Windows - One Liners
- Security
- Network
- Applications
- Performance
- File System
- Get Drive/Folder Owner
- Remove Folder With . At End Of It
- Remove Font Cache
- Shrink Windows Datastore.edb
- Updates
- System
Security
List Local Group Membership
net localgroup “Administrators” > C:\Servers.txtList and Logoff RDP Users Remotely
To get a list of the Remote Sessions in the command window (Get the session Id of user to kick out):
qwinsta /server:SERVERIPTo disconnect the remote session:
rwinsta /server:SERVERIP SESSIONIDFrom http://superuser.com/questions/62498/kicking-logging-out-remote-windows-users
Network
Add Multiple DNS Servers Via Command Line
netsh interface ipv4 add dnsserver name="Local Area Connection" address=192.168.100.48 index=2ICACLS Backup/Restore
Open an elevated cmd prompt.
Save
icacls E:\ /save "E:\ntfsDdrive.txt /t /cRestore
icacls E:\ /restore "E:\ntfsDdrive.txtApplications
List Installed Programs
gwmi win32_product | ft name, version, ident*Uninstall Applications
WMIC Uninstall
Check list of applications
wmic product where "name like '%java%'" get nameUninstall
wmic product where "name like '%Java%' or name like '%JRE%'" call uninstall
Powershell Uninstall
Check list of applications
Get-Package -ProviderName Programs -IncludeWindowsInstaller -Name 'ProgramNameHere'Uninstall
Uninstall-Package -ProviderName Programs -IncludeWindowsInstaller -Name 'ProgramNameHere'
Performance
File System
Get Drive/Folder Owner
GET-ACL “$Path”| Select-Object path, Owner -expand access | Select-Object @{n=”Path”;e={$_.Path.replace(“Microsoft.PowerShell.Core\FileSystem::”,””)}}, Owner, IdentityReference, FileSystemRights, AccessControlType, IsInheritedRemove Folder With . At End Of It
rd /s "\\?\C:\Documents and Settings\User\Desktop\Annoying Folder."From https://stackoverflow.com/questions/4075753/how-to
Remove Font Cache
forfiles /P C:\Windows\ServiceProfiles\LocalService\AppData\Local /M FontCache* /D -30 /C "cmd /c del @path"Shrink Windows Datastore.edb
esentutl.exe /d c:\Windows\SoftwareDistribution\DataStore\DataStore.edbUpdates
Remove Patches Via Command Line
Works on Windows Server 2008R2, 7, 8 and higher
- Find the list of packages installed on the machine with the issue by performing this command
dism /online /get-packages /format:tablefor ease of reading I did the following:
dism /online /get-packages /format:table > patches.txt- From the list get the Package Identity Name
Package_for_KB2870699~31bf3856ad364e35~amd64~~6.2.1.1
- Run this command to uninstall the update silently
DISM.exe /Online /Remove-Package /PackageName:Package_for_KB2870699~31bf3856ad364e35~amd64~~6.2.1.1 /quiet /norestartFrom https://arstechnica.com/civis/viewtopic.php?t=1217819
System
Restart in Safe Mode
1. Open Advanced Startup Options in Windows 10 or Windows 8, assuming you're using one of those operating systems. Since you can't start Windows properly, use method 4, 5, or 6 outlined in that tutorial.
With Windows 7 or Windows Vista, start System Recovery Options using your installation media or a system repair disc. Unfortunately, this process doesn't work with Windows XP.
Note: If you want to force or stop Safe Mode from starting, and you actually can access Windows properly, you don't need to follow the procedure below. See the much easier How to Start Windows in Safe Mode Using System Configuration process.
- Open Command Prompt.
Advanced Startup Options (Windows 10/8): Tap or click on Troubleshoot, then Advanced options, and finally Command Prompt.
System Recovery Options (Windows 7/Vista): Click on the Command Prompt shortcut.
- With Command Prompt open, execute the correct bcdedit command as shown below based on which Safe Mode option you'd like to start:
Safe Mode:
bcdedit /set {default} safeboot minimalSafe Mode with Networking:
bcdedit /set {default} safeboot networkSafe Mode with Command Prompt:
bcdedit /set {default} safeboot minimal
bcdedit /set {default} safebootalternateshell yesTips: Be sure to type whatever command you choose exactly as shown and then execute it using the Enter key. Spaces are very important! The { and } brackets are the ones above the [ and ] keys on your keyboard. Two separate commands are required to start Safe Mode with Command Prompt, so be sure to execute them both.
- A properly executed bcdedit command should return a "The operation completed successfully" message.
If you see "The parameter is incorrect", or "The set command specified is not valid", or "...is not recognized as an internal or external command...", or a similar message, check Step 3 again and make sure you executed the command properly.
- Close the Command Prompt window.
- In Windows 10 and 8, tap or click on Continue.
In Windows 7 and Vista, click the Restart button.
- Wait while your computer or device restarts.
- Once Windows starts, log in as you normally do and use Safe Mode however you were planning.
Important: Windows will continue to start in Safe Mode every time you reboot unless you undo what you did in Step 3. The easiest way to do that is not by executing more commands, but via System Configuration. See How to Start Windows in Safe Mode Using System Configuration and follow steps 8 through 11 in that tutorial.
How to Stop a Safe Mode Loop
If Windows is stuck in a sort of "Safe Mode Loop," preventing you from starting in normal mode again, and you've tried the instructions I gave in the Important call-out from Step 8 above but haven't been successful, try this:
- Start Command Prompt from outside of Windows, the process outlined in Steps 1 and 2 above.
- Once Command Prompt is open, execute this command:
bcdedit /deletevalue {default} safeboot- Assuming it was successfully executed (see Step 4 above), restart your computer and Windows should then start normally.
From https://www.lifewire.com/how-to-force-windows-to-restart-in-safe-mode-2625163