/technet
Resources for Developers
http://microsoft.com/msdn Slide58
Evaluations
http://europe.msteched.com/sessionsSubmit your evals online