Follow GFI:
Find us on Facebook Follow us on Twitter Find us on Linkedin Subscribe to our RSS Feed Find us on YouTube Find us on Google+

57 Tips Every Admin Should Know

on August 24, 2011

The longer a person serves as a network admin, the more tips and tricks they are likely to pick up along the way. Some could be shortcuts, others might seem like magic, but all are intended to save you time and help you solve problems. Assume that all of these Windows commands should be run from an administrative command prompt if you are using Vista, Windows 7, or Windows 2008.

Active Directory

1. To quickly list all the groups in your domain, with members, run this command:

dsquery group -limit 0 | dsget group -members –expand

2. To find all users whose accounts are set to have a non-expiring password, run this command:

dsquery * domainroot -filter “(&(objectcategory=person)(objectclass=user)(lockoutTime=*))” -limit 0

3. To list all the FSMO role holders in your forest, run this command:

netdom query fsmo

4. To refresh group policy settings, run this command:


5. To check Active Directory replication on a domain controller, run this command:

repadmin /replsummary

6. To force replication from a domain controller without having to go through to Active

Directory Sites and Services, run this command:

repadmin /syncall

7. To see what server authenticated you (or if you logged on with cached credentials) you can run either of these commands:

set l

echo %logonserver%

8. To see what account you are logged on as, run this command:


9. To see what security groups you belong to, run this command:

whoami /groups

10. To see the domain account policy (password requirements, lockout thresholds, etc) run this command:

net accounts

Windows Networking

11. To quickly reset your NIC back to DHCP with no manual settings, run this command:

netsh int ip reset all

12. To quickly generate a text summary of your system, run this command:

systeminfo | more

13. To see all network connections your client has open, run this command:

net use

14. To see your routing table, run either of these commands:

route print

netstat -r

15. Need to run a trace, but don’t have Netmon or Wireshark, and aren’t allowed to install either one? Run this command:

netsh trace start capture=yes tracefile=c:\capture.etl

netsh trace stop

16. To quickly open a port on the firewall, run this command, changing the name, protocol, and port to suit. This example opens syslog:

netsh firewall set portopening udp 161 syslog enable all

17. To add an entry to your routing table that will be permanent, run the route add command with the –p option. Omitting that, the entry will be lost at next reboot:

route add mask –p

18. Here’s a simple way to see all open network connections, refreshing every second:

netstat –ano 1

19. You can add a | findstr value to watch for only a specific connection, like a client ip.addr or port:

netstat –ano | findstr

20. You can use the shutdown to shutdown or reboot a machine, including your own, in a simple scheduled task like this:

shutdown –r –t 0 –m \\localhost

21. To make planned DNS changes go faster, reduce the TTL on the DNS records you plan on changing to 30 seconds the day before changes are to be made. You can set the TTL back to normal after you confirm the changes have been successful.

22. Set a short lease on DHCP scopes that service laptops, and set Microsoft Option 002 to release a DHCP leas on shutdown. This helps to ensure your scope is not exhausted and that machines can easily get on another network when the move to a new site.

Windows 7

23. Want to enable the local administrator account on Windows 7? Run this command from an administrative command prompt. It will prompt you to set a password:

net user administrator * /active:yes

24. You can do the same thing during install by pressing SHIFT-F10 at the screen where you set your initial user password.

Windows 7 supports several useful new keyboard shortcuts:

25. Windows Key+G

Display gadgets in front of other windows.

26. Windows Key++ (plus key)

Zoom in, where appropriate.

27. Windows Key+- (minus key)

Zoom out, where appropriate.

28. Windows Key+Up Arrow

Maximize the current window.

29. Windows Key+Down Arrow

Minimize the current window.

30. Windows Key+Left Arrow

Snap to the left hand side of the screen

31. Windows Key+Right Arrow

Snap to the right hand side of the screen.

32. To quickly launch an application as an administrator (without the right-click, run as administrator), type the name in the Search programs and files field, and then press Ctrl-Shift-Enter.

Here are some tips that can save you from buying commercial software:

33. Need to make a quick screencast to show someone how to do something? The Problem Steps Recorder can create an MHTML file that shows what you have done by creating a screen capture each time you take an action. Click the Start button and type ‘psr’ to open the Problem Steps Recorder.

34. Need to burn a disc? The isoburn.exe can burn ISO and IMG files. You can right click a file and select burn, or launch it from the command line.

35. Windows 7 includes a screen scraping tool called the Snipping Tool. I have tons of users request a license for SnagIt, only to find this free tool (it’s under Accessories) does what they need.

36. You can download this bootable security scanner from Microsoft that will run off a USB key, which is very useful if you suspect a machine has a virus.

37. A great way to save all your command line tools and make them available across all your computers is to install Dropbox, create a folder to save all your scripts and tools, and add that folder to your path. That way, they can be called from the command line or any other scripts, and if you update a script, it will carry across to any other machine you have.

Windows 2008

38. You can free up disk space on your servers by disabling hibernate. Windows 2008 will create a hiberfil.sys equal to the amount of RAM. This is very useful with VMs that have lots of RAM but smaller C: drives. To disable hibernation, and reclaim that space, run this command:

powercfg -h off

39. You can get to the complete collection of Sysinternals tools online. You can even invoke them from the run command. Use the url: or the UNC path: \\\tools.

40. Speaking of the Sysinternals tools, almost any command line in this article can be run remotely on another machine (as long as you have administrative rights) using the psexec command included in the Sysinternals tools.

41. You can kill RDP sessions at the command line when you find that all the RDP sessions to a server are tied up.

regsvr32 query.dll [enter] You only have to do this the first time.

query session /server:servername [enter]

reset session # /server:servername [enter]

42. You can create a list of files and display the last time they were accessed, which is very useful when a network drive is low on space and users swear they have to have that copy of Office 2003 on the network. My advice? If they haven’t touched it in two years, burn it to DVD or write it to tape and then delete it from disk:

dir /t:a /s /od >> list.txt [enter]

43. The Microsoft Exchange Err command is one of the best all around troubleshooting tools you will find, as it can decode any hex error code you find as long as the products are installed on the machine. Download it from here.

44. You can see all the open files on a system by running this command:

openfiles /query

45. You can pull all the readable data out of a corrupt file using this command:

recover filename.ext

46. Need to pause a batch file for a period of time but don’t have the sleep command from the old resource kit handy? Here’s how to build a ten second delay into a script:

ping -n 10 > NUL 2>&1

47. If your Windows website has stopped responding, or is throwing a 500 error, and you are not sure what to do, you can reset IIS without having to reboot the whole server. Run this command:


48. You can use && to string multiple commands together; they will run sequentially.

49. If you find yourself restarting services frequently, you can use that && trick to create a batch file called restart.cmd and use it to restart services:

net stop %1 && net start %1

50. You can download a Windows port of the wget tool from here, and use it to mirror websites using this command:

wget -mk


51. You can list files sorted by size using this command:

ls –lSr

52. You can view the amount of free disk space in usable format using this command:

df –h

53. To see how much space /some/dir is consuming:

du -sh /some/dir

54. List all running processes containing the string stuff:

ps aux | grep stuff

55. If you have ever run a command but forgot to sudo, you can use this to rerun the command:

sudo !!

56. If you put a space before a command or response, it will be omitted from the shell history.

57. If you really liked a long command that you just ran, and want to save it as a script, use this trick:

echo “!!” >

With 57 tips in this bag of tricks, you’re bound to find something useful. Have your own tips to share? Leave us a comment!

And there’s more! If you’re a sys admin that’s been faced with malware infection, cracked passwords, defaced website, compromised DNS, licensing violations, stolen hardware and other issues which can cause cardiac arrest? We have what you need! Download this free e-book: First Aid Kit for Admins today!

Dodi_Star August 25, 20114:10 pm

As comprehensive as it should be, this is truly helpful to newbie administrators like myself. But I have to disagree with you on the Snipping Tool-Snagit issue. The latter is more comprehensive with tons of features and tools every network admin should know. Although Snagit is more important to designers, administrators has great use to it. For instance, and this is basing on my own experience, you can use this program to add more screenshots, data, and figures to your reports. And it’s especially useful if you have multiple screens to capture and present to your audience.

Snagit also has a timer tool that lets you set a timer countdown. Although it’s not free, I think it’s worth your money.

@MakeYourMove August 29, 20117:01 pm

I have to agree with you on some points but Snagit is not a fully-capable admin tool. Writers, bloggers, reviewers, and designers (graphic, web, etc) can benefit most out of Snagit.

On Windows and Macs, you don’t have to install anything just to capture a screen or an application window. PCs have Print Screen. Macs have the “⌘ + Shift + 3″ shortcut key. If you need to record your screen or do some complicated screen shots, you can download tons of freewares online – for both PC and Mac.

Sarah Martin August 29, 20111:02 pm

Thanks for the list! A really great reference for everybody who is not good at memorizing commands and their options. I must admit I rarely use consoles simply because I fail to memorize for a long time even the simplest commands and I waste more time to find the command than to use alternatives. :)

Richard Andrews August 30, 20118:37 pm

Hey why is Dropbox here? I never thought this tool could also be applied to admins. I’m a professional blogger and Dropbox is one of the most useful applications I have – even useful than my Office suite. Really.

Although I only have the free account, which has 2GB worth of online storage, it’s a lifesaver. It’s my main backup solution.

I’m not familiar with command lines and scripts but I think Dropbox is good for everybody – whether you’re an admin, writer, webmaster, office manager, or simply just the office clerk guy.

Mac Lover September 2, 20117:47 am

Ohhh if I can just say: Microsoft’s System Sweeper is not reliable. It’s a piece of junk created by MS just to impress a small number of thier client base. One point of contention is that SS is a standalone software, meaning it’s completely independent from Microsoft’s registry system, which by the way, is the favorite hotspot of most viruses, rootkits, and malwares. It is also not part of a software bundle or package.

Microsoft, particularly the Windows operating system, should learn from Apple and OS X. That’s why the latter has less malware attacks than the former. This is the reason why I became a Mac switcher – I want to be completely protected from viruses.

Connor September 24, 20114:49 pm

That comment my friend, had myself and my entire team chuckling thoughout most of lunch and the rest of the day.

‘This is the reason why I became a Mac switcher – I want to be completely protected from viruses.’ – Let me help you here. You became a Mac user because you were lulled into a false sence of security.

FACT ALERT: Viruses can infect Macs. The actual Mac standpoint is they cannot be infected by WILD viruses. They can still be infected by non wild viruses though. The are 8 known major trojans for Macs, and no KNOWN wild virus code. So basicaly, yep, you can get a virus on a Mac.

Give us your details and me and the team will happly provide you with proof. *Disclaimer: We take no responcability for what the afformentioned proof does to your files.*

Its worth noting though that Win7 is a very secure OS as well.

Mac trojans are widely known to be a hell of alot nastier to get than the windows versions.

Macs are not completely secure. No OS on earth is completely secure. When me and the team are out at the mail we enjoy screwing with the Apple reps in their pretty shinny stores by crashing all their displays or getting them to run things displays shouldn’t.

Let me tell you something, Windows gets viruses so much that most Viruses out their for windows are harmless with good protection. It takes a super virus to actualy do something now days. But on Macs, which are getting more and more attention, things are begining to change. Its harder to write Viruses for Macs, as the concept is much harder when it comes to the fundamentals in the programming. Which is why not many people actualy target Macs.

As the world gets more and more Macs, viruses aimed just at Macs will come out. Its only a matter of time. This is why I have a low opinion of the sterotypical Mac user. Most people get them because their ‘the trend/expensive-so it must be good/looks flashy/I heard it doesn’t crash/No viruses’. They have no indepth knowlage of what the flaws of Macs are.

But alas, I am rambling. I have boxes to bounce and swiches to fiddle with. I think we will print and frame your comment for the server room, or our office. It gave us all some much needed stress relief.

Thanks for the Laugh.

P.S\ Want a really really secure OS?, get Linux. Hackers and Viruses run when they find you run Linux. Mainly because while your OS is super secure, Linux has a nice range of counter offensive tools which you can use to give the lil’ script kiddy a really bad day and send him crying to mommy.

J.L. September 25, 20119:39 am

It’s standalone, which makes it portable. Great for cleaning other computers. It is a software, get your facts straight.

Look at all the Mac malware now, lol. Macs aren’t that secure (only less market share), ask the hackers who actually knows what they’re saying.

I can’t stop laughing at your pathetic post.

J.L. September 27, 20114:20 am

The above comment was meant for Mac Lover.

Linux is more secure than Windows and Macs, but I think BSD is even more malware-proof. Look at OpenBSD for virtually the highest level of security.

Adrian Cohen September 26, 20116:31 pm

Great list of shortcuts. I especially liked the Windows 7 shortcuts. I installed this OS recently and I’m still getting used to all the extra features. This list forgot to mention the “Show Desktop” shortcut. Unlike previous versions of Windows, it is now unmarked and tucked away on the right side of the taskbar. clicking it, or hovering your mouse over it, will hide all active windows and take you to your desktop. It took me some time to find out about it so I’d thought I’d share :)