|
|
In this section, we review some of the networking commands and procedures on Windows 2000 and Windows Server 2003, and we discuss how to connect to a system via modem and determine and set the system's host name.
Each net command is identified here but its detailed description may actually appear in another section. When this is the case, we refer you to that section.
The arp (Address Resolution Protocol) command displays and changes the IP to an Ethernet (or Token Ring) physical address translation table. The syntax for arp is
arp –option inet_addr eth_addr [if_addr]
The inet_addr is the Internet address; the eth_addr is the Ethernet address; and the if_addr is the address translation table to be modified for the Internet address of the network interface. See Table A.43 for options.
|
Option |
Description |
|---|---|
|
/-a |
Displays all ARP entries in the current protocol data. When the inet_addr is specified, the specific IP and physical address are displayed. |
|
/-g |
Performs the same function as –a. |
|
/-N |
Displays the specified if_addr network interface. |
|
/-d |
Deletes the inet_addr host. All hosts can be deleted by using the wildcard with inet_addr. |
|
/-s |
Associates the Internet address with the physical address (presented as 6 hexadecimal bytes separated by hyphens). |
The HyperTerminal application is bundled with Windows Server 2003 and enables a user to dial out to another computer via modem. It is accessed by selecting Start 
Programs Accessories HyperTerminal.
Take the following steps to set up and connect to a remote location:
In the Connect Description window, enter the name of the connection you wish to make, such as "Microsoft BBS."
Click OK to display the Connect To window. Enter the appropriate information in the Country Code, Area Code, Phone #, and Connect Using text boxes to identify the number you wish to call using which modem installed on the system.
After entering the phone number and modifying any other field, the Connect To window displays (Figure A.7). Change the phone number as well as the configuration of the local modem, including baud rate, data bits, and parity via the Modify button.
Click Dialing Properties to define the location from which to dial; include dialing prefixes to access an outside line or to turn off call waiting.
Click Dial to display the status of the modem, such as disconnected.
Click Dial Now to initiate the connection process.
To transfer files between systems, select Transfer from the menu bar; then Send File to send a file or Receive File to receive one. Within each of these options, the transfer protocol can be selected. To terminate a session, select the Disconnect icon from the toolbar or select Call Disconnect from the menu bar.
The file transfer protocol, ftp, command enables a user to transfer files between systems that have ftp installed and running. See Table A.44 for options list. Its syntax is
ftp [options] [hostname]
The hostname is the name or IP address of the remote system. When given, the ftp command establishes a connection with that system. Otherwise, it goes into command mode waiting for the user to enter a command. A list of the available ftp commands can be retrieved by entering help at this point. Given the number of commands available, we do not discuss them here but recommend that you refer to Windows Server 2003 Help.
|
Option |
Qualifier |
Description |
|---|---|---|
|
-d |
Turns on the debugging option, which displays all ftp commands that are passed between the systems. |
|
|
-g |
Turns off file name "globbing," which means that wildcard characters are not expanded. |
|
|
-I |
Turns off interactive prompting, which means that ftp will automatically execute a given command for all file names entered. |
|
|
-n |
Does not allow auto-logon when the initial connection is made. Instead, the user must log on to the remote system. |
|
|
-s |
:filename |
The file name qualifier is the name of a file that contains ftp commands that are executed immediately upon connection. Do not include spaces in this parameter. |
|
-v |
Does not display responses from the remote system. |
|
|
-w |
:size |
Changes the size of the transfer buffer to size. The default is 4096. |
The trivial file transfer protocol (tftp) is a nonsecure version of ftp. Its use is generally not recommended, and it should not be enabled.
The host name is the name of a device that is on the network, which can be the computer name. In Windows Server 2003 it can be displayed from the command prompt by entering hostname. To identify the computer's full name and domain, click Control Panel, select System Properties, and select the Network Identification tab.
TCP/IP network configuration values are displayed by an ipconfig diagnostic command. They are the DNS suffix, IP address, subnet mask, and default gateway. When the /all option is used, much additional information is output, including the host name, node type, adapter physical address, and more. The syntax used is
ipconfig [/all] [/renew] [/release]
The ipconfig command is of great value when running DHCP because it permits the identification of DHCP-configured TCP/IP values. The /renew option reaffirms the current DHCP values. The /release option disables the related TCP/IP configuration values.
The ipBxroute command permits the viewing and modification of routing-table data employed by the IPX protocol, which uses options different from those for source routing. The ipxroute syntax for IPX is
ipxroute servers [type=x] ipxroute stats [/show] [/clear] ipxroute table
The syntax for source routing is
ipxroute board=n ipxroute config nbtstat Command
The nbtstat command is a diagnostic tool that displays current TCP/IP data and connections using NetBIOS over TCP/IP (NBT). See Table A.45 for an options list. The syntax is
nbtstat [- a remotename] [-A IP address] [-c] [-n] [-R] [-r] [-S] [-s] [interval]
|
Option |
Qualifier |
Description |
|---|---|---|
|
-a |
remotename |
Lists the remote computer's name table. |
|
-A |
IP address |
Lists the remote computer's address. |
|
-c |
Lists the NetBIOS cache including the IP addresses. |
|
|
-n |
Lists the NetBIOS registration by type. |
|
|
-R |
Loads the lmhost file after deleting the NetBIOS cache. |
|
|
-r |
Lists WINS name-resolution statistics. |
|
|
-S |
Lists client and server connections. For remote computers, these are listed by IP address. |
|
|
-s |
Lists client and server connections and converts IP addresses to names. |
The netstat command displays protocol statistics and current TCP/IP connection information. See Table A.46 for an options list. The syntax is
netstat [options]
Without options, the output includes
Proto— the protocol used by the connection, such as TCP/IP.
Local Address— either the IP address or host name of the local system as well as the connection's port number displayed as name:port. An asterisk displays in the port field if it hasn't been established yet.
Foreign Address— displays either the IP address or the host name of the remote system as well as the port number, displayed as name:port.
State— the state of the TCP/IP connection. Some examples are CLOSED, ESTABLISHED, and LAST_ACK.
|
Option |
Qualifier |
Description |
|---|---|---|
|
-a |
Displays the status of all connections and listening ports. |
|
|
-e |
Displays Ethernet statistics. |
|
|
interval |
Displays statistics after each interval, where interval is the number of seconds between capturing statistics. To terminate the display, press CTRL+C. This option should be the last one on the command line. |
|
|
-n |
Displays addresses numerically—for example, the IP address instead of the host name. |
|
|
-p |
protocol |
Displays the connections for the protocol given. Acceptable values are tcp and udp. If the -s option is also used, icmp or ip are also acceptable values. |
|
-r |
Displays the network routing tables. |
|
|
-s |
Displays protocol statistics for tcp, ucp, icmp, and ip. To reduce the number of protocols displayed, use this in conjunction with the -p option. |
The nslookup command provides data from the Domain Name System (DNS) server(s) both interactively and noninteractively. It also supports more than a dozen subcommands. With nslookup, the IP address of a host can be identified or a reverse lookup performed. The syntax is
nlslookup [-subcommand] [IP address]
The ping command is used to test and verify network connections by sending ICMP (Internet Control Message Protocol) data packets to a remote computer and waiting for a reply. By default, four packets are transmitted and validated when received. See Table A.47 for an options list. The syntax of this command is
ping [options] hostname(s)
The host name(s) is the remote computer whose network connections you wish to test. It may contain either the host name itself or the IP address.
|
Option |
Qualifier |
Description |
|---|---|---|
|
-a |
Converts numerical addresses to their corresponding host names. |
|
|
-f |
Includes a flag in the data packet that instructs the gateways not to fragment the data. |
|
|
-i |
time |
Sets the Time to Live field in the echo request packet to time, where time can be a value from 0 to 255. |
|
-j |
list |
Routes the data packets through up to 9 host names contained in list. This option allows loose source routing, which means that intermediate gateways may separate consecutive hosts. -j cannot be used in conjunction with the -k option. |
|
-k |
list |
Routes the data packets through up to 9 host names contained in list. This option allows strict source routing, which means that intermediate gateways may not separate consecutive hosts. -k cannot be used in conjunction with the -j option. |
|
-l |
length |
Sends echo packets containing the amount of data specified by length. The default is 32 bytes; the maximum is 65,527. |
|
-n |
count |
Defines the number of packets (count) transmitted before terminating the ping command. Zero is the default, where ping keeps running until receiving an interrupt signal. |
|
-r |
count |
Sends the echo request directly to the host, bypassing routing tables. |
|
-t |
Only for multicast addresses, sets the Time-to-Live (TTL) field in the echo request packet (datagram), where TTL is a value from 0 to 255. The Time-to-Live field defines the maximum number of systems through which the packet can be sent. For example, a TTL of 0 limits the datagram to the local system. A TTL of 1 (the default) limits the transmission to systems directly connected to the default interface address (or the address specified by the -i option). |
|
|
-v |
type |
Displays other packets received in addition to the echo request packets. |
|
-w |
time |
Defines the timeout interval in milliseconds. |
The pathping tool combines ping and tracert plus additional information. The statistics it provides allow network router or link problems to be identified. The pathping command forwards packets to routers and then computes the results based on returned packets for each network hop. See Table A.48 for an options list. Its syntax is
pathping [-n] [-h maximum_hops] [-g host-list] [-p period] [-q num_queries] [-w timeout]target_name
|
Option |
Qualifer |
Description |
|---|---|---|
|
-n |
Does not resolve host names. |
|
|
-m |
maximum_hops |
Sets the maximum number of hops. |
|
-g |
Lists hosts within the intermediate gateways. |
|
|
-p |
period |
Specifies the milliseconds to wait between pings; default is 250. |
|
-n |
num_queries |
Specifies the number of queries to each computer; default is 100. |
|
-w |
timeout |
Specifies the milliseconds to wait for a response; the default is 3000 (or 3 seconds). |
The rcp command copies files between networked machines, including UNIX systems. It must be initiated by Windows Server 2003, and other systems must be running rshd, the remote shell daemon, and have the RCP utility installed. See Table A.49 for a list of options. The syntax for this command is
rcp [options] host.user:srcfile(s) host.user:dest-file
The host.user:srcfile(s) parameter is the name of the file to be copied to another system. It breaks down as follows:
host— the name of the source computer system. It is required only if the source system is different from the system from which the command was executed, or if a specific user name must be entered. The host can be either the host name or the IP address.
user— the logon name of the user whose files are being copied. It is required when the host is entered as an IP address and when copying files that belong to another user.
srcfile— the name of the file being copied. It may contain the entire path, if necessary, to locate the file if it is not in the current directory or in the user's logon directory when host.user is used.
|
Option |
Description |
|---|---|
|
-a |
Copies files in ASCII mode. This is the default. |
|
-b |
Copies files in binary mode. |
|
-h |
Copies files that have the Hidden attribute set. By default, these files are not copied even if they are specifically requested. |
|
-r |
Copies the contents of a directory and its subdirectories. This is considered a recursive copy. Both the source-file and the dest-file should be directories. |
The parameter host.user:dest-file is the name of the destination file or directory to which the file is copied. If more that one srcfile is listed, dest-file must be a directory. The host.user portion identifies the remote system as well as the logon name of the destination system. If the host.user:dest-file parameter is omitted, the local system is considered the default.
For the rcp command to be successful with UNIX systems, the .rhosts file must exist in the user's home directory on the remote computer. This file contains the host name of the local system as well as the user's name. It is recommended that the host name of the local system also be included in the remote system's /etc/hosts or /etc/hosts.equiv file.
The route command is used to manage and manipulate network routing tables under TCP/IP environments. See Table A.50 for an options list. Its syntax is
route [-f] [-p] [command [destination] [mask subnetmask] [gateway] [metric costmetric]]
The -f parameter option clears all gateway routing tables. The -p parameter option is employed in conjunction with the add command to create a persistent route across boots of the system. (By default, routes are not preserved between system boots.)
Other parameters used with the route command are
destination— determines the computer from which to send command.
mask subnetmask— identifies a subnet mask to be associated with this route entry; the default is 255.255.255.255.
gateway— identifies the gateway.
metric costmetric— specifies an integer cost metric (from 1 to 9999) used in calculating the fastest, most reliable, and/or least expensive routes.
|
Command |
Description |
|---|---|
|
Add |
Adds a route. |
|
|
Prints a route. |
|
Delete |
Deletes a route. |
|
Change |
Changes the current route. |
|
Option |
Qualifier |
Description |
|---|---|---|
|
-l |
user |
Logon to the remote computer uses the name represented by user. When not used, logon is the user executing the rsh command. |
|
-n |
Redirects the input to NULL. |
When the Remote Shell Service is running, the rsh command permits a user to execute commands on a remote system. See Table A.51 for an options list. The syntax is
rsh hostname [options] command
The hostname parameter is the name of the system on which you wish to run a command. The command parameter contains the command to be run on the remote system.
When the RSHutility is run from a Windows Server 2003, the primary domain controller must be available to validate the name of the user currently logged on. Also, to access a remote UNIX system, an .rhosts file should exist in the user's home directory. This file contains both the host names and the logon names of computers and users who have access to this remote system.
Using telnet enables a user to connect to and communicate with another system using that system's own protocol. To access telnet within Windows 2000 and Windows Server 2003, select Start Programs Accessories telnet. To connect to a remote system:
Select Connect from the menu bar.
Select Remote System.
In the Connect window, select or enter the Host Name, Port, and TermType (terminal emulation type).
Click Connect.
From the Terminal menu, select Preferences to define default preferences such as cursor type, terminal emulation, and fonts.
From the command prompt, simply type telnet to launch the telnet window; however, it is important to understand that this is a telnet client only. To accept telnet sessions from other systems, you must install the telnet Server, which is included on the Windows Server 2003 Resource Kit.
Windows Server 2003 provides a series of commands, known as net commands, that may be executed from the prompt or within batch files. Many of them can be performed through the graphical interface, but users sometimes prefer to use the command-line interface instead.
All of the net commands are identified here with at least a brief description. When necessary, we have indicated the section where a more detailed definition may be found.
The common options available for all net commands are described in Table A.52.
|
Option |
Description |
|---|---|
|
/no |
Automatically responds to any prompt the net command issues with a "no." An alternative format is /n. |
|
/yes |
Automatically responds to any prompt the net command issues with a "yes." An alternative format is /n. |
The net accounts command allows authorized users to update the user accounts database. In addition, it facilitates modifications to the password and logon requirements for all users. For net accounts to execute properly, the Net Logon service must be running on the system that contains the accounts you wish to change. See Table A.53 for an options list. The syntax is
net accounts [options]
When net accounts is run without options, the current settings for password, logon limitations, and domain information are displayed.
|
Option |
Qualifier |
Description |
|---|---|---|
|
/forcelogoff |
:minutes |
Defines the number of minutes a user has before the system automatically logs him off after the expiration of either the account or logon time. The variable minutes can be numeric or the value "no." The value "no" is the default and does not allow a forced logoff. When a numeric value is entered for minutes, a warning is sent to the user. |
|
/minpwlen |
:length |
Defines the minimum password length for a user account password. Acceptable values are 0 through 14, with 6 being the default. |
|
maxpwage |
:days |
Defines the maximum number of days that a password is valid. Acceptable values for days are 1 through 49, 710, and "unlimited," which means that the password does not expire. The value used here must be greater than that defined for the /minpwage option. |
|
/minpwage |
:days |
Defines the minimum number of days that must pass before a user can change his password. Acceptable values are 0 through 49 and 710, with 0 as the default, which means that no limitations are set. |
|
/uniquepw |
:number |
Defines the number of password changes that must occur before a password can be reused. Acceptable values are 0 through 8, with 5 as the default. |
|
/domain |
Updates the user accounts database based on the parameters given for the primary domain controller of the current domain. Omitting this parameter updates the database on the current system. |
|
|
/sync |
Can only be used with the /domain option. It synchronizes the user account database. When executed from the primary domain controller, all backup domain controllers are synchronized. When executed from a backup domain controller, the backup is synchronized with the primary. |
To synchronize the user account databases on all member servers, enter
net accounts /sync
If you are currently using a Windows Server 2003 workstation and want to set the minimum password length to 10 characters for the domain to which the workstation is connected, enter
net accounts /minpwlen:10 /domain
The net computer command enables the user to add or delete computers from the domain database. These modifications are automatically forwarded to the primary domain controller. net computer can only be executed from a server. Its syntax is
net computer \\computername option
The \\computername parameter is the name of the computer to add or delete. The option parameter can contain one of two options: /add to add the computer name to the domain; and /del to delete the computer name from the domain.
To delete the computer \\incy from the domain, enter the following:
net computer \\incy /del
Executing the net config command without parameters displays the services that are both configurable and running. With the appropriate parameters and options, this command enables a system administrator to permanently change the settings for a running service.
Two variations of net config are net config server and net config workstation. A discussion of both follows.
The net config server command either displays or modifies the settings of the Server service while the service is running. Any changes are permanent. See Table A.54 for an options list. The syntax of this command is
net config server [options]
Executing the net config server command without options will display the current settings for the Server service. An example of the output display follows:
Server Name \\incy Server Comment Software version Windows Server 2003 Server is active on NetBT_NDISLoop1 (204c4f4f5020) NetBT_NDISLoop1 (204c4f4f5020) Server hidden No Maximum Logged On Users Unlimited Maximum open files per session 2048 Idle session time (min) 15 The command completed successfully.
|
Option |
Qualifier |
Description |
|---|---|---|
|
/autodisconnect |
:time |
Sets the maximum amount of time that a user's login session can be idle before it is automatically disconnected. Acceptable values are –1 through 65535 minutes, with 15 minutes as the default. Setting time to –1 instructs the service to never disconnect an idle user. |
|
/hidden |
:{yes | no} |
Determines whether the computer name of the server will display on the lists of servers depending on whether yes or no is entered as the qualifier. The default is no. |
|
/srvcomment |
:"text" |
Defines a message that can be displayed in many Windows Server 2003 windows as well as with the net view command. The qualifier text can be 48 characters long. The quotation marks are required. |
To disconnect users after 30 minutes of idle time, enter the following command:
net config server /autodisconnect:30
The net config workstation command either displays or permanently modifies the settings of the Workstation service while the service is running. See Table A.55 for an options list. The command syntax is
net config workstation [options]
Executing the net config workstation command without options will display the current settings for the Workstation service on the local computer. The following is an example of the output display:
Computer name \\incy User name Administrator Workstation active on NetBT_NDISLoop1 (204C4F4F5020) Software version Windows Server 2003 Workstation domain BOOK Logon domain BOOK COM Open Timeout (sec) 3600 COM Send Count (byte) 16 COM Send Timeout (msec) 250 The command completed successfully.
|
Option |
Qualifier |
Description |
|---|---|---|
|
/charcount |
:bytes |
Sets the number of bytes of data to be collected prior to sending them to a communications device. Acceptable values are 0 through 65535, with 16 bytes as the default. |
|
/chartime |
:msec |
Sets the number of milliseconds (msec) for collecting data prior to sending it to a communications device. Acceptable values for msec are 0 through 65,535,000 milliseconds, with 250 milliseconds as the default. |
|
/charwait |
:sec |
Specifies the number of seconds (sec) to wait for a communications device to become available. Acceptable values are 0 through 65535 seconds, with 3600 seconds as the default. |
If both the /charcount:bytes and /chartime:msec options are used, Windows Server 2003 sends data to a communication device based on whichever parameter is fulfilled first.
The net continue command reactivates a service that has been suspended by the net pause command, without canceling a user's connection. The syntax is
net continue service
Acceptable values for the service parameter for standard services follow. Other services may be acceptable depending on what is installed on the system.
ftp publishing service
lpdsvc
Net logon
Network dde
network dde dsdm
lm security support provider
remoteboot (at the Windows Server 2003 level only)
remote access server
Schedule
Server
Simple TCP/IP services
Workstation
|
Option |
Description |
|---|---|
|
id |
Enters the identification number of the file, which is found in the first column of the net file list that displays all open files. |
|
/close |
Must be used in conjunction with the id option. It closes the file represented by the identification number, id. |
The ability to share files among computer systems and users is at the heart of a networked system. These shared files can be periodically left open or locked to prohibit access. The net file command enables the user to display both the names of any open shared file and the number of locks on it. In addition, it can close shared files and remove file locks. The syntax for net file is
net file [options]
When used without options, the command displays a list of all shared open files on the server as well as the number of locks each file has. The two possible options are shown in Table A.56.
The net group command permits the addition, display, or modification of global groups on Windows Server 2003 domains and can be run only from these domains. Users who work together or who have the same requirements for system use are usually classified as members of the same group. Table A.57 lists the options available for the net group command.
It is important to remember that the net group command deals with global groups. In essence, this means that group members can only be from the domain in which the group was created, but they can be assigned privileges anywhere in the network as long as there is a trust relationship among domains.
There are three syntax formats for this command:
net group [options] net group groupname [options] net group groupname user(s) [options]
When the net group command is executed without options, the display will include the name of the server as well as the name of each group on it. When the group name is displayed, it is preceded by an asterisk, which assists the user in differentiating group from user names when both are displayed.
|
Option |
Qualifier |
Description |
|---|---|---|
|
groupname |
/comment:"text" or /action |
Enters the name of the group (groupname) to add, modify, or delete. When used without qualifiers (net group groupname), users in that group are displayed. When used with just the qualifier /comment:"text", the comment, text, is added to the existing group name entered, where text can be 48 characters long and must be enclosed in quotes. The /action qualifier either adds the group name as new or deletes it. Acceptable values for /action are /add and /delete. When using the /add qualifier, the /comment:"text" option can be used as well as in the format: net group groupname /add /comment:"text". |
|
user(s) |
/action |
Lists the user(s) to be added to or deleted from group name based on the action given. Acceptable values for /action are /add and /delete. If more than one user is entered, separate them with a space character. |
|
/domain |
Can be used with any of the syntax formats and is necessary only when executing the command from a workstation that is a member of a Windows Server 2003 domain. The option causes the net group command to execute on the primary domain controller of the current domain. The default (without this option) is to execute the command for the local computer. |
To display all the users in the group sales1, enter
net group sales1
To add a comment to the record for this group, enter
net group sales1 /comment:"Direct Sales Personnel"
To add a group called sales2 and include a comment, enter
net group sales2 /add /comment:"Indirect Sales Personnel"
To delete the user gregh from sales1 and add the user to sales2, enter
net group sales1 gregh /delete net group sales2 gregh /add
The net localgroup command enables the addition, deletion, or modification of local groups. Remember that a local group can contain users from the domain in which it was created as well as global users and global groups from other domains that have a trust relationship with that domain. One difference between a local group and a global group is that the former can be assigned privileges only in its own domain, whereas the latter can be assigned privileges in trusted domains. See Table A.58 for an options list.
The three syntax formats for the net localgroup command are
net localgroup [options] net localgroup groupname [options] net localgroup groupname name(s) [options]
|
Option |
Qualifier |
Description |
|---|---|---|
|
groupname |
/comment:"text" or /action |
Enters the name of the local group (groupname) to add, modify, or delete. When used without qualifiers (net localgroup groupname), the users and global groups within the local group groupname are displayed. When used with just the qualifier /comment:"text", the comment, text, is added to the existing group name entered, where text can be 48 characters long and must be enclosed in quotes. The /action qualifier either adds the group name as new or deletes it. Acceptable values are /add and /delete. When using the /add qualifier, the /comment:"text" option can be used as well as in the format net localgroup groupname /add /comment:"text". |
|
name(s) |
/action |
Lists the name(s) to be added to or deleted from groupname based on the action given. Acceptable values include either local users or users on trusted domains or global groups. If more than one name is entered, separate them with a space. Acceptable values are /add and /delete. |
|
/domain |
Can be used with any of the syntax formats and is necessary only when executing the command from a workstation that is a member of a Windows Server 2003 domain. The option causes the net localgroup command to execute on the primary domain controller of the current domain. The default (without this option) is to execute the command for the local computer. |
When the net localgroup command is executed without options, the display will include the name of the server as well as the name of each local group on it.
To display all the users in the group tech1, enter
net localgroup tech1
To add a comment to the record for tech1, enter
net localgroup tech1 /comment:"Primary Tech Support Team"
To add a group called tech2 and include a comment, enter
net localgroup tech2 /add /comment:"Secondary Tech Support Team"
To add the names nancyd and phill from the helpdesk domain and global group sales2, respectively, to the tech2 local group, enter
net localgroup tech2 nancyd helpdesk\phill sales2 /add
The net help command provides help for the Server's net commands by listing all of the commands or by providing detailed information on a requested one. This command is discussed in more detail in the "Display Commands" section.
The net helpmsg command displays an explanation for the requested Windows Server 2003 error message. This command is discussed in more detail in the "Display Commands" section.
The net name command adds, deletes, or displays names that are authorized to receive messages. These names are used only for messaging and must be unique throughout the network. In Windows Server 2003 three types of names—computer, user, and messaging—are set up by net name. In order to execute this command, the Messenger service must be running. For more information, please refer to the "Miscellaneous Commands" section.
The net pause command is used to suspend a Windows Server 2003 service or resource. Pausing a service instead of stopping it enables current users to continue working while prohibiting new users from gaining access. System administrators sometimes do this in order to warn users and give them an opportunity to finish what they are doing. The net continue command reactivates a service that has been paused. Its syntax is
net pause service
The service parameter is required and can be one of the following standard services. Other services may also be available depending on the configuration of your system.
File server for Macintosh (at the Windows Server 2003 level only)
ftp publishing service
lpdsvc
Net logon
Network dde
Network dde dsdm
lm security support provider
remoteboot (at the Windows Server 2003 level only)
Remote access server
Schedule
Server
Simple TCP/IP services
Workstation
The net print command displays information about both printer queues and printer jobs. Print jobs can also be deleted, put on hold, or reactivated. This command is described in more detail in the "Print Commands" section.
The net send command uses the Messenger service to send messages to users, computers, and messaging names set up on the network. It is described in more detail in the "Miscellaneous Commands" section.
The net session command provides a list of the current sessions between the local computer and its clients, and it enables an administrator to disconnect them. A session between the client and the server is established when a user contacts a server from a client computer and successfully logs on.
The syntax for net session is
net session [\\computername] [/delete]
The net session command can only be executed from a server. When run without parameters, its display will contain the following information regarding each session on the local computer: computer name, user name, client type, number of open files, and idle time.
The \\computername parameter is the name of the computer for which you wish to list sessions. If specified, the user name, computer name, guest logon, client type, session time, idle time, and a list of all the shared resources connected to the user are displayed. The shared resource list includes the share name, the type of resource, and the number of open files.
The /delete parameter is used to disconnect a session with the \\computername given. If the \\computername parameter is not used, /delete will disconnect all sessions associated with the server.
The net share command displays, creates, or deletes shared resources. Once created, a shared resource is available immediately and remains shared until it is deleted. See Table A.59 for an options list. There are three syntax formats for this command:
net share sharename [options]
net share sharename=drive:path [options]
net share {sharename | drive:path } /delete
|
Option |
Description |
|---|---|
|
/delete |
Stops sharing the resource identified by either sharename or drive:path. |
|
/users:number |
Sets the maximum number of users that can access a shared resource at the same time. This option cannot be used in conjunction with /unlimited. |
|
/unlimited |
Allows an unlimited number of users to access a shared resource simultaneously. This option cannot be used in conjunction with /users:number. |
|
/remark:"text" |
Defines a comment, text, to be associated with the shared resource. Surround the text of the comment with quotes. |
When net share is executed without options or parameters, it displays the share name, the device name or path, and a comment field for all shared resources on the local system.
The sharename parameter contains the name by which the network refers to the shared resource. The command net share sharename displays the share name, path, remark, maximum number of users, and users connected to the share.
To establish a directory share, use the parameter sharename=drive:path, where sharename is the network name for the directory and drive:path is the absolute path of the directory being shared. Remember to enclose the drive:path in quotes if there is a space in the directory name.
To share the directory c:\customers with the name contacts, limit the access to a maximum of 15 users, and include a comment, enter the following:
net share contacts:c:\customers /user:15 /remark:"Contact Information"
To remove the share when the shared resource is no longer needed, enter
net share taskforce /delete
The net statistics command, also known as net stats service, displays network statistics information for either the Workstation or the Server service. The syntax is
net statistics [service]
Running net statistics without specifying a service will display a list of the services that are running and for which there are statistics. Acceptable values for the service parameter are the words "Workstation" and "Server" (not the actual name of the server or workstation).
Running net statistics server displays the following statistics for the local server:
Number of sessions started, timed-out, or terminated due to an error
Number of kilobytes sent and received
Average response time
Number of system errors and permission and password violations
Number of files and communication devices accessed
Number of print jobs spooled
Number of times the memory buffer was exceeded
Running net statistics workstation displays the following statistics for the local workstation:
Number of bytes and Server Message Blocks (SMB) received and transmitted
Number of read and write operations
Number of failed read and write operations
Number of network errors
Number of successful and failed connections to shared resources
Number of reconnections to shared resources
Number of sessions started, failed, and disconnected
Number of failed operations
Total use count and the total failed use count
The net start command either displays services that are currently running or starts a new service. The syntax is
net start service
Executing net start without the service parameter will provide a list of the services currently running. The service parameter is the name of the service you wish to start. (If that name contains more than one word, be sure to enclose it in quotes.) Table A.60 identifies the Windows .NET services that may be started with this command along with a brief description.
The net stop command stops the Windows .NET service named. The syntax is
net stop service
Executing net stop without the service parameters will display a list of the valid services. The service parameter can be any of the standard services listed in Table A.60 as well as any other services that were installed on your system.
The net time command allows the user to synchronize the time across the network between the current system and another domain (or computer). It also allows the user to display the time for any system on the network. This command is described in more detail in the "Miscellaneous Commands" section.
|
Service |
Description |
|---|---|
|
Alerter |
Enables alert messages to be sent to specific users and users connected to the server. Must be used in conjunction with the Messenger service. |
|
Client Service for NetWare |
Available only on Windows 2003 Workstation when Client service for NetWare has been installed. Starts the Client service for NetWare. |
|
ClipBook Server |
Enables cutting and pasting over the network. |
|
Computer Browser |
Enables computers to be browsed over the network and the computer starting the service to be browsed by other computers on the network. The alternative command is net start browser. |
|
DHCP Client |
Allows IP addresses to be retrieved from a DHCP server. |
|
Directory Replicator |
Ensures that designated files are the same on all requested servers. These files and servers must be set up prior to starting this service. The alternative command is net start replicator. |
|
Eventlog |
Logs any type of system, security, or application event that requires a notification to be sent to users. This service cannot be stopped or paused and must be running to use the Event Viewer. |
|
File Server for Macintosh |
Allows file sharing with Macintosh computers and is available only on Windows Servers. |
|
FTP Publishing Service |
Available only if the Internet Information server is installed. |
|
Gateway Service for NetWare |
Available only if the Gateway Service for NetWare is installed. |
|
Lpdsvc |
Enables UNIX clients to print via a printer connected to a Windows Server 2003 computer, available only if the TCP/IP protocol has been installed. |
|
Messenger |
Enables a computer to receive messages. |
|
Microsoft DHCP Server |
Provides network clients with IP addresses and is available only on Windows Servers and if both TCP/IP and the DHCP server have been installed. The alternative command is net start dhcpserver. |
|
Net Logon |
Verifies requests to log on and controls copies of the user accounts database in the domain. This service is started on all servers in a domain that use a copy of the domain's user accounts database. The alternative command is net start netlogon. |
|
Network DDE |
Starts the Network Dynamic Data Exchange service. |
|
Network DDE DSDM |
Starts the Network Dynamic Data Exchange Share Database Manager service. |
|
Network Monitor Agent |
Enables remote monitoring of a client machine's network communication. |
|
LM Security Support Provider |
Available only if the LM Security Support Provider is installed. |
|
Print Server for Macintosh |
Enables printing from Macintosh computers and is available only on Windows Server 2003. |
|
Remoteboot |
Permits networked computers to load the operating system from the server and is available only on Windows Server 2003. |
|
Remote Access Connection Manager |
Allows remote access to the network through a dial-up connection and is available only if the Remote Access service is installed. |
|
Remote Access ISNSAP Service |
Available only if the Remote Access service is installed. |
|
Remote Access Server |
Available only if the Remote Access Service is installed. |
|
Remote Procedure Call (RPC) Locator |
Allows applications to use the Microsoft RPC name service and manages the RPC name service database. |
|
Remote Procedure Call (RPC) Service |
Allows applications to use dynamic endpoints and manages the endpoint map database. |
|
Schedule |
Enables use of the at command to start programs at a specified time. |
|
Server |
Enables a computer to share resources, such as files and printers, on the network, and provides RPC support. |
|
Simple TCP/IP Services |
Activates the TCP/IP services of Character Generator, Daytime, Discard, Echo, and Quote of the Day and is available only if TCP/IP and the simple TCP/IP service are installed. |
|
SNMP |
Enables a server to report its status to the SNMP management system and is available only if both the TCP/IP and SNMP protocols are installed. |
|
Spooler |
Starts the spooler service. |
|
TCP/IP NetBIOS Helper |
Enables NetBIOS over the TCP/IP service and is available only if TCP/IP is installed. |
|
UPS |
Manages an uninterruptible power supply (UPS) that is connected to the computer. |
|
Windows Internet Name Service |
Enables the mapping of computer names to TCP/IP addresses for networked client systems and is available only on Windows Servers. |
|
Workstation |
Enables a computer to connect to and communicate with network resources. |
The net use command either connects or disconnects a computer and a shared resource and displays shared resources currently connected to a computer. Its syntax has several formats:
net use [devicename] [\\computername\sharename[\volume]] [password]
[/user:[domainname\]username] [[/delete] | [persistent:{yes | no}]]
net use devicename [/home[password]] [/delete:{yes | no}]
net use [persistent:{yes | no}]
Executing net use without options will produce a display of all currently connected shared resources.
Table A.61 defines the options that are valid for use in all syntax formats of the net use command.
Another syntax format of the net use command is net use persistent{yes | no}. When yes is used, all current connections will be reestablished at subsequent logons. When no is entered, no subsequent connections will be saved and therefore will not be reestablished at subsequent logons.
To disconnect from the printer designated by LPT2:, enter
net use lpt2: /delete
To connect to the shared resource g:\Sales\Contacts as the user bosco, enter
net use g:\Sales\Contracts * /user:bosco
The asterisk forces a password to be entered at a prompt before allowing the connection to occur.
The net user command allows an administrator to perform many of the user management tasks from the command line or command prompt. It adds, modifies, and deletes user accounts, and it displays information about a specific user account or lists all user accounts on the system. Executing this command at a Windows Server 2003 will update the user accounts database on the primary domain controller. That data is then replicated to the backup domain controllers.
There are three syntax formats for this command:
net user [username [password]] [options] [/domain] net user username password /add [options] [/domain] net user username [/delete] [/domain]
|
Option |
Qualifier |
Description |
|---|---|---|
|
devicename |
Enters the name of the device to be connected or disconnected. Acceptable values are D: through Z: for disk drives, LPT1: through LPT3: for printers, or an asterisk (*) to assign the next available device designation. Executing the command net use devicename displays information about the connection made to the shared resource, devicename. |
|
|
\\computername \volume sharename |
Enters the name of the computer that controls the shared resource for computername, which can be no longer than 15 characters, or for the shared resource for sharename. The \volume qualifier contains the name of a volume on a NetWare server and can only be used if either Client Services for NetWare or Gateway Services for NetWare is installed. |
|
|
password |
Enters the password necessary to access the shared resource. Using an asterisk (*) in place of the password forces a prompt for the password, which is often preferred since the password is not visible on the screen when it is entered in response to the prompt. This option can only be used after the \\computername\sharename option. |
|
|
/user:name |
Makes the connection using the user, name, instead of the currently logged on user. A domain different from the current one can be specified as part of name (/user:domainname\name). |
|
|
/delete |
Disconnects the connection to the shared resource and removes it from the list of persistent connections. This option cannot be used in conjunction with /persistent. |
|
|
/persistent:{yes | no} |
Identifies whether a connection is persistent or not. Entering yes {yes | no} saves each connection made as a persistent connection so that it can be reestablished at each login. Entering no {yes | no} stops saving the current connection and all future connections so that only existing connections will be reestablished at the next logon. The current persistent setting remains the default until it is changed. Once a connection is considered persistent, it can only be removed from the recurring list with the /delete option. |
|
|
/home |
Connects the user to his home directory. |
|
Without parameters or options, net user will display a list of the user accounts set up for the current system. With only the username parameter, it will display information specific to that user account. The display contains such information as the expiration date of the account, password-related information such as expiration dates, the name of the user's logon script and profile, the user's home directory, the date of the last logon, and the name of the account's local and global groups. Tables A.62 and A.63 define the parameters and the options available for net user.
The following command sets up a user named emilyg, prompting for a password. This user is permitted to log on Monday through Friday from 8:00 A.M. to 6:00 P.M. from the workstations named incy, sales, techsupp, and mktg.
net user bosco * /add /times:M-F,08:00-18:00 /workstations:incy,sales,techsupp,mktg
To delete the user bosco from the system, enter
net user bosco /delete
|
Option |
Description |
|---|---|
|
username |
Enters the name of the user account to be added, changed, deleted, or displayed. A user name can contain a maximum of 20 characters. |
|
password |
Either sets up a password for a new account or changes the password for an existing account. The password can consist of a maximum of 14 characters and must conform to the password specifications defined by the net accounts command. Entering an asterisk (*) instead of the actual password forces a prompt for the password, which in this instance will not be displayed on the screen while it is entered. |
|
/domain |
Specifies the command be executed on the primary domain controller of the current system's domain. This parameter should be used only from Windows Server 2003 workstations that are members of a Windows Server 2003 domain. |
|
/add |
Adds the user name to the user accounts database. The password parameter is required with this function. |
|
/delete |
Deletes the user name from the user accounts database. |
|
Option |
Description |
|---|---|
|
/active:{yes | no} |
Enters yes to activate the user account or no to disable it and thus prohibit the user from accessing the server. The default is yes. |
|
/comment:"text" |
Enters a comment up to a maximum of 48 characters for text. |
|
/countrycode:nnn |
Enters the numeric value for the operating system country code for nnn in order to display the user's help and error messages in a different language. Zero signifies the default. |
|
/expires:date |
Enters the date the account will expire. Acceptable values are never (the account will never expire) or a date in the default format defined by the country code. Examples of date formats are mm/dd/yy, dd,mm,yyyy, mm,dd,yy. The month can be either numeric or alphabetic; the year can be 2 or 4 digits. Either slashes or commas can be used to separate the components of the date. |
|
/fullname:"name" |
Enters the user's full name for the variable name. |
|
/homedir:path |
Enters the path for the user's home directory for the variable path. The path specified must already exist. |
|
/homedirreq:{yes | no} |
Enters yes to specify that a home directory is required or no if not. |
|
/passwordchg:{yes | no} |
Enters yes to identify whether a user can change his password or no if not. The default is yes. |
|
/passwordreq:{yes | no} |
Enters yes to require a password for a user or no otherwise. The default is yes. |
|
/profilepath:path |
Enters the pathname for the user's logon profile for path. |
|
/scriptpath:path |
Enters the pathname of the user's logon script for path. |
|
/times:time |
Enters the times of day that a user can log on to the system. Acceptable values include all (a user can always log on), a space or blank (a user can never log on), and days and times in the format day, hour. Days are the days of the week either spelled out or abbreviated as M, T, W, Th, F, Sa, Su; time can be either in 12- or 24-hour format. When 12-hour format is used, use A.M. or P.M., am, pm, a.m., or P.M. to designate. Days and times are separated with commas. If multiple days and times are listed, they are separated with semicolons. There should be no spaces. For example, /times:M,8am-5pm,12pm-8pm;W,13:00-17:00. |
|
/usercomment:"text" |
Enters a comment for the variable text. |
|
/workstations:name(s) |
Substitutes for name a list of workstations from which a user can access the network. A maximum of eight workstations can be listed, separated by commas. An asterisk (*) allows the user to log on to the network from any computer. |
To deactivate rather than delete user bosco, enter
net user bosco /active:no
The net view command displays the resources being shared on the computer. Depending on the parameters selected, the output is a list of computers in the current domain or a list of all domains in the network. The syntax can be one of the following:
net view \\computername net view /domain:domainname
Entering net view without parameters will produce a list of all computers on the network. Specifying a computer name for the \\computername parameter will produce a listing of all resources that are shared with that computer. Using the /domain:domainname parameter and specifying a particular domain name will produce a list of all resources shared with the computer in the named domain. Omitting the domain name will produce a list of all domains in the network.
A special format of this command will display all the servers available on a NetWare network:
net view /network:nw
 |
|
|
| Top |