Screenconnect commandline: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
(24 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
Examples of various commandline and Powershell commands. | |||
==CLI Notes== | ==CLI Notes== | ||
===Running Commands=== | ===Running Commands=== | ||
Line 23: | Line 25: | ||
==Enable Remote Execution== | ==Enable Remote Execution== | ||
<syntaxhighlight lang="powershell" line='line'>Set-ExecutionPolicy RemoteSigned</syntaxhighlight> | <syntaxhighlight lang="powershell" line='line'> | ||
Set-ExecutionPolicy RemoteSigned | |||
</syntaxhighlight> | |||
== | ==Drive and File Operations== | ||
===Show | |||
===Show Drives and Space Usage=== | |||
<syntaxhighlight lang="powershell" line="line"> | <syntaxhighlight lang="powershell" line="line"> | ||
#!ps | #!ps | ||
get-psdrive -psprovider filesystem | |||
</syntaxhighlight> | |||
===List Drive Letters=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
wmic logicaldisk get caption | |||
</syntaxhighlight> | |||
===Create folder, set local NTFS permissions to everyone, network share permissions to 'scan' user=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
mkdir c:\scan | |||
icacls "C:\scan" /grant Everyone:(OI)(CI)F | |||
net share scan=c:\scan /GRANT:scan,FULL | |||
Share C: as pcx_c to my_username | |||
net share pcx_c=c:\ /GRANT:my_username,FULL | |||
</syntaxhighlight> | |||
===Share profile directory to my_username=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
net share user_prof=c:\users\my_username /GRANT:username,FULL | |||
</syntaxhighlight> | |||
===Unshare pcx_c=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
NET SHARE pcx_c /Y /delete | |||
</syntaxhighlight> | </syntaxhighlight> | ||
=== | ===Get Free Disk Space=== | ||
<syntaxhighlight lang="powershell" line="line"> | <syntaxhighlight lang="powershell" line="line"> | ||
#!ps | #!ps | ||
#timeout=90000 | |||
$disk = Get-WmiObject Win32_LogicalDisk -Filter "DeviceID='C:'" | Select-Object Size, FreeSpace | |||
Write-Host ("{0}GB total" -f [math]::truncate($disk.Size / 1GB)) | |||
Write-Host ("{0}GB free" -f [math]::truncate($disk.FreeSpace / 1GB)) | |||
</syntaxhighlight> | </syntaxhighlight> | ||
== | ===Check for Bad Blocks or NTFS Corruption=== | ||
<syntaxhighlight lang="powershell" line="line"> | <syntaxhighlight lang="powershell" line="line"> | ||
#!ps | #!ps | ||
#timeout=90000 | |||
Get-EventLog -Newest 10 -LogName "System" -EntryType Error -Source "Ntfs" | |||
#!ps | |||
#timeout=90000 | |||
Get-EventLog -Newest 10 -LogName "System" -EntryType Error -Source "Disk" | |||
#!ps | |||
#timeout=90000 | |||
Get-EventLog -Newest 10 -LogName "System" -EntryType Error -Source "Ntfs" | select -ExpandProperty message | |||
#!ps | |||
#timeout=90000 | |||
Get-EventLog -Newest 10 -LogName "System" -EntryType Error -Source "Disk" | select -ExpandProperty message | |||
</syntaxhighlight> | |||
===Check if disk is marked as dirty=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
fsutil dirty query c: | |||
</syntaxhighlight> | </syntaxhighlight> | ||
== | ===Mark disk as dirty to force check at restart=== | ||
== | |||
<syntaxhighlight lang="powershell" line="line"> | <syntaxhighlight lang="powershell" line="line"> | ||
fsutil dirty set C: | |||
</syntaxhighlight> | </syntaxhighlight> | ||
==File Downloads & Creation== | |||
==Download a file to a directory (full paths required)== | ===Download a file to a directory (full paths required)=== | ||
<syntaxhighlight lang="powershell" line="line"> | <syntaxhighlight lang="powershell" line="line"> | ||
#!ps | #!ps | ||
Line 64: | Line 111: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
==Download a large file to a directory (full paths required)== | ===Download a large file with BITS=== | ||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps | |||
#timeout=9000000 | |||
# URL and Destination | |||
$url = "https://myurl.com/largefile.iso" | |||
$dest = "v:\largefile.iso" | |||
# Download file | |||
Start-BitsTransfer -Source $url -Destination $dest | |||
</syntaxhighlight> | |||
====List BITS Transfers==== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps Import-module bitstransfer | |||
#!ps Get-bitstransfer –allusers | |||
</syntaxhighlight> | |||
====Stop BITS Transfers==== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps Import-module bitstransfer | |||
#!ps Get-bitstransfer –allusers | remove-bitstransfer | |||
</syntaxhighlight> | |||
===Download a large file to a directory (full paths required)=== | |||
<syntaxhighlight lang="powershell" line="line"> | <syntaxhighlight lang="powershell" line="line"> | ||
#!ps | #!ps | ||
Line 72: | Line 142: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
== | ===Create a file and write contents=== | ||
=== | <syntaxhighlight lang="powershell" line="line"> | ||
#!ps | |||
new-item c:\users\director\Desktop\login.txt | |||
set-content c:\users\director\Desktop\login.txt 'myaccount@readinks.info mysecretpassword' | |||
</syntaxhighlight> | |||
===Create a Desktop shortcut to a folder=== | |||
<syntaxhighlight lang="powershell" line="line"> | <syntaxhighlight lang="powershell" line="line"> | ||
#!ps | #!ps | ||
$TargetFile = "C:\scan\" | |||
$ShortcutFile = "$env:Public\Desktop\folder.lnk" | |||
$WScriptShell = New-Object -ComObject WScript.Shell | |||
$Shortcut = $WScriptShell.CreateShortcut($ShortcutFile) | |||
$Shortcut.TargetPath = $TargetFile | |||
$Shortcut.Save() | |||
</syntaxhighlight> | </syntaxhighlight> | ||
Line 85: | Line 166: | ||
#timeout=90000 | #timeout=90000 | ||
get-vm | Get-VMHardDiskDrive | select vmname, path | get-vm | Get-VMHardDiskDrive | select vmname, path | ||
</syntaxhighlight> | |||
==Miscellaneous Commands== | |||
===Retrieve Serial Number=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
wmic bios get serialnumber | |||
</syntaxhighlight> | |||
===Set Power Options (Always On)=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
powercfg -x monitor-timeout-ac 0 | |||
powercfg -x disk-timeout-ac 0 | |||
powercfg -x standby-timeout-ac 0 | |||
powercfg -x hibernate-timeout-ac 0 | |||
</syntaxhighlight> | |||
===Show Wireless Signal Strength=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#timeout=720000 | |||
#maxlength=10000 | |||
netsh wlan show networks mode=bssid | |||
</syntaxhighlight> | |||
===Change / Activate Wireless Profile=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
netsh wlan connect name=LibSec | |||
</syntaxhighlight> | |||
===Refresh General Info Tab=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps | |||
#maxlength=100000 | |||
#timeout=90000 | |||
echo "INFORMATIONREQUEST-RESPONSE/1" | |||
echo "CommandType: General" | |||
echo "ContentType: xml" | |||
echo "" | |||
$Host.UI.RawUI.BufferSize = New-Object Management.Automation.Host.Size (500, 25) | |||
$computer = get-wmiobject win32_computersystem | select Manufacturer, Model | |||
$bios = get-wmiobject win32_bios | select Name, SerialNumber | |||
write-output $computer.Manufacturer, $computer.Model, $bios.Name, $bios.SerialNumber| ConvertTo-Xml -As Stream | |||
</syntaxhighlight> | |||
===Check Version/InstallDate of a Program=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps | |||
#timeout=15000 | |||
Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Where { $_.DisplayName -eq "Program_Name" } | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | |||
</syntaxhighlight> | |||
<syntaxhighlight lang="powershell" line="line"> | |||
# similar but targeted to a specific product, veeam for microsoft windows in this example | |||
#!ps | |||
#timeout=15000 | |||
Get-ItemProperty "HKLM:\Software\Veeam\Veeam Agent for Microsoft Windows\" | Select-Object Version | |||
</syntaxhighlight> | |||
===Enable WinRM for Remote Management=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
winrm.cmd quickconfig -q | |||
</syntaxhighlight> | |||
===Retreive Monitor Information (manufacturer, model, serial[not a complete serial])=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps | |||
$Monitors = Get-WmiObject WmiMonitorID -Namespace root\wmi | |||
function Decode { | |||
If ($args[0] -is [System.Array]) { | |||
[System.Text.Encoding]::ASCII.GetString($args[0]) | |||
} | |||
Else { | |||
"Not Found" | |||
} | |||
} | |||
echo "Manufacturer, Name, Serial" | |||
ForEach ($Monitor in $Monitors) { | |||
$Manufacturer = Decode $Monitor.ManufacturerName -notmatch 0 | |||
$Name = Decode $Monitor.UserFriendlyName -notmatch 0 | |||
$Serial = Decode $Monitor.SerialNumberID -notmatch 0 | |||
echo "$Manufacturer, $Name, $Serial" | |||
} | |||
</syntaxhighlight> | |||
==Network== | |||
===Find DNS Cache Entries for Domain=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps | |||
#timeout=90000 | |||
Get-DnsClientCache -Name "*auto-graphics.com*" | Format-Table Entry, Data | |||
</syntaxhighlight> | |||
===Check Network Location=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps | |||
#maxlength=5000 | |||
#timeout=600000 | |||
Get-NetConnectionProfile | |||
</syntaxhighlight> | |||
===Change Network Location to Private=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps | |||
#maxlength=5000 | |||
#timeout=600000 | |||
Get-NetConnectionProfile -NetworkCategory 'Public' | Set-NetConnectionProfile -NetworkCategory 'Private' | |||
</syntaxhighlight> | |||
==Processes and Services== | |||
===Show Processes Names Like X=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps | |||
Get-Process sam* | Select-object name | |||
</syntaxhighlight> | |||
===Test if Service is Running=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps | |||
(Get-Service -Name 'Spooler').Status -eq 'Running' | |||
</syntaxhighlight> | |||
===Stop / Start Service=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
net stop "Service_Name" | |||
net start "Service_Name" | |||
</syntaxhighlight> | |||
===Show Registered Services Name Like 'sam'=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
sc queryex type= service state= all | find /i "sam" | |||
</syntaxhighlight> | |||
===Show Detail of Service Name 'SamClientManager'=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
sc queryex SamClientManager | |||
</syntaxhighlight> | |||
===Show Running Processes=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
tasklist | |||
</syntaxhighlight> | |||
===Kill Process=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
tskill ProcessID or ProcessName | |||
Example: tskill notepad | |||
Example: tskill 6543 | |||
</syntaxhighlight> | </syntaxhighlight> | ||
Line 90: | Line 322: | ||
===Show default printer=== | ===Show default printer=== | ||
<syntaxhighlight lang="powershell" line="line"> | <syntaxhighlight lang="powershell" line="line"> | ||
#!ps | |||
Get-WmiObject -Query "SELECT * FROM Win32_Printer WHERE Default=$true" | Get-WmiObject -Query "SELECT * FROM Win32_Printer WHERE Default=$true" | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Line 95: | Line 328: | ||
===Set default printer=== | ===Set default printer=== | ||
<syntaxhighlight lang="powershell" line="line"> | <syntaxhighlight lang="powershell" line="line"> | ||
#!ps | |||
(Get-WmiObject -ComputerName . -Class Win32_Printer -Filter "Name='HP Color LaserJet Pro MFP M477 PCL 6'").SetDefaultPrinter() | (Get-WmiObject -ComputerName . -Class Win32_Printer -Filter "Name='HP Color LaserJet Pro MFP M477 PCL 6'").SetDefaultPrinter() | ||
</syntaxhighlight> | </syntaxhighlight> | ||
===Remove Printers=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
printui.exe /dl /n "Fax" /q | |||
printui.exe /dl /n "Microsoft XPS Document Writer" /q | |||
printui.exe /dl /n "Send To OneNote 2016" /q | |||
</syntaxhighlight> | |||
===Add printer port=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
Cscript %WINDIR%\System32\Printing_Admin_Scripts\en-US\prnport.vbs -a -r IP_192.168.24.132 -h 192.168.24.132 -o raw -n 9100 | |||
</syntaxhighlight> | |||
===Change printer port=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
cscript %WINDIR%\System32\Printing_Admin_Scripts\en-US\prncnfg.vbs -t -p "Brother HL-2270DW" -r IP_192.168.24.132 | |||
</syntaxhighlight> | |||
===Rename printer=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
cscript %WINDIR%\System32\Printing_Admin_Scripts\en-US\prncnfg.vbs -x -p "NPI3AEC0A (HP Color LaserJet CM1312nfi MFP)" -z "HP CM1312" | |||
</syntaxhighlight> | |||
===List print drivers (may truncate)=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
cscript %WINDIR%\System32\Printing_Admin_Scripts\en-US\prndrvr.vbs -l | |||
</syntaxhighlight> | |||
===List printer configuration=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
cscript %WINDIR%\System32\Printing_Admin_Scripts\en-US\prncnfg.vbs -g -p "hp LaserJet 1300 PCL 5" | |||
</syntaxhighlight> | |||
===Clear print queue=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
net stop spooler | |||
del %systemroot%\System32\spool\printers\* /Q /F /S | |||
net start spooler | |||
</syntaxhighlight> | |||
===Find printers with WSD port=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
wmic printer where "PortName LIKE 'WSD%%'" get name,portname | |||
</syntaxhighlight> | |||
===Delete printers with WSD port=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
wmic printer where "PortName LIKE 'WSD%%'" delete | |||
</syntaxhighlight> | |||
===Disable Auto Install of Network Devices (WSD Printer Ports, etc.)=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\NcdAutoSetup\Private" /v "AutoSetup" /t REG_SZ /d "0" /f | |||
</syntaxhighlight> | |||
==RDP== | |||
===Enable RDP=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f | |||
</syntaxhighlight> | |||
===RDP Firewall Exception=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
netsh advfirewall firewall set rule group="remote desktop" new enable=Yes | |||
</syntaxhighlight> | |||
===Add non-admin user to RDP group=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
NET LOCALGROUP "Remote Desktop Users" patron /ADD | |||
</syntaxhighlight> | |||
==SAM== | |||
Various commands for SAM time & print management software | |||
===SAM Local Server=== | |||
====Open port 100==== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
netsh advfirewall firewall add rule name="SAM10 Port 100" dir=in action=allow protocol=TCP profile=any localport=100 | |||
</syntaxhighlight> | |||
====Allow FTP access==== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
netsh advfirewall firewall add rule name="FTP (no SSL)" action=allow protocol=TCP dir=in profile=any localport=21 | |||
netsh advfirewall set global StatefulFtp enable | |||
</syntaxhighlight> | |||
====Stop and Start FTP service==== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
net stop ftpsvc | |||
net start ftpsvc | |||
</syntaxhighlight> | |||
===SAM Clients=== | |||
====Enable / Disable / Show Firewall state (for testing !!!)==== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
NetSh Advfirewall set allprofiles state off | |||
NetSh Advfirewall set allprofiles state on | |||
Netsh Advfirewall show allprofiles | |||
</syntaxhighlight> | |||
====Set permissions on SAM_10 folder(s)==== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
icacls "C:\Program Files\SAM_10" /grant Everyone:(OI)(CI)F | |||
icacls "C:\Program Files (x86)\SAM_10" /grant Everyone:(OI)(CI)F | |||
</syntaxhighlight> | |||
====Set permissions on ACM and SAM folder (staff machines or SAM9 clients)==== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
icacls "C:\ACM" /grant Everyone:(OI)(CI)F | |||
icacls "C:\SAM" /grant Everyone:(OI)(CI)F | |||
</syntaxhighlight> | |||
====Check ACL Permissions on C:\SAM Folder==== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps | |||
get-acl c:\sam | format-list | |||
</syntaxhighlight> | |||
====Allow port 2002 TCP traffic==== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
netsh advfirewall firewall add rule name="SAM Client Port 2002" dir=in action=allow protocol=TCP profile=any localport=2002 | |||
</syntaxhighlight> | |||
====Check for Listening Port 2002 on Local Machine==== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
netstat -a -n | |||
</syntaxhighlight> | |||
====Check for Listening Port 2002 on Local Machine (Powershell 4+)==== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps | |||
#timeout=90000 | |||
Test-NetConnection -ComputerName localhost -Port 2002 | |||
</syntaxhighlight> | |||
====Check for Firewall Rule Port 2002 (Powershell 4+)==== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps | |||
#timeout=9000 | |||
Get-NetFirewallPortFilter –Protocol TCP | Where { $_.localport –eq ‘2002’ } | Get-NetFirewallRule | |||
</syntaxhighlight> | |||
====Determine if SAM client or SAM printing processes are running==== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
tasklist /fi "Imagename eq SamClient10.exe" | |||
tasklist /fi "Imagename eq SamPrinting.exe" | |||
</syntaxhighlight> | |||
====Check for existence of themes folder via ScreenConnect CLI==== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
dir "C:\Program Files\SAM_10\Themes" | |||
</syntaxhighlight> | |||
====Kill all SAM processes==== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps | |||
#timeout=90000 | |||
Stop-Process -processname sam* -Force | |||
</syntaxhighlight> | |||
====Read Configuration File==== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps | |||
Get-Content -Path "C:\Program Files (x86)\Sam_10\Clntinfo.ini" | |||
</syntaxhighlight> | |||
==Scheduled Tasks== | |||
===Create a task to reboot PC at 5AM=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
schtasks /create /ru SYSTEM /sc daily /tn restart /tr "shutdown -r -f -c ""restart""" /st 05:00 | |||
</syntaxhighlight> | |||
===Check for the existence of task named 'restart'=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
schtasks /Query /tn restart | |||
</syntaxhighlight> | |||
===Remove task named 'restart'=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
schtasks /delete /tn restart /f | |||
</syntaxhighlight> | |||
==Time== | |||
===See Current Timezone=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps | |||
[System.TimeZone]::CurrentTimeZone | |||
</syntaxhighlight> | |||
==User Accounts== | |||
===Add User Account=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
net user /add Bob bobspassword | |||
</syntaxhighlight> | |||
===Set User password to never expire=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
WMIC USERACCOUNT WHERE "Name='Bob'" SET PasswordExpires=FALSE | |||
</syntaxhighlight> | |||
===Add or Delete user to / from Administrators group=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
net localgroup administrators Bob /add | |||
net localgroup administrators Bob /delete | |||
</syntaxhighlight> | |||
===Disable and account=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
net user "Administrator" /active:no | |||
</syntaxhighlight> | |||
===Diable Password Expiration=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
net accounts /maxpwage:unlimited | |||
</syntaxhighlight> | |||
==VPN== | |||
===List VPN Phonebook Entries | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps | |||
Get-VpnConnection -AllUserConnection | |||
</syntaxhighlight> | |||
===Import Certificate to Root store=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps | |||
Import-Certificate -CertStoreLocation cert:\LocalMachine\Root -Filepath "C:\Users\myuser\Documents\cert_export_ca.crt" | |||
</syntaxhighlight> | |||
===Create SSTP VPN Connection to IP 100.100.100.100 on port 4430=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps | |||
Add-VpnConnection -Name "MyVPN SSTP" -ServerAddress "100.100.100.100:4430" -TunnelType "Sstp" -EncryptionLevel "Required" -AuthenticationMethod MSChapv2 -AllUserConnection -RememberCredential | |||
</syntaxhighlight> | |||
===View cert with DnsName of 100.100.100.100=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps | |||
#timeout=90000 | |||
SET-LOCATION CERT:\LOCALMACHINE\ROOT; get-childitem -dnsname '100.100.100.100' | |||
</syntaxhighlight> | |||
===Remove Cert with DnsName of 100.100.100.100=== | |||
<syntaxhighlight lang="powershell" line="line"> | |||
#!ps | |||
Get-ChildItem cert:\LocalMachine\Root -dnsname '100.100.100.100' | Remove-Item | |||
</syntaxhighlight> | |||
[[Category:ScreenConnect]] | [[Category:ScreenConnect]] |
Latest revision as of 16:52, 22 July 2022
Examples of various commandline and Powershell commands.
CLI Notes
Running Commands
There exist a few ways to issue CLI commands in ScreenConnect / Connectwise Control.
- Right-Clicking on a session and choosing 'Run Command'
- Clicking on the 'Commands' icon in the right-hand panel
- Right-Clicking on a session, selecting 'Join With Options' and then selecting 'Backstage'
Normal (CMD) style commands do not require anything other than the command itself to be issued. Powershell commands require being prefaced with one of the two listed examples:
- #!ps
- powershell
Timeouts
Commands may time out if running for too long. The default time-out value can be overridden by using
#timout=90000
replacing 90000 with the desired interval.
Truncated Output
The output from a command may be truncated, but can be extended by overriding the default using
#maxlength=1000000
replacing 1000000 with desired output length.
Example of Options
#!ps
#timeout=90000
Get-Process sam* | Select-object name
Enable Remote Execution
Set-ExecutionPolicy RemoteSigned
Drive and File Operations
Show Drives and Space Usage
#!ps
get-psdrive -psprovider filesystem
List Drive Letters
wmic logicaldisk get caption
mkdir c:\scan
icacls "C:\scan" /grant Everyone:(OI)(CI)F
net share scan=c:\scan /GRANT:scan,FULL
Share C: as pcx_c to my_username
net share pcx_c=c:\ /GRANT:my_username,FULL
net share user_prof=c:\users\my_username /GRANT:username,FULL
NET SHARE pcx_c /Y /delete
Get Free Disk Space
#!ps
#timeout=90000
$disk = Get-WmiObject Win32_LogicalDisk -Filter "DeviceID='C:'" | Select-Object Size, FreeSpace
Write-Host ("{0}GB total" -f [math]::truncate($disk.Size / 1GB))
Write-Host ("{0}GB free" -f [math]::truncate($disk.FreeSpace / 1GB))
Check for Bad Blocks or NTFS Corruption
#!ps
#timeout=90000
Get-EventLog -Newest 10 -LogName "System" -EntryType Error -Source "Ntfs"
#!ps
#timeout=90000
Get-EventLog -Newest 10 -LogName "System" -EntryType Error -Source "Disk"
#!ps
#timeout=90000
Get-EventLog -Newest 10 -LogName "System" -EntryType Error -Source "Ntfs" | select -ExpandProperty message
#!ps
#timeout=90000
Get-EventLog -Newest 10 -LogName "System" -EntryType Error -Source "Disk" | select -ExpandProperty message
Check if disk is marked as dirty
fsutil dirty query c:
Mark disk as dirty to force check at restart
fsutil dirty set C:
File Downloads & Creation
Download a file to a directory (full paths required)
#!ps
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
(new-object System.Net.WebClient).Downloadfile("http://myurl.com/somefile.jpg", "C:\Users\bob\Desktop\somefile.jpg")
Download a large file with BITS
#!ps
#timeout=9000000
# URL and Destination
$url = "https://myurl.com/largefile.iso"
$dest = "v:\largefile.iso"
# Download file
Start-BitsTransfer -Source $url -Destination $dest
List BITS Transfers
#!ps Import-module bitstransfer
#!ps Get-bitstransfer –allusers
Stop BITS Transfers
#!ps Import-module bitstransfer
#!ps Get-bitstransfer –allusers | remove-bitstransfer
Download a large file to a directory (full paths required)
#!ps
#timeout=9000000
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
(new-object System.Net.WebClient).Downloadfile("http://myurl.com/large.zip", "C:\temp\large.zip")
Create a file and write contents
#!ps
new-item c:\users\director\Desktop\login.txt
set-content c:\users\director\Desktop\login.txt 'myaccount@readinks.info mysecretpassword'
Create a Desktop shortcut to a folder
#!ps
$TargetFile = "C:\scan\"
$ShortcutFile = "$env:Public\Desktop\folder.lnk"
$WScriptShell = New-Object -ComObject WScript.Shell
$Shortcut = $WScriptShell.CreateShortcut($ShortcutFile)
$Shortcut.TargetPath = $TargetFile
$Shortcut.Save()
Hyper-V
List Hyper-V VMs and file paths
#!ps
#timeout=90000
get-vm | Get-VMHardDiskDrive | select vmname, path
Miscellaneous Commands
Retrieve Serial Number
wmic bios get serialnumber
Set Power Options (Always On)
powercfg -x monitor-timeout-ac 0
powercfg -x disk-timeout-ac 0
powercfg -x standby-timeout-ac 0
powercfg -x hibernate-timeout-ac 0
Show Wireless Signal Strength
#timeout=720000
#maxlength=10000
netsh wlan show networks mode=bssid
Change / Activate Wireless Profile
netsh wlan connect name=LibSec
Refresh General Info Tab
#!ps
#maxlength=100000
#timeout=90000
echo "INFORMATIONREQUEST-RESPONSE/1"
echo "CommandType: General"
echo "ContentType: xml"
echo ""
$Host.UI.RawUI.BufferSize = New-Object Management.Automation.Host.Size (500, 25)
$computer = get-wmiobject win32_computersystem | select Manufacturer, Model
$bios = get-wmiobject win32_bios | select Name, SerialNumber
write-output $computer.Manufacturer, $computer.Model, $bios.Name, $bios.SerialNumber| ConvertTo-Xml -As Stream
Check Version/InstallDate of a Program
#!ps
#timeout=15000
Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Where { $_.DisplayName -eq "Program_Name" } | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate
# similar but targeted to a specific product, veeam for microsoft windows in this example
#!ps
#timeout=15000
Get-ItemProperty "HKLM:\Software\Veeam\Veeam Agent for Microsoft Windows\" | Select-Object Version
Enable WinRM for Remote Management
winrm.cmd quickconfig -q
Retreive Monitor Information (manufacturer, model, serial[not a complete serial])
#!ps
$Monitors = Get-WmiObject WmiMonitorID -Namespace root\wmi
function Decode {
If ($args[0] -is [System.Array]) {
[System.Text.Encoding]::ASCII.GetString($args[0])
}
Else {
"Not Found"
}
}
echo "Manufacturer, Name, Serial"
ForEach ($Monitor in $Monitors) {
$Manufacturer = Decode $Monitor.ManufacturerName -notmatch 0
$Name = Decode $Monitor.UserFriendlyName -notmatch 0
$Serial = Decode $Monitor.SerialNumberID -notmatch 0
echo "$Manufacturer, $Name, $Serial"
}
Network
Find DNS Cache Entries for Domain
#!ps
#timeout=90000
Get-DnsClientCache -Name "*auto-graphics.com*" | Format-Table Entry, Data
Check Network Location
#!ps
#maxlength=5000
#timeout=600000
Get-NetConnectionProfile
Change Network Location to Private
#!ps
#maxlength=5000
#timeout=600000
Get-NetConnectionProfile -NetworkCategory 'Public' | Set-NetConnectionProfile -NetworkCategory 'Private'
Processes and Services
Show Processes Names Like X
#!ps
Get-Process sam* | Select-object name
Test if Service is Running
#!ps
(Get-Service -Name 'Spooler').Status -eq 'Running'
Stop / Start Service
net stop "Service_Name"
net start "Service_Name"
Show Registered Services Name Like 'sam'
sc queryex type= service state= all | find /i "sam"
Show Detail of Service Name 'SamClientManager'
sc queryex SamClientManager
Show Running Processes
tasklist
Kill Process
tskill ProcessID or ProcessName
Example: tskill notepad
Example: tskill 6543
Printers
Show default printer
#!ps
Get-WmiObject -Query "SELECT * FROM Win32_Printer WHERE Default=$true"
Set default printer
#!ps
(Get-WmiObject -ComputerName . -Class Win32_Printer -Filter "Name='HP Color LaserJet Pro MFP M477 PCL 6'").SetDefaultPrinter()
Remove Printers
printui.exe /dl /n "Fax" /q
printui.exe /dl /n "Microsoft XPS Document Writer" /q
printui.exe /dl /n "Send To OneNote 2016" /q
Add printer port
Cscript %WINDIR%\System32\Printing_Admin_Scripts\en-US\prnport.vbs -a -r IP_192.168.24.132 -h 192.168.24.132 -o raw -n 9100
Change printer port
cscript %WINDIR%\System32\Printing_Admin_Scripts\en-US\prncnfg.vbs -t -p "Brother HL-2270DW" -r IP_192.168.24.132
Rename printer
cscript %WINDIR%\System32\Printing_Admin_Scripts\en-US\prncnfg.vbs -x -p "NPI3AEC0A (HP Color LaserJet CM1312nfi MFP)" -z "HP CM1312"
List print drivers (may truncate)
cscript %WINDIR%\System32\Printing_Admin_Scripts\en-US\prndrvr.vbs -l
List printer configuration
cscript %WINDIR%\System32\Printing_Admin_Scripts\en-US\prncnfg.vbs -g -p "hp LaserJet 1300 PCL 5"
Clear print queue
net stop spooler
del %systemroot%\System32\spool\printers\* /Q /F /S
net start spooler
Find printers with WSD port
wmic printer where "PortName LIKE 'WSD%%'" get name,portname
Delete printers with WSD port
wmic printer where "PortName LIKE 'WSD%%'" delete
Disable Auto Install of Network Devices (WSD Printer Ports, etc.)
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\NcdAutoSetup\Private" /v "AutoSetup" /t REG_SZ /d "0" /f
RDP
Enable RDP
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
RDP Firewall Exception
netsh advfirewall firewall set rule group="remote desktop" new enable=Yes
Add non-admin user to RDP group
NET LOCALGROUP "Remote Desktop Users" patron /ADD
SAM
Various commands for SAM time & print management software
SAM Local Server
Open port 100
netsh advfirewall firewall add rule name="SAM10 Port 100" dir=in action=allow protocol=TCP profile=any localport=100
Allow FTP access
netsh advfirewall firewall add rule name="FTP (no SSL)" action=allow protocol=TCP dir=in profile=any localport=21
netsh advfirewall set global StatefulFtp enable
Stop and Start FTP service
net stop ftpsvc
net start ftpsvc
SAM Clients
Enable / Disable / Show Firewall state (for testing !!!)
NetSh Advfirewall set allprofiles state off
NetSh Advfirewall set allprofiles state on
Netsh Advfirewall show allprofiles
Set permissions on SAM_10 folder(s)
icacls "C:\Program Files\SAM_10" /grant Everyone:(OI)(CI)F
icacls "C:\Program Files (x86)\SAM_10" /grant Everyone:(OI)(CI)F
Set permissions on ACM and SAM folder (staff machines or SAM9 clients)
icacls "C:\ACM" /grant Everyone:(OI)(CI)F
icacls "C:\SAM" /grant Everyone:(OI)(CI)F
Check ACL Permissions on C:\SAM Folder
#!ps
get-acl c:\sam | format-list
Allow port 2002 TCP traffic
netsh advfirewall firewall add rule name="SAM Client Port 2002" dir=in action=allow protocol=TCP profile=any localport=2002
Check for Listening Port 2002 on Local Machine
netstat -a -n
Check for Listening Port 2002 on Local Machine (Powershell 4+)
#!ps
#timeout=90000
Test-NetConnection -ComputerName localhost -Port 2002
Check for Firewall Rule Port 2002 (Powershell 4+)
#!ps
#timeout=9000
Get-NetFirewallPortFilter –Protocol TCP | Where { $_.localport –eq ‘2002’ } | Get-NetFirewallRule
Determine if SAM client or SAM printing processes are running
tasklist /fi "Imagename eq SamClient10.exe"
tasklist /fi "Imagename eq SamPrinting.exe"
Check for existence of themes folder via ScreenConnect CLI
dir "C:\Program Files\SAM_10\Themes"
Kill all SAM processes
#!ps
#timeout=90000
Stop-Process -processname sam* -Force
Read Configuration File
#!ps
Get-Content -Path "C:\Program Files (x86)\Sam_10\Clntinfo.ini"
Scheduled Tasks
Create a task to reboot PC at 5AM
schtasks /create /ru SYSTEM /sc daily /tn restart /tr "shutdown -r -f -c ""restart""" /st 05:00
Check for the existence of task named 'restart'
schtasks /Query /tn restart
Remove task named 'restart'
schtasks /delete /tn restart /f
Time
See Current Timezone
#!ps
[System.TimeZone]::CurrentTimeZone
User Accounts
Add User Account
net user /add Bob bobspassword
Set User password to never expire
WMIC USERACCOUNT WHERE "Name='Bob'" SET PasswordExpires=FALSE
Add or Delete user to / from Administrators group
net localgroup administrators Bob /add
net localgroup administrators Bob /delete
Disable and account
net user "Administrator" /active:no
Diable Password Expiration
net accounts /maxpwage:unlimited
VPN
===List VPN Phonebook Entries
#!ps
Get-VpnConnection -AllUserConnection
Import Certificate to Root store
#!ps
Import-Certificate -CertStoreLocation cert:\LocalMachine\Root -Filepath "C:\Users\myuser\Documents\cert_export_ca.crt"
Create SSTP VPN Connection to IP 100.100.100.100 on port 4430
#!ps
Add-VpnConnection -Name "MyVPN SSTP" -ServerAddress "100.100.100.100:4430" -TunnelType "Sstp" -EncryptionLevel "Required" -AuthenticationMethod MSChapv2 -AllUserConnection -RememberCredential
View cert with DnsName of 100.100.100.100
#!ps
#timeout=90000
SET-LOCATION CERT:\LOCALMACHINE\ROOT; get-childitem -dnsname '100.100.100.100'
Remove Cert with DnsName of 100.100.100.100
#!ps
Get-ChildItem cert:\LocalMachine\Root -dnsname '100.100.100.100' | Remove-Item