Operating System Command Line Tools – CompTIA A+ 220-902 – 1.3

The command line of an operating system can provide a powerful set of features and tools. In this video, you’ll learn about some of the more popular Windows command line tools.

<< Previous: Installing Windows 8 and 8.1Next: The Windows Recovery Environment Command Prompt >>


If you’re administering or troubleshooting computers, then you’re going to spend a lot of time at the command line. In this video, I’ll take you through some of the most popular command line tools. Many of the tools I’ll show you today can be run by any user.

There are some tools you do not want users to run. For example, you wouldn’t want somebody formatting over volume on their computer unless they have the rights and permissions to do so. Most users are going to run these commands with standard privileges.

There’s no additional authentication or no additional rights required to run these commands. But some commands are going to require additional access. You will need to have administrator privileges, or are we sometimes call elevated privileges to run these commands.

In order to get into this elevated mode, we would type in CMD. But instead of hitting Enter, we would right mouse click on Command Prompt. And we would choose Run As Administrator.

We can alternatively type in CMD, and press Control Shift Enter at the same time. And that will also launch a command line screen in administrative or elevated mode. If you’re running in Windows Vista or Windows 7, you can start the command prompt from the Start menu. If your Windows 8 or 8.1, you can start on the Start screen.

You can type CMD. And it will bring up the options. In this case, we have Command Prompt. And we can right mouse click, and choose Run As Administrator.

You’ll notice when you do that, the command prompt launches. And you’ll be able to see administrator at the top of the screen to show that this is an elevated command prompt. From here, you can run any command line tool.

If you’re not sure what commands are available, you can simply type in Help, and hit Enter. Or, you can type Help and the name of a command, and you’ll get detailed information about this particular command. Alternatively, you can use the command name and then slash question mark to show additional information about that command.

Once you’re finished using the command prompt, you can close it by typing Exit and hitting Enter. When you’re troubleshooting storage devices on your computer, you may not have access to the operating system graphical user interface. In those cases, you may want to use the command line Diskpart. This will give you access to configure, format, and make changes to the existing volumes on your computer.

To start Diskpart, we simply type Diskpart right at the command line. And it starts the Diskpart application. And it changes the prompt now to a Diskpart prompt.

If we type Help, we can get a list of all of the different commands available. You can see that the Diskpart application has a number of different options in here. Because we are making changes to the storage devices on your computer, you want to be very careful about what you’re doing inside of this application. You could very easily delete partitions or any data that might be on the storage devices.

Inside of Diskpart, you can run commands like List Volume that will show you the different volumes on your computer. And from here, we can make configuration changes to these volumes, we can create new partitions, we can format these volumes, and much more. A number of disk management commands can be done outside of Diskpart as standalone applications– for example, the Format command.

Format is a command that initialize or erases everything that’s in a partition. It puts a brand new file system onto that partition, effectively removing anything that was there previously. If you’re connecting up a brand new drive, or you want to erase everything that’s on a particular volume, then the format command is the command you would use.

On my computer, you can see I have four storage devices configured. One is the A drive for my floppy disk drive. I have a C drive. That’s my main system drive.

I have a DVD drive, which currently does not have a DVD or DVD Rom inside of it. And then I have this E drive. This is a local disk that has been partitioned. But it does not currently have a file system on it. And you can see it doesn’t even show how much storage space is in use, or how much maximum storage space I have.

So we want to run the Format command to be able to format this E colon. What I’ll do is use the Default Format command with simply E colon. And it tells me that the type of file system is going to be in TFS.

All data on this non-removable disk drive, E will be lost. Proceed with format. I will say yes. And it will begin formatting the file system for that drive.

Once it’s done, it’s going to prompt me for a volume name. And let’s choose one called Data. And it says that the format is now complete.

If we go back to our file manager, we’ll see now that drive E is showing that it has 9.76 gigabytes of disk space available. And we can now start writing files to that file system. If you’re using a drive, but you’re concerned that the drive may have some logical errors with the file system, or there might be some physical problems with the disk, then you may want to run some checks.

And the command to do that is called Check Disk. Check Disk with a slash F will go through the logical system check of that particular drive. And it will fix any problems with that logical file system.

If you feel that the drive itself might have some bad sectors in the physical part of the drive, you can have the Check Disk run with a slash R, which is not only going to perform the slash F, but will go through every sector on the drive, and make sure that every sector can be read and written to without any problems. If you try to perform a Check Disk on the main volume of your computer, you may find that the volume is locked, and you would not be able to perform a check disk at that time. In those particular cases, Check Disk will tell you that it can’t run because it’s in use by another process.

Would you like to schedule this volume to be checked the next time the system restarts? And you choose yes. And it tells you that it will perform that check the next time the system restarts.

When you restart your computer, it goes through recheck disk before the operating system even loads. And it performs either the logical file system check, or it checks all the bad sectors along with the file system, and gives you a result of what it finds. Let’s run a check disk of that drive E that I just formatted. I’ll choose Check Disk, will choose E colon. And I’ll also choose the slash R. So we’ll go through all the sectors on this newly formatted drive.

It’s going to go very quickly on this drive because it’s very small. If you have a very large drive, this will take quite a bit of time as it checks every single sector on the disk. Let’s scroll back up and see what we found.

You can see stage one, examine the basic file system, stage two, examine the file name linkages, stage three, examine the security descriptors, stage four, looked for any bad clusters in the user file area, and stage five looked for any bad free clusters. And when it finished, it said it found no problems and gave me a summary of everything that it did and the sizes of the drive that it examined.

When you’re at the command line, it’s very useful to be able to see the files and directories that are in your system. One way to view those is with the DIR command. This provide you with a directory listing of everything that happens to be in the folder that you specify.

If you see anything in the folder you’d like to remove, you can get rid of it by using the Delete command, or DEL. This is also called the Erase command. And it will remove a file from the file system.

So let’s try out the directory command. I’ll simply type DIR. And I’ll hit Enter. And by specifying DIR without any specific path, it’s going to show me the directory of where I currently am, which is the C colon backslash Users backslash Administrator Folder. And you can see all the files and the folders that are inside this particular administrator folder.

If we were to look at this in File Manager, we should see exactly the same thing. You can see File Manager arranges them a little bit differently. It puts the folder on top and in the files. And you could see at the command line it puts everything in alphabetical order. But the information is exactly the same on both of those.

Let’s try using the Delete command now. There is one file that’s in this folder that I would like to remove. It’s one that I was looking at earlier to run some diagnostics.

And now we’re finished with the file and would like to erase it from the file system. So I’ll use the DEL command. And I’ll specify diags.text. In fact, I’ll start typing it. And then I’ll hit the Tab key to autocomplete that name.

And then I’ll simply hit Enter. And it doesn’t give me any prompt back. It simply puts me back at the user’s administrator prompt. But there are no messages there.

But if we perform a DIR, you can see that the file is now missing. And if we were to look at this in our File Manager, you could see that it’s missing from the File Manager as well. You may have used to using File Manager to create folders, move around your file system, and delete files and folders from the file system itself. But you can also do all of this at the command line using the commands MD to make a directory, CD to change into a directory, and RD to remove a directory.

I’m logged on to this computer as the administrator. So I’m in the C colon backslash Users backslash Administrator Directory. And if we do a DIR, we can see all the files and folders that are in that directory.

If we were to look at this in our File Manager, you can see I’m also in the user’s administrator. And you can see all the different folders, which match exactly what I’m seeing here at the command line. What I’d like to do is to create a directory within this list.

So let’s clear this. And I’m going to create a directory called Temp. I could do this in two different ways. I can spell out the entire path, or I can specify the path name based on where I happen to be in the file system.

So we can perform this as an MD to make directory. And then I can spell out C colon backslash Users backslash Administrator. And I’m using the Tab key to autocomplete this. And I want to create a directory inside of this called Temp.

Now, because I’m already in the colon backslash Users backslash Administrator Directory, one thing that I can do is simply say MD, and type Temp. That saves me from having to type that entire path out every time I want to perform a function. If I hit Enter, it simply gives me the prompt back.

That means that it completed successfully. And if I perform a DIR, you can see that now I have a new folder in my administrator directory called Temp. We can also at the command line move into and out of different directories by using the CD command.

For example, if I type CD Space and then Documents, I’ll be able to move into that documents folder. And you could see my prompt changes to C colon backslash Users backslash Administrator backslash Documents. And if I perform a DIR, I’m now looking at all of the documents within that folder.

To be able to move back to the previous directory, I can either choose the CD command and type out the entire path that I would like to go to, for example C colon backslash Users backslash Administrator, and it will take me back to that folder. But I also have a shortcut by using two dots instead of that entire path name.

Two dots means to move back one directory from where you happen to be. So a CD space dot dot is now going to move me back one directory. And I can use that to move backwards and move forwards very easily by typing in the path name relative to where I am or typing in the double dots to move back one folder. Previously, we created that temp directory. And we don’t have any files inside of that temp directory, which means that we could remove that directory if we wanted to by using the RD command and typing Temp.

I could, of course, expand this out and use the entire path as well. But since I’m already in the user’s administrator folder, I’ll simply use space Temp, and it will now remove that directory. We don’t get any prompt. So if we perform a directory, you can see now the Temp Directory is now missing. We’ve removed it from the file system.

When you’re working in the file system, it’s very common to take one file and copy it to another location or to a separate file name. To do that, we use the Copy command. And there are a number of different command line options for Copy. But we’ll look at two of the more popular ones here.

One is the slash V. If we use slash V in the Copy command, that stands for verify. This is especially useful if you’re copying this off to a USB drive or some type of external storage. And you want to be sure when you copy this file, it is going to be copied exactly correct, that way when you unplug and take that flash drive, you’ll know that you have an accurate copy of that file.

Another good command line option to use is slash Y. If you’re copying over a particular file and you don’t want to get the prompt asking you if it’s OK to overwrite that file, you can suppress that prompt with a slash Y. This is very useful if you’re writing a batch file and you know that you’re going to be overriding a file. This way it doesn’t prompt you or stop this batch file. It simply proceeds with the copy and doesn’t prompt you on the screen to verify that that’s what you’d like to do.

Let’s say that we’d like to copy a fall from our existing drive to this new E drive that I created. I’ll perform a directory command. And I put back this diags.text file. If I now perform a DIR of E colon, you can see currently there are no files on E colon.

So to copy this file, we would select Copy. We’ll choose diags.TXT. And we’ll perform that with and E colon. And I’ll hit Enter. And it says, one file has been copied.

If I now perform a directory of E colon, you can see indeed we do have a diags.TXT on the E drive. Let’s perform that copy command again. But this time I want to verify that this file is being copied correctly. So we’ll perform the copy of diags.TXT to E colon. And I’ll specify a slash V somewhere in this command.

It’s going to try to perform this with a slash V. But since the file already exists, it prompts me and says, do you want to override diags.TXT. I’ll use the Yes option. And hit Enter. And it says the file is copied.

And if we look at E colon, the file is there. But because we performed this with a slash V, it is now verified that the file is copied, and it matches the original. Let’s try this copy again. But let’s use the slash Y to suppress the prompt that we got.

So we’ll use a Copy, diags.TXT to E colon slash V and also slash Y. In this case, it’s simply going to copy the final. It’s not going to prompt us if we want to overwrite that file. Obviously, you want to be sure that if you’re using this option that you know exactly what you’re doing, because it’s very easy to override files accidentally with that slash Y option.

What if you’re working on a computer and you want to back up a number of different files and a number of different folders all simultaneously? In that case, you may want to use a command called X Copy, which will not only copy files but also entire directory trees at the same time. In my Administrator folder, I have a documents folder. And inside that documents folder is a Mission Reports folder.

And I’ve also got inside of the Documents folder Ship Diagnostics folder. So I have many folders within folders and files within those folders. What I would like to do is take everything that’s in My Documents folder and copy it off to the E drive.

At the command prompt, we’ll perform a directory. And there is the Documents folder that I’d like to copy off to the E drive. To be able to copy all of the files and all the folders inside the documents directory, I want to use the X Copy command. But I want to use that with a slash S flag. That stands for the subdirectory.

So we’ll take everything that we’re specifying, and go all the way through the folders and copy everything that t finds. I’m going to specify that I want to copy everything that’s in the Documents folder. And I want to copy that to E colon.

And if I Enter you can see it goes through all the different documents folders that I have, all the files that are within those. And it copies them to E colon. If I perform a directory of E colon, you can see that I now have all of those files copied from my documents folder on my C drive. And I’ve copied them into the root of my E drive.

If you’re copying a lot of files and folders to a lot of different servers over a lot of different kinds of network connections, you may want to use a utility called Robocopy. Robocopy effectively replaces the functionality of X Copy, and is something that is included with Windows Vista, and Windows 7, and Windows 8, and 8.1.

It’s called Robust copy because there are many different options available when you’re copying these files. And it even has additional functionality, like being able to resume a copy if you happen to lose the connection in the middle of performing a copy between one device and another. You can see an overview of Robocopy by simply typing in Rorobopy.

You get a summary of what Robocopy is. I you want to see more details about Robocopy, you can perform a Robocopy and a slash question mark, and it gives you many pages of information on how you can configure all of the different settings for Robocopy. In our case, let’s copy that same documents folder to my E drive.

I’ve deleted everything on my E drive, so now there are no files there currently. So let’s perform a Robocopy. I’m going to Robocopy everything with a slash S, very similar to the slash S command we used with the X Copy.

And I’ll specify the Documents folder. I want to copy everything to the E drive. And you can see we get a lot more information on the screen when it performs this copy. It tells you the different options that it’s using, gives you a breakdown of all of the different files and what it did during the copy process, gives you a summary of exactly what it did.

And if we look at our E drive– and you can see that all of the files were copied successfully from the Documents folder on the C drive to the root of the E drive. If you don’t have access to the graphical interface on a computer, or you want to be able to manage the applications that are running to a different device across the network, you may want to use the Task List and the Task Kill command.

The Task List command will show you all the different applications that are currently running on that computer. This is very similar to looking at the list that’s inside of Task Manager. And you can look at the list that’s on your local computer, or you can specify computer that might be somewhere else on the network.

If you want to stop a process, you can use Task Kill. This will terminate a task. And you can either specify using the slash IM as the image name and the name of the executable. Or, you can use slash PID, which stands for Process ID, and then specify the process ID of that particular process running on that device.

I will often also use the slash T, which will not only stop that process, but any child processes as well. Let’s run a Task List on this computer. I’ll run Task List. And you can see all of the different tasks that are running on this particular PC.

Let’s start up another application. For example, I’ll go to my Start menu. And I’ll choose Notepad. And I’ll simply start a process for Notepad that’s running on this computer.

Let’s now let’s move this over so we can see both the Notepad running in the background, and I can see my tasks here. I’m going to hit the up arrow to perform the same task list that I did earlier. And you can see down here at the bottom is notepad.exe. And you can see it’s process ID 3968. That’s what’s running right here in the background.

Now let’s perform a Task Kill. So I’ll type Task Kill. I’ll specify the PID option so that I can simply type in 3968. And I’ll use the slash T, although in this case, Notepad doesn’t have any child processes. But it’s always a good idea if you’re stopping one process to also stop the child processes under it.

If I hit Enter– so you can now see that the Notepad has disappeared. We were able to remove it from the execution list by using this Task Kill command. And it says that it did send a termination signal to process with PID 3968. And that is why we no longer are running our Notepad.

If you’re concerned that your operating system files have been corrupted in some way, either with a bad storage device, or with a process, or malware on your computer, you can check the integrity of all of your OS files by using the SFC command. You can have SFC scan through all of your operating system files and inform you of any they don’t match what they should be. You also have the option to have SFC correct any files that might not match what should be on your operating system.

To see all of the different options for SFC, we’ll simply type SFC and hit Enter. The ones you’ll probably use the most are either slash Scan Now to perform an integrity check. And it repairs any problems that it finds, or to do a slash Verify Only, which performs the same scan. But it doesn’t correct any of the files in the operating system.

Let’s run SFC. And I’ll run a scan now and have it go through my operating system, check all of the different files. This may take some time depending on how large the file system installation is and the speed of the storage device that you happen to be using.

Sometimes when you’re working at the command line on a remote computer, you may need to have that computer turn off or reboot itself. But of course, you’re not sitting in front of that computer to be able to press the power button. In those cases, we want to use the Shutdown command.

There are a number of options to be able to perform the shutdown. One is to perform a shutdown, which will turn off the computer after a certain number of seconds. The S means that we are shutting it down completely. And the slash T specifies how many seconds to wait before the system will shut down.

But maybe you don’t want it to shutdown completely, but instead to restart itself. In those cases, we use the slash R option. And we can still use that slash T option to specify how long to wait before the restart takes place.

If you’re in the middle of this process, and it’s counting down, and then you suddenly realize you don’t want it to shut down or you don’t want it to reboot, you can perform a Shutdown slash A, and this will abort any of those shutdown processes. Let’s run a shutdown on my computer.

I’ll type Shutdown. I’ll perform an S to shut this down completely. And I’ll specify 120 seconds. And it says that you’re about to be signed out. Windows will shut down in minutes. And it tells you exactly when that’s going to be.

If you, again, make a mistake, and you realize you don’t want to shut this down, we can perform the Shutdown command again with the slash A. And now it stops this process and tells me the logoff is canceled. The scheduled shutdown has been canceled.

When you’re working on troubleshooting computers, you may be given a cabinet file from Microsoft. You’ll know this is a cabinet file because it has the extension.cab. And usually, there are one or many files stored in this cabinet file format.

To be able to view what’s inside of this cabinet, you use the Expand command. And if you use Expand dash D, and then the name of the cabinet file, you can list out all the files that are inside the dot cab. To be able to extract a file from this cabinet, we use the Expand command again with the name of the cabinet file name. And we use the dash F command with a colon, and specify the name of the file.

If this is a cabinet that has multiple files inside of it, you’ll also need to specify a separate destination folder. I’ve got a cabinet file in my E drive called Support.cab. And I’ve also got a subdirectory called Files that I’m going to put the files in. As you can see, there are no files currently in that folder.

To be able to see what’s in this cabinet file, we use the Expand command with the dash D and the name of the file, and it will list out all of the files that are within the Support.cab file. You can see there are a number of support files inside of this file.

Now let’s extract one of these files by using the Expand command. We’ll specify the support.cab. And we’ll use dash F colon. And let’s specify the VFI.exe file.

I also need to specify a destination for that VFI file because there are so many files inside of this cabinet. So I’ll specify the Files folder that I created earlier. And when I do that, it expands the files. And it says the expansion is complete.

And if we do a directory of the Files folder, you’ll see now the VFI.exe file has been expanded out of that cabinet. And now I’m able to use that application. One of the advantages of Windows is that you can integrate all of your computers together to manage them centrally using Active Directory.

One of the ways to manage all of these devices on the domain is to use something called Group Policy. This is a way to limit what a user may be able to do on a computer or force a computer to be used in particular way as long as it’s part of the domain. When someone logs into the Active Directory domain, that set of policies is pushed down to that computer, and it takes effect.

If you don’t want to wait for someone to log in, you can force an update of these particular group policies by using the GP Update command.

If you wanted to see what particular policies are in place for a particular computer or user, you can use the GP Result command, either for the entire domain or for a particular user on that domain.