Appendix C: Network management commands and scripts
1. Sample commands and scripts
  1. List users in Active Directory
  1. List computers in Active Directory
  1. List workgroup computers
  1. List shares
  1. List computer volumes (drives and free space)
  1. List mailboxes in Exchange Server 2010 and newer
  1. List SharePoint sites
  1. List services running on a computer
1. Sources for management scripts

Appendix C: Network management commands and scripts

Sample commands and scripts

(For Windows computers)

The following commands and scripts may assist you in compiling lists of Users, Computers, Local Volumes and File Shares on your network. In some cases, links are provided to scripts published on various Microsoft web sites.

Warning: These commands and scripts are not guaranteed to be available in your environment, nor are they guaranteed to run properly. Some scripts assume specific versions of Active Directory, SharePoint, etc. – or the presence of scripting languages such as PowerShell. Be sure to carefully review any script before executing it. This is especially true of scripts found on web sites.

Note: These commands and scripts may need to be run as a user who is a member of the Domain Admins group and/or local Administrators group. On computers with User Account Control, these scripts and commands may require elevated privileges when run.

Any text shown in purple is variable text that should be edited to suit your needs prior to executing these commands or scripts.

Commands that utilize Windows Management Instrumentation (WMI) – or the corresponding WMIC.EXE command-line utility – will require the Windows Management Instrumentation service to be running on both the local PC and the PC being queried.

In addition, certain DCOM settings and firewall settings are necessary for the WMI command or script to succeed when querying machines across the network; see the following Microsoft article for details:
‎http://msdn.microsoft.com/en-us/library/windows/desktop/aa389286(v=vs.85).aspx

List users in Active Directory

Login as a Domain Administrator on a computer which is a domain member. From a command window, enter the following command:

dsquery user domainroot

Alternately, run a script that can list user names without their Active Directory context information. Some scripts can also filter out computers that are disabled.

For example, the following PowerShell script (based on a script from http://technet.microsoft.com/en-us/library/ff730967.aspx) lists active users in the default Active Directory domain. This script must be run from a computer that is a member of the domain being queried, and may need to be run while logged in as a Domain Admin. The filter on Line 1 prevents service accounts and disabled users from appearing in the list.

$strFilter = "(&(objectCategory=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))"

$objDomain = New-Object System.DirectoryServices.DirectoryEntry

$objSearcher = New-Object System.DirectoryServices.DirectorySearcher

$objSearcher.SearchRoot = $objDomain

$objSearcher.PageSize = 1000

$objSearcher.Filter = $strFilter

$objSearcher.SearchScope = "Subtree"

$colProplist = "name", "sAMAccountName"

foreach ($i in $colPropList){$objSearcher.PropertiesToLoad.Add($i)}

$colResults = $objSearcher.FindAll()

foreach ($objResult in $colResults)

{$objItem = $objResult.Properties; $objItem.name}

List computers in Active Directory

Login as a Domain Administrator to a computer who is a member of the domain. From a command window, enter the following command:

dsquery computer domainroot > C:\Domain-Computers.txt

After the command completes, open the file C:\Domain-Computers.txt.

Alternately, run a script that can list computer names without their Active Directory context information. Some scripts can also filter out computers that are disabled.

List workgroup computers

net view > C:\Workgroup-Computers.txt

After the command completes, open the file C:\Workgroup-Computers.txt.

List shares

net view \\Computername > C:\Computername-Shares.txt

After the command completes, open the file C:\Computername-Shares.txt.

Note: Hidden shares with names ending in a $ are not listed by this command. You can list hidden shares by logging in directly to the computer you wish to query, then run the command net share from a command window.

List computer volumes (drives and free space)

(Requires WMI)

Login to a computer who is a member of the workgroup. From a command window, enter the following command (all on one line; purple values are variable):

wmic /output:"C:\Computername-Volumes.htm" /NODE:Computername /USER:MyUser /PASSWORD:MyPassword LOGICALDISK LIST BRIEF /FORMAT:htable

Note: Replace MyUser with the name of a UserID with rights to the target computers. You can preface the user ID with a domain name, e.g. /USER:MyDomain\MyUser.

Multiple computers can be specified by using /NODE:Computer1,Computer2,Computer3, etc. – provided (1) all of the specified Computers can be accessed by the specified User, and (2) any internal firewall is configured to allow traffic across the TCP ports used by WMI.

By specifying /FORMAT:csv, you can output comma-separated variable files. You can concatenate multiple CVS files into one file, then open the consolidated list using Excel.

After the command completes, open the file C:\Computername-Volumes.htm. in a web browser.

List mailboxes in Exchange Server 2010 and newer

The Exchange Management Console offers an easy way to export a list of mailboxes. See the following Microsoft article for details:

http://technet.microsoft.com/en-us/library/bb691328.aspx

List SharePoint sites

In SharePoint 2007, the StsAdm command line tool can be used to generate a list of sites, by using the parameters Enumallwebs or Enumsites. See the Microsoft article http://technet.microsoft.com/en-us/library/cc262492(v=office.12).aspx for details.

Also, several scripts are available on the internet for listing sites in SharePoint.

List services running on a computer

(requires WMI)

Login to a computer who is a member of the workgroup. From a command window, enter the following command (all on one line; purple values are variable):

wmic /output:"C:\Computername-Services.htm" "/Node:Computername" /USER:MyUser /PASSWORD:MyPassword SERVICE LIST BRIEF / FORMAT:htable

Note: The purple values can be set as described in topic List Computer Volumes (Drives and free space).

After the command completes, open the file C:\Computername-Services.htm in a web browser.

The sc.exe utility, included in Windows, can also query services running on a local or remote computer.

Sources for management scripts

There are several script repositories available on the internet which provide a more comprehensive collection of network management commands and scripts. A good example for Windows computers is the Microsoft TechNet Script Center Repository at http://gallery.technet.microsoft.com/ScriptCenter/.

Note: Exercise caution before running scripts to ensure they are appropriate for your environment.