50 Basic Windows Commands

with Examples
Last Updated: December 8, 2022 by Robert Allen 8 Comments
Learn basic windows commands that can help you with troubleshooting,
configuration, and gathering system details.

Most of these commands are built into windows so there is no need to

download or install anything (the only exception is the Sysinternals
commands). Also, these Windows Commands can be run from the command
prompt or PowerShell console.

Tip: Most windows commands include a help menu that lists all the command
options and syntax. Type the command followed by /? to view the help menu.
For example, ping /?

Let’s get started.

1. ping (test network connection)

The ping command tests network connectivity between two devices by
sending ICMP echo requests. For example, computer A tests if it has
connectivity to computer B by sending some packets back and forth.

The ping command is still one of my favorite tools for testing basic network
connectivity. It’s fast and very easy to use. In addition, I use it for the following:

• Test for packet loss

• Test latency
• Test DNS queries
• Test connectivity with configuring new connections (can my router talk
to the next hop such as the ISPs router?)
Ping Examples
To test the connectivity to another device by IP use the command below.

ping 192.168.100.1

Ping by hostname.

ping dc1.ad.activedirectorypro.com

For most windows commands you can type the command followed by /? to
view the help info, it will display the full syntax and parameters. So to view the
help for ping use this command:

ping /?

-l switch specifies a packet size.

ping -l 2024 192.168.5.1

-a switch will do a reverse name resolution on the IP (PTR record lookup).

ping -a 142.250.177.46
-t switch will do a continuous ping. A very popular command for testing
network connectivity.

ping -a 192.168.5.1

Send any command output to a text file.

ping -t > c:\it\test-ping.txt

For more details on the ping command see Microsoft’s ping documentation.

2. ipconfig (get network adapter details)

The ipconfig command is used to display a computers TCP/IP configuration.
You can display the IP info for a single or all network cards installed on a
computer.

This command can also display the DNS cache on the local machine, flush
DNS, release and renew the DHCP address on all network cards.

ipconfig command examples

To view the IP configuration for all network cards on a computer type the
command below and press enter.

ipconfig /all
/all switch to display IP info for all network cards.

ipconfig /all

/flushdns switch to clear the local DNS resolver cache.

ipconfig /flushdns

/registerdns to trigger dynamic registration of the DNS names and IP

addresses that are configured on the computer.

ipconfig /registerdns

/release to release DHCP addresses. This will release DCHP address on the
network cards that are configured for DHCP.

ipconfig /release
/renew switch will renew DHCP address for all network cards.

ipconfig /renew

/displaydns switch will display the DNS client cache.

ipconfig /displaydns

3. nslookup (find dns records)

The nslookup command is used to check DNS records and troubleshoot DNS.
This is a must-have command for any sysadmin or network engineer. You can
do all kinds of tests to verify DNS is working correctly, you can check PTR, A,
MX, SOA, and many other types of DNS records. It’s another one of my
favorite windows commands for network troubleshooting.

Nslookup command examples

To test that the A record of a hostname follow these two steps

Step 1: Type nslookup and press enter

Step 2: type in a domain name and press enter

4. tracert (network troubleshooting)

The tracert command is used to track the pathway a packet takes from a
source IP to the destination address. This simply means it’s going to display
each hop (router) that the packet passes through to reach its destination.

This command I don’t use very often but still comes in handy when
troubleshooting the network. For example, we had some speed issues with a
website from our ISP, on a different ISP we had no issues. The ISP had us run a
traceroute so they could see the path it took.

Tracert examples

The syntax for this command is tracert followed by the hostname or IP.

tracert google.com
This command has very few options. The only command line switch on this
one that I find useful is the -d which is used to not resolve the address to
hostname.

5. shutdown command
The shutdown command does exactly that, it shuts down a computer. This
command is useful for shutting down or restarting local or remote computers.
It also provides a quick way to see all the logs for why a computer restarted or
was shut down.

shutdown examples

This command will restart computer pc2.

shutdown /r /m \\pc2

This command will shut down the remote computer.

shutdown /s /m \\pc2

View previous shutdown/restart logs.

shutdown /d

Here is an example output for the shutdown /d command. This can be useful
to quickly check why a computer restarted or shutdown.
More shutdown examples

Some of these use multiple switches, refer to the help file shutdown /? for an
explanation of each command switch.

Log user off of a remote computer.

shutdown /l /m \\pc2

Restart a remote computer with no countdown.

shutdown /r /m \\pc2 /t 0
Shutdown the local computer and specify the time period before shutdown in
seconds.

shutdown /s /t 60

Shutdown a remote computer with a custom message.

shutdown /m \\pc2 /c "Rebooting computer, have a nice day"

Abort a system shutdown.

shutdown /a

Force applications to close without warning.

shutdown /s /f

6. gpupdate (group policy update)

The gpupdate command is used to apply group policies on a computer in a
windows domain. This is a very popular command, I see a lot of helpdesk
techs that use it. Sometimes you can run this command to refresh the GPOs
and avoid a reboot but that doesn’t always work.

gpupdate command examples

This command will pull down any GPO changes to the computer.

gpupdate
Use /force to reapply all the GPOs on the computer.

gpupdate /force

Check out my gpupdate tutorial for more examples and a video walkthrough.

7. netstat (display network connections)

This is such an awesome command.

The netstat command displays TCP/IP connection information, ethernet stats,

and the computer’s routing table. As a sysadmin I use this command on
Windows servers and clients when troubleshooting connection issues. I can
verify application servers are working correctly by checking that the service is
running and listening for connections on the port.

netstat command examples

Display all active and listening ports.

netstat -a

Display all connections in numerical order.

netstat -a -n

Here is the output of the above command. You can see how you can verify
server and client connectivity. It shows that my domain controller with IP
192.168.100.10 has established these four connections with IP 192.168.100.11.
More netstat examples

Displays the executable that is used to create the connection.

netstat -ab

Displays ethernet statistics. This is a quick way to check for network card errors
and discards.

netstat -e

Displays the exe and the process ID (PID) associated with the connection.

netstat -abo

Displays the computer local routing table.

netstat -r

Displays FQDN with the connection info.

netstat -af

8. dcdiag (test domain controller)

If you are the administrator of Active Directory then you must know this
command. This command will analyze the state of your domain controllers, it
has over 30 built in tests. You should be running this command at regular
intervals to ensure your domain environment is healthy.
dcdiag examples

To run dcdiag on a specific domain controller use this command

dcdiag /s:DC1

9. net stop and net start (windows services)

Simple command to start and stop windows services.

Examples

In this example, I will stop and start the printer spooler service.

net stop spooler

and now start the spooler service.

net start spooler

That is it for this command, there are no additional parameters.

10. systeminfo

The systeminfo command displays configuration details on a computer such

as OS name and version, hardware information, boot time, logon server, and
more.
There are a lot of details this command displays, I like to use this command to
check the windows server uptime and when it was last booted.

You can run this command on remote computers with the /s parameter.

system info /s pc1

11. getmac (get mac address)

This command returns the MAC address from all the network cards on a
system. When troubleshooting a client connection issue I will often need the
computer’s MAC address so I can verify I see it connected on the switch. This
command is the best way to quickly grab a computer’s MAC address.

To run it on a local computer just type getmac.

To run on a remote computer use the /s parameter.

getmac /s pc1

12. gpresult (group policy results)

The gpresult command reports on what group policies and settings are
applied to a user or computer.

This is another must know command if you work with Active Directory servers.

To display all applied GPOs run this command. Note: You need to run the
command prompt in administrator mode or it will not generate a full report.

gpresult /r
The above command will give a report for both user and computer applied
GPOs.

and the computer settings.

More GPResult examples

Display GPOs applied to the user.

gpresult /r /scope:user

Display GPOs applied to the computer.

gpresult /r /scope:computer

Display GPOs for a remote computer.

gpresult /s pcname
Generate an HTML report.

gpresult /h c:\report.html

Send command output to a text file.

gpresult /r > c:\result.txt

13. whoami command

This command displays who is currently logged on to the local system. It also
can display what groups a user belongs to. Use this command to display the
logged on users group membership.

Get the current logged on user.

whoami

Display the user groups to which the current user belongs.

whoami /groups
Pretty cool right?

More whoami commands

Display the user name in UPN format

whoami /upn

Displays current domain, username and users SID

whoami /user

Displays all information for the current user

whoami /all
14. telnet client

I use the windows telnet client to test if a remote host is allowing connection
on a specific port. I typically use this when someone says your firewall is
blocking a program from working.

If you know the port number the application runs on you can use the
command below. In this example, I installed filezilla server so port 21 should
be open.

The syntax is telnet + hostname or IP + port number

telnet srv01 21

You may or may not get a response back from the remote server. In this case
with filezilla I do. You could also just get a blank screen on a successful
connection.

If it doesn’t get a connection you should get a message like the below.
That is all I use the telnet client for. For complete command syntax
view Microsoft’s telnet documentation.

15. set (get system details)

The set command displays environment variable information.

I don’t use this command that often but still is useful to check a user’s logon
server or quickly look at the environment variables.

One little trick with this command is you can type the command followed by
string and it will only display those results. For example, if I want to find
everything that starts with path I would use this command

set path

Now it just displays everything that starts with “path”.

16. cd (change directory)

The cd command allows you to change to another directory on your
computer.

For example to change to the windows directory use this command.

cd windows
You can also start typing the directory name and hit tab to auto complete. For
example, to change to the “Program Files” directory I can type cd pro and hit
tab and it will auto complete the path.

17. mkdir (make directory)

The mkdir command will create a directory or subdirectory. It creates the
directory in the current directory. For example, in the command prompt, my
path is c:\it, if I type mkdir folder1 it will create folder1 in the c:\it folder.

If I look in windows explorer I’ll see the folder1 directory.

18. sfc (system file checker)
The sfc command can be used to verify and replace important windows
system files. If you experience a blue screen or other crashes the sfc command
may fix the issue. The below command will scan all protected operating
system files and repair if needed.

sfc /scannow

You can also run a test only without repairing it.

sfc /verifyonly

19. net use (connect to network resources)

The net use command is used to connect and remove shared sources such as
network drives and printers.

In this example, I’ll map a network drive to my srv-vm1 server

net use \\srv-vm1\share

You can use net use to list resources.

To remove a resource use /delete

net use z: /delete

20. chkdsk (check disk)

The chkdsk command scans the file system on the disk and checks the
integrity of the files and metadata. There are many command line options with
this command so check the help menu for full details (chkdsk /?).

To check the disk in read-only mode run the below command.

chkdsk

Use /F to fix any errors found on the disk.

chkdsk /f

21. Route Print (View local routing table)

To view the local computers routing table use the route print command. This
is useful when the computer has multiple network interface cards and you
need to determine the route network traffic is taking.

route print