Network troubleshooting commands for Windows

Network troubleshooting commands for Windows

License Name:
prtgtrial

License Key:

000014-3KEKFM-8FFXZ6-96T5TH-BMXRQ9-RMMJB0-ARVDF7-V4AKTQ-7WQTHP-TGFHB9

Please save this license key as you will need it during the installation of the software.

PROBLEM DESCRIPTION

I need a list of common Windows commands to help me troubleshoot Websense in my network.

RESOLUTION

The Windows troubleshooting commands discussed in this document fall into three categories:

1. Determine which groups a user belongs

2. Helpful commands entered from the Start > Run dialog box

3. Comman-line tools for troubleshooting network connectivity

Determine which groups a user belongs

To generate a list of groups that a user belongs, open a command prompt and enter the following commands:

net user /domain

Replace with an actual user name. For example:

net user jdoe /domain

mstsc Opens the Remote Desktop (RDP) tool

winmsd Opens the System Information dialog box

inetcpl.cpil Opens the Internet Explorer Properties dialog box

odbccp32.cpl Opens the ODBC Data Source Administrator

mmc Opens the Microsoft Management Console (MMC)

services.msc Opens the Windows Services dialog box

eventvwr.msc Opens the Windows Event Viewer

dsa.msc Opens the Active Directory User and Computers management console

dssite.msc Opens the Active Directory Sites and Services management console

adminpak.msi Launches the Administration Tools Pack installer

dxdiag Opens the DirectX Diagnostic Tool

\\< Name or IP>\C$ Opens a UNC to the C: share

cmd Opens the Windows Command Prompt using the 32-bit cmd shell

arp -a Shows gateway MAC address.

gpresult Starts the Operating System Group Policy Result tool

ipconfig /all Displays the full TCP/IP configuration for all adapters

ipconfig /flushdns Flushes the DNS resolver cache. Helpful when troubleshooting DNS name resolution problems

nbtstat -a Obtains info from WINS or LMHOST (discovers who is logged on)

nbtstst -A Gets info from WINS or LMHOST (discovers who is logged on)

nbtstat -R Purges and reloads the remote cache name table

nbtstat -n Lists local NetBIOS names.

nbtstat -r Useful for detecting errors when browsing WINS or NetBIOS

netstat -ab The b switch links each used port with its application

netstat -an Shows open ports

netstat -an 1 | find "15868" Locates only lines with the number 15868 and redisplays every one second

netstat -an | find "LISTENING" Shows open ports with LISTENING status

net use Retrieves a list of network connections

net use file://1.2.3.4/ Sees if the machine can poll IP 1.2.3.4

net user Shows user account for the computer

net user /domain Displays user accounts for the domain

net user /domain Shows account details for specific user

net group /domain Shows group accounts for the domain

net view Displays domains in the network

net view /domain Specifies computers available in a specific domain

net view /domain: | more Shows user accounts from specific domain

net view /cache Shows workstation names

nslookup Looks up IP/hostnames and displays information helpful in diagnosing DNS issues

ping -a Resolves IP to Hostname

ping -t Pings host until stopped

set U Shows which user is logged on

set L Shows the logon server

telnet Confirms whether the port is open

et use %LOGONSERVER%

se this command to hit the Domain Controller resulting in DC Agent picking up the user name you logged onto the server with. An example of the command follows:

net use \\

Get MAC Address (Getmac.exe)Discovers the Media Access Control (MAC) address and lists associated network protocols for all network cards in a computer, either locally or across a network.

Hostname (Hostname.exe) Displays the host name of the current computer.

IP Configuration Utility (Ipconfig.exe) Displays all current Transmission Control Protocol/Internet Protocol (TCP/IP) network configuration values, and refreshes Dynamic Host Configuration Protocol (DHCP) and DNS settings.

Name Server Lookup (Nslookup.exe) Displays information about Domain Name System records for specific IP addresses and/or host names so that you can troubleshoot DNS problems.

Net services commands (Net.exe) Performs a broad range of network tasks. Type net with no parameters to see a full list of available command-line options.

Netstat (Netstat.exe) Displays active TCP connections, ports on which the computer is listening, Ethernet statistics, the IP routing table, and IPv4/IPv6 statistics.

Network Command Shell (Netsh.exe) Displays or modifies the network configuration of a local or remote computer that is currently running. This command-line scripting utility has a huge number of options, which are fully detailed in Help.

PathPing (Pathping.exe) Combines the functions of Traceroute and Ping to identify problems at a router or network link.

TCP/IP NetBIOS Information (Nbtstat.exe) Displays statistics for the NetBIOS over TCP/IP (NetBT) protocol, NetBIOS name tables for both the local computer and remote computers, and the NetBIOS name cache.

TCP/IP Ping (Ping.exe) Verifies IP-level connectivity to another internet address by sending Internet Control Message Protocol (ICMP) packets and measuring response time in milliseconds.

TCP/IP Route (Route.exe) Displays and modifies entries in the local IP routing table.

TCP/IP Traceroute (Tracert.exe) Determines the path to an internet address, and lists the time required to reach each hop. It’s useful for troubleshooting connectivity problems on specific network segments.

Ipconfig

– Quickly Find Your IP Address

You can find your IP address from the Control Panel, but this takes quite a few clicks. The ipconfig command is a fast way of determining your computer’s IP address and other information, such as the address of its default gateway — useful if you want to know the IP address of your router’s web interface.

ipconfig /flushdns – Flush Your DNS Resolver Cache

If you change your DNS server, the effects won’t necessarily take place immediately. Windows uses a cache that remembers DNS responses it’s received, saving time when you access the same addresses again in the future.

To ensure Windows is getting addresses from the new DNS servers instead of using old, cached entries, run the ipconfig /flushdns command after changing your DNS server.

ping, tracert – Troubleshoot Network Connection Issues

If you’re experiencing issues connecting to a website or other network connection issues, Windows and other operating systems have some standard tools you can use to identify problems.

First, there’s the ping command. Type ping google.com and Windows will send packets to Google.com. Google will respond and let you know it’s received them. You’ll be able to see if any packets didn’t make it to Google.com — perhaps you’re experiencing packet loss — and how long it took you to hear back — perhaps the network is saturated and packets are taking a while to reach their destinations.

There’s also the tracert command, which traces the route it takes for a packet to reach a destination. For example, run tracert google.com and you’ll see the path your packet takes to reach Google. If you’re having issues connecting to a website, tracert can show you where the problem is occurring.

For more information about using these commands, read our introduction to troubleshooting Internet connection problems.

shutdown – Create Shutdown Shortcuts on Windows 8

The shutdown command is particularly useful on Windows 8. You can use it to create your own shortcuts and place them on your Start screen or desktop, allowing you to more easily shut down Windows without digging through the charms bar or logging out first.

This command can also be used to restart your computer. On Windows 8, you can even use a special switch to restart your computer into the advanced startup options menu.

Shut Down: shutdown /s /t 0

Restart: shutdown /r /t 0

Restart Into Startup Options: shutdown /r /o

recimg – Create Custom Recovery Images

The Refresh Your PC feature on Windows 8 allows you to restore your computer’s system state to its original state — either from a clean Windows install or as the computer came from its manufacturer. You can create your own custom recovery images, but this feature is hidden — you have to do it with the recimg command from a command line. This allows you to removemanufacturer-installed bloatware or add your favorite desktop programs to your recovery image.

For more information about using recimg, read our overview of everything you need to know about creating and using custom recovery images on Windows 8.

wbadmin start backup – Create System Recovery Images

Windows 8.1 removes the Windows 7 backup interface, which allowed you to create system backup images. These system images contain a complete snapshot of every single file on the system, so they’re different from Windows 8’s recovery images.

While the graphical interface has been removed, system administrators and geeks can still create system image backups by running the wbadmin start backup cmdlet in a PowerShell window. Unlike all the other commands here, this command-line tool must be run from within PowerShell, not the Command Prompt.

sfc /scannow – Scan System Files for Problems

Windows includes a system file checker tool that scans its system files and looks for problems. If system files are missing or corrupted, the system file checker will repair them. This may fix problems with some Windows systems.

To use this tool, open a Command Prompt window as Administrator and run the sfc /scannowcommand.

telnet – Connect to Telnet Servers

The telnet client isn’t installed by default. You’ll have to install it from the Control Panel. Once installed, you can use the telnet command to connect to telnet servers without installing any third-party software.

You should avoid using telnet if you can help it, but if you’re connected directly to a device and it requires that you use telnet to set something up — well, that’s what you have to do.

cipher – Permanently Delete and Overwrite a Directory

The cipher command is mostly used for managing encryption, but it also has an option that will write garbage data to a drive, clearing its free space and ensuring no deleted file can be recovered. Deleted files normally stick around on disk unless you’re using a solid state drive. The cipher command effectively allows you to “wipe” a drive without installing any third-party tools.

To use the command, specify the drive you want to wipe like so:

ciper /w:C:\

netstat -an – List Network Connections and Ports

The netstat command is particularly useful, displaying all sorts of network statistics when used with its various options. One of the most interesting variants of netstat is netstat -an, which will display a list of all open network connections on their computer, along with the port they’re using and the foreign IP address they’re connected to.

Network CMD Commands

1. ipconfig

This command gives you the details of your Ethernet, WLAN (Wi-fi ) connection details like IP(Internet Protocol) address , DNS(Domain Name System ) and other information of your connections.

Ipconfig /all

This cmd code gives the complete details including adapter , BIOS , MAC address , auto configuration, DHCP( Dynamic Host Configuration Protocol) and all the details shown when ‘ipconfig’ was used.

Ipconfig /renew

Using this cmd code will renew all your IP addresses that you are currently (leasing) borrowing from the DHCP server. This command is a quick problem solver if you are having connection issues, but does not work if you have been configured with a static IP address.

Ipconfig /release

This cmd command allows you to drop the IP lease from the DHCP( Dynamic Host Configuration Protocol ) server.

Ipconfig /flushdns

This command is only needed if you’re having trouble with your networks DNS configuration. The best time to use this code is after network configuration frustration sets in, and you really need the computer to reply with flushed.

2. nslookup

Nslookup is used for diagnosing DNS problems. If you can access a resource by specifying an IP address but not it’s DNS you have a DNS problem.

3. ping

Ping is the most basic TCP/IP(Transmission Control Protocol) command, and it’s the same as placing a phone call to your best friend. You pick up your telephone and dial a number, expecting your best friend to reply with “Hello” on the other end. Computers make phone calls to each other over a network by using a Ping command. The Ping commands main purpose is to place a phone call to another computer on the network, and request an answer. Ping has 2 options it can use to place a phone call to another computer on the network. It can use the computers name or IP address.

4. netstat

Netstat displays a variety of statistics about a computers active TCP/IP Connections. This tool is most useful when you’re having trouble with TCP/IP applications such as HTTP, and FTP.

5. net view

This cmd command helps you know the devices connected to the same network to which your PC is connected. It shows the names of the devices connected to the same network.

6. arp –a

Arp –a shows the devices connected to the same network with their IP address and Mac address

To solve this problem, you should first check your IP address. Choose unique last three digits of your Router ip address (Each device will have unique IP address).

After choosing IP address go for DNS now. To get default DNS of your network use ‘ipconfig /all’ command in default mode (IP and DNS will be automatically obtained) and note down the DNS.

After changing the IP address use the same default DNS which you have noted or you can use

Google DNS 8.8.8.8 , 8.8.4.4 which ever gets connected use that. In this way you can get out of “Limited Internet access” problem.

I hope these CMD commands are more than enough to solve any kind of network connection Problem.

ASSOC

Most files in Windows are associated with a specific program that is assigned to open the file by default. At times, remembering these associations can become confusing. You can remind yourself by entering the command “assoc” to display a full list of file extensions and the programs they’re connected with.

You can also extend the command to change file associations. For example, “assoc .txt=” will change the file association for text files to whatever program you enter after the equal sign. The ASSOC command itself will reveal both the extension names and program names, which will help you properly use this command. You can probably do this more easily in the GUI, but the command line interface is a perfectly functional alternative.

Cipher

Deleting files on a mechanical hard drive doesn’t really delete them at all. Instead, it marks the files as no longer accessible and the space they took up as free. The files remain recoverable until they’re overwritten with new data, which can take some time.

The cipher command, however, can be used to wipe a directory by writing random data to it. To wipe your C drive, for example, you’d use the command “cipher /w:c”, which will wipe free space on the drive. The command does not overwrite undeleted data, so you will not wipe out files you need by running this command.

There’s also a host of other cipher commands, however, they are generally redundant with Bitlocker enabled versions of Windows.

Driverquery

Drivers remain among the most important software installed on a PC. Improperly configured or missing drivers can cause all sorts of trouble, so its good to have access to a list of what’s on your PC. That’s exactly what the “driverquery” command does. You can extend it to “driverquery -v” to obtain more information including the directory in which the driver is installed.

File Compare

This command can be used to identify differences in text between two files, and is particularly useful for writers and programmers trying to find small changes between two versions of a file. Simply type “fc” and then the directory path and file name of the two files you want to compare.

You can also extend the command in several ways. Typing “/b” compares only binary output, “/c” disregards the case of text in the comparison, and “/l” only compares ASCII text.

So, for example, you could use the following:

fc /l "C:\Program Files (x86)\example1.doc" "C:\Program Files (x86)\example2.doc"

to compare ASCII text in two word documents.

Ipconfig

This command relays the IP address that your computer is currently using. However, if you’re behind a router (like most computers today), you’ll instead receive the local network address of the router.

Still, ipconfig is useful because of its extensions. “ipconfig /release” followed by “ipconfig /renew” can force your Windows PC into asking for a new IP address, which is useful if your computer claims one isn’t available. You can also use “ipconfig /flushdns” to refresh your DNS address. These commands are great if the Windows network troubleshooter chokes, which does happen on occasion.

Netstat

Entering the command “netstat -an” will provide you with a list of currently open ports and related IP addresses. You’ll also be told what state the port is in – listening, established or closed. This is a great command if you’re trying to troubleshoot the devices your PC is connected to or you’re afraid you’re infected with a Trojan and are trying to locate a malicious connection.

Ping

Sometimes, you need to know whether or not packets are making it to a specific networked device. That’s where ping comes in handy. Typing “ping” followed by an IP address or web domain will send a series of test packets to the specified address. If they arrive and are returned, you know the device is capable of communicating with your PC; if it fails, you know that there’s something blocking communication between the device and your computer. This can help you decide if an issue is caused by improper configuration or a failure of network hardware.

Pathping

This is a more advanced version of ping that’s useful if there are multiple routers between your PC and the device you’re testing. Like ping, you use this command by typing “pathping” followed by the IP address, but unlike ping, pathping also relays some information about the route the test packets take.

Tracert

Powercfg

Powercfg is a very powerful command for managing and tracking how your computer uses energy. You can use the command “powercfg /hibernate on” and “powercfg /hibernate off” to manage hibernation, and you can also use the command “powercfg /a” to view the power-saving states currently available on your PC.

Another useful command is “powercfg /devicequery s1_supported” which displays a list of devices on your computer that support connected standby. When enabled, these devices can be used to bring your computer out of standby – even remotely. You can enable this by selecting the device in Device Manager, opening its properties, going to the Power Management tab and then checking the “Allow this device to wake the computer” box.

“Powercfg /lastwake” will show you what device last woke your PC from a sleep state. You can use this command to troubleshoot your PC if it seems to wake from sleep at random.

The “powercfg /energy” command can be used to build a detailed power consumption report for your PC, which is output to a directory indicated after the command finishes. This report will let you know of any system faults that might increase power consumption, like devices that are blocking certain sleep modes, or which aren’t properly configured to respond to your power management settings.

“powercfg /batteryreport”, which provides a detailed analysis of battery use, if applicable. Normally output to your Windows user directory, the report provides details about the time and length of charge and discharge cycles, lifetime average battery life, and estimated battery capacity.

Shutdown

As of Windows 8/8.1 there is now a shutdown command that – you guessed it! – shuts down your computer. This is of course redundant with the already easily accessed shutdown button, but what’s not redundant is the “shutdown /r /o” command, which restarts your PC and launches the Advanced Start Options menu, which is where you can access Safe Mode and Windows recovery utilities. This is useful if you want to restart your computer for troubleshooting purposes.

System File Checker

System File Checker is an automatic scan and repair tool that focuses on Windows system files. You will need to run the command prompt with administrator privileges and enter the command

“sfc /scannow”. If any corrupt or missing files are found, they’ll be automatically replaced using cached copies kept by Windows for just that purpose. The command can require a half-hour to run on older notebooks.

Recovery Image

Virtually all Windows 8/8.1 computers ship from the factory with a recovery image, but the image may include bloatware you’d rather not have re-installed. Once you’ve un-installed the software you can create a new image using the

“recimg” command. Entering this command presents a very detailed explanation of how to use it. You must have administrator privileges to use the recimg command, and you can only access the custom recovery image you create via the Windows 8 “refresh” feature.

Tasklist

The “tasklist” command can be used to provide a current list of all tasks running on your PC. Though somewhat redundant with Task Manager, the command may sometimes find tasks hidden from view in that utility.

There’s also a wide range of modifiers.

“Tasklist -svc” shows services related to each task, “tasklist -v” can be used to obtain more detail on each task, and “tasklist -m” can be used to locate .dll files associated with active tasks. These commands are useful for advanced troubleshooting.

Taskkill

Tasks that appear in the “tasklist” command will have an executable and process ID (a four-digit number) associated with them. You can force stop a program using “taskkill -im” followed by the executable’s name, or “taskkill -pid” followed by the process ID. Again, this is a bit redundant with Task Manager, but may be used to kill otherwise unresponsive or hidden programs.

Network troubleshooting commands for Windows

Admin

0 Response to "Network troubleshooting commands for Windows"

Post a Comment