Creating a batch file for simple ping command to an ip

Creating a batch file for simple ping command to an ip

May 30, 2009
Open a notepad
Copy below text in notepad


echo off
echo.
cls
color 5e
echo.
echo.
echo.
echo.
echo ********** ISDN **********
echo.
echo.
ping 192.168.1.1 -t -l 4
echo.
echo.
echo.
echo.
pause
COLOR
ECHO ON
EXIT

Replace the ip address which you want to ping

This text file save as .bat
(ex: ping.bat )

RAID 5 overview

May 30, 2009

RAID 5 is a method of spreading volume data across multiple disk drives. The DS6000™ series supports RAID 5 arrays.

RAID 5 increases performance by supporting concurrent accesses to the multiple DDMs within each logical volume. Data protection is provided by parity, which is stored throughout the drives in the array. If a drive fails, the data on that drive can be restored using all the other drives in the array along with the parity bits that were created when the data was stored.

One of the most popular RAID levels, RAID 5 stripes both data and parity information across three or more drives. It is similar to RAID 4 except that it exchanges the dedicated parity drive for a distributed parity algorithm, writing data and parity blocks across all the drives in the array. This removes the "bottleneck" that the dedicated parity drive represents, improving write performance slightly and allowing somewhat better parallelism in a multiple-transaction environment, though the overhead necessary in dealing with the parity continues to bog down writes. Fault tolerance is maintained by ensuring that the parity information for any given block of data is placed on a drive separate from those used to store the data itself. The performance of a RAID 5 array can be "adjusted" by trying different stripe sizes until one is found that is well-matched to the application being used.


This illustration shows how files of different sizes are distributed
between the drives on a four-disk RAID 5 array using a 16 kiB stripe
size. As with the RAID 0 illustration, the red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta is 500 kiB, with each
vertical pixel representing 1 kiB of space. Contrast this diagram to the
one for RAID 4, which is identical except that the data is only on three
drives and the parity (shown in gray) is exclusively on the fourth.drive.

Controller Requirements: Requires a moderately high-end card for hardware RAID; supported by some operating systems for software RAID, but at a substantial performance penalty.

Hard Disk Requirements: Minimum of three standard hard disks; maximum set by controller. Should be of identical size and type.

Array Capacity: (Size of Smallest Drive) * (Number of Drives - 1).

Storage Efficiency: If all drives are the same size, ( (Number of Drives - 1) / Number of Drives).

Fault Tolerance: Good. Can tolerate loss of one drive.

Availability: Good to very good. Hot sparing and automatic rebuild are usually featured on hardware RAID controllers supporting RAID 5 (software RAID 5 will require down-time).

Degradation and Rebuilding: Due to distributed parity, degradation can be substantial after a failure and during rebuilding.

Random Read Performance: Very good to excellent; generally better for larger stripe sizes. Can be better than RAID 0 since the data is distributed over one additional drive, and the parity information is not required during normal reads.

Random Write Performance: Only fair, due to parity overhead; this is improved over RAID 3 and RAID 4 due to eliminating the dedicated parity drive, but the overhead is still substantial.

Sequential Read Performance: Good to very good; generally better for smaller stripe sizes.

Sequential Write Performance: Fair to good.

Cost: Moderate, but often less than that of RAID 3 or RAID 4 due to its greater popularity, and especially if software RAID is used.

Special Considerations: Due to the amount of parity calculating required, software RAID 5 can seriously slow down a system. Performance will depend to some extent upon the stripe size chosen.

Recommended Uses: RAID 5 is seen by many as the ideal combination of good performance, good fault tolerance and high capacity and storage efficiency. It is best suited for transaction processing and is often used for "general purpose" service, as well as for relational database applications, enterprise resource planning and other business systems. For write-intensive applications, RAID 1 or RAID 1+0 are probably better choices (albeit higher in terms of hardware cost), as the performance of RAID 5 will begin to substantially decrease in a write-heavy environment.

RAID 10 overview

RAID 10 overview

May 29, 2009

RAID 10 provides high availability by combining features of RAID 0 and RAID 1. The DS6000™ series supports RAID 10 arrays.

RAID 0 increases performance by striping volume data across multiple disk drives. RAID 1 provides disk mirroring which duplicates data between two disk drives. By combining the features of RAID 0 and RAID 1, RAID 10 provides a second optimization for fault tolerance.

RAID 10 implementation provides data mirroring from one DDM to another DDM. RAID 10 stripes data across half of the disk drives in the RAID 10 configuration. The other half of the array mirrors the first set of disk drives. Access to data is preserved if one disk in each mirrored pair remains available. In some cases, RAID 10 offers faster data reads and writes than RAID 5 because it does not need to manage parity. However, with half of the DDMs in the group used for data and the other half used to mirror that data, RAID 10 disk groups have less capacity than RAID 5 disk groups

Disabling USB storage on a Windows platform

Disabling USB storage on a Windows platform

May 29, 2009
Windows Disabling USB storage on a Windows platform is only a little more complicated:

1. From Explorer's folder options, ensure that hidden files and folders are displayed, file extensions are not hidden, and simple file sharing is disabled.
2. Open up the properties for %systemroot%\Inf\Usbtror.inf (%systemroot% would normally be C:\Windows).
3. Select the Security tab and make sure that all options for all users are set to deny. This must include administrators and SYSTEM.
4. Repeat the above for %systemroot%\Inf\Usbstor.pnf.
5. If USB storage devices have been used on this machine previously, open up the registry editor; otherwise, ignore steps 6 and 7.
6. Browse to the registry location HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UsbStor.
7. Open up the registry key Start and change the data value to 4.
Close the registry editor.

That’s it! If simple file sharing was enabled previously, don’t forget to re-enable it.
Using NSlookup.exe Command Help From Microsoft

Using NSlookup.exe Command Help From Microsoft

May 21, 2009
Nslookup.exe is a command-line administrative tool for testing and troubleshooting DNS servers. This tool is installed along with the TCP/IP protocol through Control Panel. This article includes several tips for using Nslookup.exe.

To use Nslookup.exe, please note the following:
  • The TCP/IP protocol must be installed on the computer running Nslookup.exe
  • At least one DNS server must be specified when you run the IPCONFIG /ALL command from a command prompt.
  • Nslookup will always devolve the name from the current context. If you fail to fully qualify a name query (that is, use trailing dot), the query will be appended to the current context. For example, the current DNS settings are att.com and a query is performed on www.microsoft.com; the first query will go out as www.microsoft.com.att.com because of the query being unqualified. This behavior may be inconsistent with other vendor's versions of Nslookup, and this article is presented to clarify the behavior of Microsoft Windows NT Nslookup.exe
  • If you have implemented the use of the search list in the Domain Suffix Search Order defined on the DNS tab of the Microsoft TCP/IP Properties page, devolution will not occur. The query will be appended to the domain suffixes specified in the list. To avoid using the search list, always use a Fully Qualified Domain Name (that is, add the trailing dot to the name).

Nslookup.exe can be run in two modes: interactive and noninteractive. Noninteractive mode is useful when only a single piece of data needs to be returned. The syntax for noninteractive mode is:

   nslookup [-option] [hostname] [server]

To start Nslookup.exe in interactive mode, simply type "nslookup" at the command prompt:

   C:\> nslookup
Default Server: nameserver1.domain.com
Address: 10.0.0.1
>

Typing "help" or "?" at the command prompt will generate a list of available commands. Anything typed at the command prompt that is not recognized as a valid command is assumed to be a host name and an attempt is made to resolve it using the default server. To interrupt interactive commands, press CTRL+C. To exit interactive mode and return to the command prompt, type exit at the command prompt.

The following is the help output and contains the complete list of options:

Commands:   (identifiers are shown in uppercase, [] means optional)

NAME - print info about the host/domain NAME using default
server
NAME1 NAME2 - as above, but use NAME2 as server
help or ? - print info on common commands
set OPTION - set an option

all - print options, current server and host
[no]debug - print debugging information
[no]d2 - print exhaustive debugging information
[no]defname - append domain name to each query
[no]recurse - ask for recursive answer to query
[no]search - use domain search list
[no]vc - always use a virtual circuit
domain=NAME - set default domain name to NAME
srchlist=N1[/N2/.../N6] - set domain to N1 and search list to N1, N2,
and so on
root=NAME - set root server to NAME
retry=X - set number of retries to X
timeout=X - set initial time-out interval to X seconds
type=X - set query type (for example, A, ANY, CNAME, MX,
NS, PTR, SOA, SRV)
querytype=X - same as type
class=X - set query class (for example, IN (Internet), ANY)
[no]msxfr - use MS fast zone transfer
ixfrver=X - current version to use in IXFR transfer request

server NAME - set default server to NAME, using current default server
lserver NAME - set default server to NAME, using initial server
finger [USER] - finger the optional NAME at the current default host
root - set current default server to the root
ls [opt] DOMAIN [> FILE] - list addresses in DOMAIN (optional: output to
FILE)

-a - list canonical names and aliases
-d - list all records
-t TYPE - list records of the given type (for example, A, CNAME,
MX, NS, PTR, and so on)

view FILE - sort an 'ls' output file and view it with pg
exit - exit the program

A number of different options can be set in Nslookup.exe by running the set command at the command prompt. A complete listing of these options is obtained by typing set all. See above, under the set command for a printout of the available options.


Looking up Different Data Types

To look up different data types within the domain name space, use the set type or set q[uerytype] command at the command prompt. For example, to query for the mail exchanger data, type the following:
   C:\> nslookup
Default Server: ns1.domain.com
Address: 10.0.0.1

> set q=mx
> mailhost
Server: ns1.domain.com
Address: 10.0.0.1

mailhost.domain.com MX preference = 0, mail exchanger =
mailhost.domain.com
mailhost.domain.com internet address = 10.0.0.5
>

The first time a query is made for a remote name, the answer is authoritative, but subsequent queries are nonauthoritative. The first time a remote host is queried, the local DNS server contacts the DNS server that is authoritative for that domain. The local DNS server will then cache that information, so that subsequent queries are answered nonauthoritatively out of the local server's cache.



Querying Directly from Another Name Server

To query another name server directly, use the server or lserver commands to switch to that name server. The lserver command uses the local server to get the address of the server to switch to, while the server command uses the current default server to get the address.

Example:
   C:\> nslookup

Default Server: nameserver1.domain.com
Address: 10.0.0.1

> server 10.0.0.2

Default Server: nameserver2.domain.com
Address: 10.0.0.2
>

Using Nslookup.exe to Transfer Entire Zone

Nslookup can be used to transfer an entire zone by using the ls command. This is useful to see all the hosts within a remote domain. The syntax for the ls command is:

   ls [- a | d | t type] domain [> filename]

Using ls with no arguments will return a list of all address and name server data. The -a switch will return alias and canonical names, -d will return all data, and -t will filter by type.

Example:

   >ls domain.com
[nameserver1.domain.com]
nameserver1.domain.com. NS server = ns1.domain.com
nameserver2.domain.com NS server = ns2.domain.com
nameserver1 A 10.0.0.1
nameserver2 A 10.0.0.2

>

Zone transfers can be blocked at the DNS server so that only authorized addresses or networks can perform this function. The following error will be returned if zone security has been set:
*** Can't list domain example.com.: Query refused

For additional information, see the following article or articles in the Microsoft Knowledge Base:
193837 (http://support.microsoft.com/kb/193837/EN-US/ ) Windows NT 4.0 DNS Server Default Zone Security Settings
Back to the top

Troubleshooting Nslookup.exe

Default Server Timed Out

When starting the Nslookup.exe utility, the following errors may occur:
*** Can't find server name for address w.x.y.z: Timed out

NOTE: w.x.y.z is the first DNS server listed in the DNS Service Search Order list.

*** Can't find server name for address 127.0.0.1: Timed out

The first error indicates that the DNS server cannot be reached or the service is not running on that computer. To correct this problem, either start the DNS service on that server or check for possible connectivity problems.

The second error indicates that no servers have been defined in the DNS Service Search Order list. To correct this problem, add the IP address of a valid DNS server to this list.

For additional information, see the following article or articles in the Microsoft Knowledge Base:
172060 (http://support.microsoft.com/kb/172060/EN-US/ ) NSLOOKUP: Can't Find Server Name for Address 127.0.0.1

Can't Find Server Name when Starting Nslookup.exe

When starting the Nslookup.exe utility, the following error may occur:

*** Can't find server name for address w.x.y.z: Non-existent domain


This error occurs when there is no PTR record for the name server's IP address. When Nslookup.exe starts, it does a reverse lookup to get the name of the default server. If no PTR data exists, this error message is returned. To correct make sure that a reverse lookup zone exists and contains PTR records for the name servers.

For additional information, see the following article or articles in the Microsoft Knowledge Base:
172953 (http://support.microsoft.com/kb/172953/EN-US/ ) How to Install and Configure Microsoft DNS Server

Nslookup on Child Domain Fails

When querying or doing a zone transfer on a child domain, Nslookup may return the following errors:

*** ns.domain.com can't find child.domain.com.: Non-existent domain
*** Can't list domain child.domain.com.: Non-existent domain


In DNS Manager, a new domain can be added under the primary zone, thus creating a child domain. Creating a child domain this way does not create a separate db file for the domain, thus querying that domain or running a zone transfer on it will produce the above errors. Running a zone transfer on the parent domain will list data for both the parent and child domains. To work around this problem, create a new primary zone on the DNS server for the child domain.


APPLIES TO
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows NT Server 4.0 Standard Editio
NSLOOKUP Commnad Brief Info

NSLOOKUP Commnad Brief Info

May 21, 2009
Syntax:
nslookup

nslookup host-to-find

nslookup server

interactive mode:

nslookup -server

nslookup [-options] [host-to-find ]

Options:

host [server ]
Look up information for host using the current default server or using server,
if specified. If host is an Internet address and the query type is A or PTR ,
the name of the host is returned. If host is a name and does not have a trailing
period, the default domain name is appended to the name. (This behavior depends
on the state of the set options domain , srchlist , defname , and search.

To look up a host not in the current domain, append a period to the name.

server domain
lserver domain
Change the default server to domain ; lserver uses the initial server to look up
information about domain while server uses the current default server.
If an authoritative answer can't be found, the names of servers that might have
the answer are returned.
root
Change the default server to the server for the root of the domain name space.
Currently, the host ns.internic.net is used. (This command is a synonym for
`lserver ns.internic.net' The name of the root server can be changed with
the `set root ' command.

finger [name ] [> filename ]
finger [name ] [>> filename ]
Connects with the finger server on the current host. The current host is
defined when a previous lookup for a host was successful and returned address
information (see the `set querytype=A ' command). The name is optional. > and
>> can be used to redirect output in the usual manner.

ls [option ] domain [> filename ]
ls [option ] domain [>> filename ]
List the information available for domain , optionally creating or appending
to filename The default output contains host names and their Internet addresses.
Option can be one of the following:

-t querytype list all records of the specified type (see querytype below).
-a list aliases of hosts in the domain; synonym for `-t CNAME '
-d list all records for the domain; synonym for `-t ANY'
-h list CPU and operating system information for the domain; synonym for `-t HINFO'
-s list well-known services of hosts in the domain; synonym for `-t WKS'

When output is directed to a file, hash marks are printed for every 50 records
received from the server.

view filename
Sort and lists the output of previous ls command(s) with more(1).

set keyword [= value ]
This command is used to change state information that affects the lookups.
run man nslookup for a full list of valid keywords.

set all Print the current value of the frequently-used options
to set Information about the current default server and host is also printed.

help
? Print a brief summary of commands.

exit Exit the program.

Nslookup has two modes: interactive and non-interactive.

Interactive mode allows the user to query name servers for information about various hosts and domains or to print a list of hosts in a domain.

Non-interactive mode is used to print just the name and requested information for a host or domain.

The options listed under the `set ' command can be specified in the .nslookuprc file in the user's home directory (listed one per line). Options can also be specified on the command line if they precede the arguments and are prefixed with a hyphen.

Help for Batch file configuration

Help for Batch file configuration

May 21, 2009
  • On this page you'll find a shorthand list of common tasks in batch files, and the command(s) that can be used to perform those tasks.

    Notes: Many, if not most, of the commands listed here require Windows 2000 and later, some require Windows XP or later, some require Active Directory.
    Read more detailed information by following the links provided.
    Depending on the Windows version, some commands (e.g. SETX and NETSVC) may require installation of a Resource Kit.

    Task Available command(s) or variable(s)
    Add/remove computer to/from domain NETDOM (1)
    Counters FOR /L or SET /A counter += 1
    Delays PING
    Current date DATE /T or %Date% or DEBUG
    Current directory CD or %CD%
    Current drive %CD:~0,2%
    Current time TIME /T or %Time% or DEBUG
    Directory of current batch file %~dp0
    Drive of current batch file %~d0
    Environment, permanent changes SETX (2)
    Firewall configuration NETSH
    Harddisk & volume management DISKPART, FDISK, FORMAT, CONVERT, MOUNTVOL, VOL, CHKDSK, CHKNTFS, DEFRAG
    Hardware inventory WMIC
    IP address (local) PING %ComputerName%, NSLOOKUP %ComputerName% or IPCONFIG /ALL
    IP address (remote) PING, NSLOOKUP or WMIC
    IP address (WAN) to file WGET -O output_filename -q http://www.whatismyip.com/automation/n09230945.asp (3)
    IP address (WAN) to screen WGET -q -O- http://www.whatismyip.com/automation/n09230945.asp (3)
    Logoff Multiple commands available
    Open a file, folder or web page START
    Permissions CACLS, XCACLS (2), MMC & SECEDIT, SUBINACL (3) or SETACL (3)
    Popup dialogs NET Send %ComputerName%
    Print text NOTEPAD /P
    Print anything ASSOC, FTYPE & REGEDIT or REG
    Printer management RUNDLL32 PRINTUI.DLL,PrintUIEntry
    Process management Multiple commands available
    Prompt for user input SET /P & more
    Read text files FOR /F or occasionaly <>
    Reboot Multiple commands available
    Registry REGEDIT or REG
    Service management NET Stop, NET Start, SC or NETSVC (2)
    Shutdown Multiple commands available
    Unicode to ASCII conversion TYPE
    User/group management NET, DSADD, DSGET, DSMOD, DSMOVE, DSQUERY & DSRM (1) or CSVDE & LDIFDE (1)
    Write text files Redirected ECHO

    Notes: (1) Requires Windows XP with Windows Server 2003 Administration Tools Pack, or Windows Server 2003 or later.
    (2) Resource Kit tool
    (3) Third party tool
Using NSLOOKUP for DNS Server diagnosis

Using NSLOOKUP for DNS Server diagnosis

May 21, 2009
The DNS protocol has been around for decades and is a stable and reliable protocol. Even so, DNS does occasionally have problems. PING is a great tool for DNS server diagnosis, and I tend to use it quite frequently myself. However, sometimes PING just doesn’t give you enough information about the problem at hand. When you need more information about a DNS problem than what PING provides you with, you can always turn to the NSLOOKUP command. In this article, I will show you how to use NSLOOKUP.

The DNS protocol has been around for decades and is a stable and reliable protocol. Even so, DNS does occasionally have problems. These problems might stem from a loss of connectivity, an invalid DNS record, or a number of other issues. When a DNS server doesn’t behave in the way that it is expected to, many people turn to the PING command for help. PING is a great tool for DNS server diagnosis, and I tend to use it quite frequently myself. However, sometimes PING just doesn’t give you enough information about the problem at hand. When you need more information about a DNS problem than what PING provides you with, you can always turn to the NSLOOKUP command. NSLOOKUP is a built in DNS diagnostic utility that’s available to both Windows and UNIX Administrators. In this article, I will show you how to use NSLOOKUP.


The Basics

NSLOOKUP has a fairly rich syntax and can be a bit confusing for those who have not worked with DNS a great deal. Therefore, I want to start out by showing you some of the basics. Although NSLOOKUP exists in both UNIX and Windows, there are some differences in the way that it behaves in the two operating systems. For the purposes of this article, I will be using the Windows version.

The first thing that you need to understand about NSLOOKUP is that when you use the NSLOOKUP command, it assumes that you are querying a local domain on your private network. You can query an external domain, but NSLOOKUP will try to search for the domain internally first. For example, the brienposey.com domain is external to my network. If I perform an NSLOOKUP against brienposey.com, NSLOOKUP returns the information that’s shown in Figure A.


Figure A: This is what happens when NSLOOKUP queries an external domain

If you look at the figure, you will see that there are non existent domain error messages for the IP addresses 147.100.100.34 and 147.100.100.5. These are the addresses of my internal DNS servers. Below this information however is the non authoritative answer. This means that my DNS server queried an external DNS server in an effort to resolve the IP address associated with the brienposey.com domain.

Now, let’s take a look at what happens when you query an internal domain. One of the local domains on my private network is production.com. If I perform an NSLOOKUP against production.com, I get the results shown in Figure B.


Figure B: This is what it looks like when I query an internal domain

If you look at the top portion of this screen, you will notice that I’m getting the exact same non-existent domain error messages as I got when I queried an external domain. At first, this may seem puzzling. The reason why I got this error message was because I performed an NSLOOKUP outside of the NSLOOKUP shell. I will talk more about the NSLOOKUP shell in the next section. For now though, you need to know that you can enter the NSLOOKUP command by itself. When you do, you will see the familiar non-existent domain error messages, but you will then be taken to the NSLOOKUP prompt (the > sign). From there you can enter various NSLOOKUP commands. When you are done, you can use the EXIT command to return to the command prompt.

The other thing that you should notice about Figure B is the bottom portion of the output. Beneath the reference to production.com is a string of IP addresses. These are the IP addresses of all of the domain controllers within the domain. I should also point out that if multiple IP addresses are assigned to a single server then all of the server’s IP addresses will be displayed by NSLOOKUP.

The NSLOOKUP Shell

Now that I have shown you how to use the NSLOOKUP command to see the IP address or addresses associated with the domain, let’s do something a little bit more useful. One of the things that you can do with NSLOOKUP is to look up a specific type of DNS record. A good example of this is an MX record.

In case you aren’t yet familiar with all of the intricacies of DNS, the MX record points to the organization’s mail server. For example, suppose that someone wanted to send an E-mail message to you, one of the first things that their mail server would have to do is to resolve your domain’s IP address. However, a normal address resolution won’t usually work for this purpose. In Figure A, you saw that when I ran a DNS query against the brienposey.com domain, the domain resolved to the address 24.235.10.4. Keep in mind though, that this is the IP address of the server that hosts my Web site, not the address of my mail server. If someone wanted to send me an E-mail message their E-mail client would have to resolve the IP address of my domain’s mail server. This is where the MX record comes into play. The MX record is a record on a domain’s DNS server that specifies the IP address of the domain’s mail server.

As you can see, the MX record is rather important. Suppose however that your domain was having trouble receiving E-mail and you suspected that a DNS server issue was to blame. You could use NSLOOKUP to confirm that the domain does indeed have an MX record and that the MX record is pointed to the correct IP address.

Earlier I briefly mentioned that you could work within the NSLOOKUP shell. To troubleshoot an MX record problem, you pretty much have to work within this shell. Therefore, you would start the process by entering the NSLOOKUP command at the command prompt.

Once the NSLOOKUP shell is open, you will need to tell NSLOOKUP which DNS server you want to query. To do so, enter the SERVER command, followed by the DNS server’s IP address. You can also enter the server’s fully qualified domain name (assuming that it can be resolved) as an alternative to the server’s IP address.

Now that you have specified a DNS server for NSLOOKUP to use, you can query domains without receiving the non-existent domain error messages that you saw earlier (as long as you remain within the NSLOOKUP shell). To do so, you would simply type the domain name that you want to query. For example, if you look at Figure C, you can see where I have specified a particular DNS server and then queried an external and an internal domain.


Figure C: The error messages go away if you specify a DNS server

Now, let’s get back to the business of looking up a domain’s MX record. To do so, you need to issue a command that tells NSLOOKUP to query based on MX records. The command that you will have to use is:

SET QUERY=MX

Issuing this command by itself won’t give you any information about the domain’s MX record though. For that you have to actually query the domain by entering the domain name. If you look at Figure D, you will see that I have specified an MX query and then entered the production.com domain name. NSLOOKUP now returns a wealth of information pertaining to my domain’s MX record.


Figure D: When an MX query is specified, you can get a wealth of information about your domain’s MX record

Conclusion

As you can see, NSLOOKUP can provide you with a wealth of DNS server diagnostic information. However, NSLOOKUP is not limited to providing the types of information that I have discussed. The NSLOOKUP shell is actually a fairly rich interface with a rather large command set. You can view a list of the available commands and their syntax by entering a question mark at the NSLOOKUP prompt (note: you can not use NSLOOKUP /? to view the command set).

The NET command

The NET command

May 21, 2009

The NET command is used to manage requesters (networked computers), servers and network resources (network drives, printers, etcetera).
Most options of NET.EXE are also available in GUI style programs in Windows and OS/2, but for automating tasks nothing beats the command line interface of NET.EXE and its NT counterparts.

I "grew up" with OS/2 LAN Server's command line.
I automated many tasks using either batch files with NET.EXE or Rexx scripts with LAN Server RexxUtil.
After jumping on the NT train, it took me a while before I realized that I wasn't condemned to GUI style programs at all, as long as I had access to the Windows NT 4 and 2000 Server Resource Kit utilities.

Being an ex-OS/2 administrator, the first scripts I created for NT were (Regina) Rexx scripts, written for the Rexx version that comes with the Resource Kit.
After a while I switched to batch files combined with Resource Kit utilities.
To my surprise NT's batch language is almost as powerfull as a the Resource Kit's Rexx version.

One of the biggest problems when switching from LAN Server to NT is that many of NET.EXE's options have been moved to separate utilities in NT.
The following table and examples are meant as a cross reference: find the "original" LAN Manager/LAN Server command in the column on the left, and check the middle column to see what it translates to in NT.
Note that even when some NET commands remained the same, the options may still differ vastly.
Use NET HELP command to get online help.
In OS/2 you will get even more help on the available options using NET HELP command /O

Windows NT 4's help files contain, amongst others, a very helpful translation table too.
Look at the "Contents", "Windows NT Commands", "What's New or Different from LAN Manager?".

Note:
For NT I added several commands from the free PSTools toolkit.
These tools can be used on local as well as remote systems.
A must-have for Windows administrators.

LAN Server/LAN Manager and NT command translation
OS/2, LAN Server
LAN Manager
Windows NT Remarks
AT AT Schedule tasks
NET ACCESS CACLS Manage access.
Alternative (non-native) commands for NT: XCACLS, SHOWACLS, RMTSHARE, SUBINACL, SECEDIT.
NET ACCOUNTS NET ACCOUNTS
NET ADMIN RCMD (1)
PSEXEC
IMHO NET ADMIN was NT's worst omission.
On the other hand, RCMD (1) and PSEXEC may very well be the best replacements one could ever wish.
NET ADMIN /C \\server NET ACCESS local_path ... XCACLS (1) unc_path ...
PSEXEC \\server CACLS local_path ...
For files only, CACLS can be used on UNC based names as well.
NET ADMIN /C \\domaincontroller NET GROUP globalgroup ... NET GROUP globalgroup ... /DOMAIN
NET ADMIN /C \\server NET SHARE share ... RMTSHARE (1) \\server\share ...
PSEXEC \\server NET SHARE share ...

NET ADMIN /C \\domaincontroller NET USER user_id ... NET USER user_id ... /DOMAIN
NET ADMIN /C \\server NET FILE ... PSFILE \\server ...
NET ALIAS None (2)
NET APP None (2)
NET APPPARM None (2) OS/2 Warp 4.5 (eComStation) only
NET AUDIT None (2)
NET COMM None (2)
None (2) NET COMPUTER
NET CONFIG NET CONFIG Display NetBIOS configuration information
NET CONTINUE NET CONTINUE Continue paused services
NET COPY COPY
XCOPY
FCOPY (1)

NET DASD None (2)
NET DEVICE None (2)
NET ERROR DUMPEL (1)
PSLOGLIST

NET FILE NET FILE List files opened by remote computers
NET FORWARD None (2)
NET GROUP NET GROUP
NET LOCALGROUP
List or manage groups and group membership
NET HELP NET HELP
NET HELPMSG
Use NET HELP to display syntax.
Use NET HELPMSG to display information on error messages.
NET LOG None (2)
NET MOVE None (2)
NET NAME NET NAME List or manage NetBIOS names
NET PASSWORD NET USER user_id new_password [ /DOMAIN ] The command RUNDLL32.EXE NETPLWIZ.DLL,UsersRunDll will start the GUI for changing passwords (by Administrators only).
[ Thanks for Steve Pasikowski for pointing out an error in the previously published command ]
NET PAUSE NET PAUSE Pause services
NET PRINT NET PRINT
NET RIPLMACH None (2) OS/2 Warp 4.5 (eComStation) only
NET RIPLMCLAS None (2) OS/2 Warp 4.5 (eComStation) only
NET RUN RCMD (1)
PSEXEC

NET SEND NET SEND Send messages to other users or computers
NET SESSION NET SESSION
NET SHARE NET SHARE In Windows Server 2003 the default permissions on shares have changed from Everyone Full Control to Everyone Read! Use the /GRANT:Everyone,Full switch to set permissions to the old default.
NET START NET START Start services
NET STATISTICS NET STATISTICS
NET STATUS NET CONFIG and NET SHARE
NET STOP NET STOP Stop services
NET TIME NET TIME Synchronize time with a remote computer, or display a remote computer's current time
NET USE NET USE NT's /USER switch makes this command extremely powerfull
NET USER NET USER List or manage users
NET VIEW NET VIEW List domains and workgroups (NT's /DOMAIN switch only only), computers, or shared devices
NET WHO None (2) IMHO this is NT's secondmost important omission.
See NetWho and NetWho2 for an attempt to fill the gap.
For small NT networks PSLOGGEDON may be a viable alternative.

Notes: (1) This utility comes with the Windows NT Server Resource Kit

(2) There seems to be no command line equivalent available in NT.
However, for most tasks GUI style utilities are available in NT.
Linux / Unix finger command

Linux / Unix finger command

May 20, 2009
About finger

Lists information about the user.

Syntax

finger [-b] [-f] [-h] [-i] [-l] [-m] [-p] [-q] [-s] [-w] [username]

-b Suppress printing the user's home directory and shell in a long format printout.
-f Suppress printing the header that is normally printed in a non-long format printout.
-h Suppress printing of the .project file in a long format printout.
-i Force "idle" output format, which is similar to short format except that only the login name, terminal, login time, and idle time are printed.
-l Force long output format.
-m Match arguments only on user name (not first or last name).
-p Suppress printing of the .plan file in a long format printout.
-q Force quick output format, which is similar to short format except that only the login name, terminal, and login time are printed.
-s Force short output format.
-w Suppress printing the full name in a short format printout.

Examples

finger -b -p ch - Would display the following information about the user ch.

Login name: admin In real life: Computer Hope
On since Feb 11 23:37:16 on pts/7 from domain.computerhope.com
28 seconds Idle Time
Unread mail since Mon Feb 12 00:22:52 2001

Related commands

ac
passwd
who
whois

Microsoft DOS arp command

Microsoft DOS arp command

May 20, 2009
About arp

Displays, adds and removes arp information from network devices.

Short for Address Resolution Protocol, ARP is a protocol used with the IP protocol for mapping a 32-bit Internet Protocol address to a MAC address that is recognized in the local network specified in RFC 826. Once recognized, the server or networking device returns a response containing the required address.

  • Additional information about the MS-DOS ARP command can be found on our MS-DOS ARP command page.
  • See our Linux / Unix arp command page for additional information about this systems command.
Syntax ARP -s inet_addr eth_adr [if_addr]

ARP -d inet_addr [if_addr]
ARP -a [inet_addr] [-N if_addr]


-a Displays current ARP entries by interrogating the current protocol data. If inet_addr is specified, the IP and Physical addresses for only the specified computer are displayed. If more than one network interface uses ARP, entries for each ARP table are displayed.
-g Same as -a
inet_addr Specifies an Internet address.
-N if addr Displays the ARP entries for the network interface specified by if_addr.
-d Deletes the host specified by inet_addr.
-s Adds the host and associates the Internet address inet_addr with the Physical address eth_addr. The Physical address is given as 6 hexadecimal bytes seperated by hyphens. The entry is permanent.
eth_addr Specifies a physical address
if_addr If present, this specifies the Internet address of the interface whose address translation table should be modified. If not present, the first applicable interface will be used.

Examples

arp -a

Interface 220.0.0.80

Internet Address Physical Address Type
220.0.0.160 00-50-04-62-F7-23 static

The Physical Address or MAC address as shown above in the format aa-bb-cc-dd-ee-ff is the unique manufacturer identification number. This number should always be a unique address.

An example of how to change the above IP address 220.0.0.160 to 220.0.0.161 in this case would be:

arp -s 220.0.0.161 00-50-04-62-F7-23

If an IP address has already been assigned to the specific network adapter it is not possible to change that assigned IP address to a new address. In addition, networks italicizing DHCP, BOOTP or RARP will automatically assign the card an IP address, therefore, this command would not be utilized.

Root

Root

May 20, 2009

1. Also known as an admin, administrator, and gatekeeper this account is a super user on a computer and/or network and has complete control over it. When referring to a Unix / Linux computer this user is often known as root and on a Windows computer and network this user is often referred to as an administrator. However, each of these terms is interchangeable.

  • Information about determining if an account has administrator rights on document CH001093.
  • See document CH001096 for additional information about why you may not be able to log into the administrator account.
  • Additional information about giving a Windows account administrative rights on document CH001097.
  • See our su or super user command page for additional information on this Linux command.

2. The highest level in a directory hierarchy. For example, in MS-DOS, the root of the primary hard disk drive would C:\.

  • Additional information and help with MS-DOS can be found on our MS-DOS help page.
  • Users in the Microsoft recovery console can set the current directory to the system root directory by using the systemroot command.
Help with ping, winipcfg, and other network commands.

Help with ping, winipcfg, and other network commands.

May 20, 2009


Issue:


Help with ping, winipcfg, and other network commands.


Cause:


It may
be necessary to utilize utilities such as ping, winipcfg,
tracert, etc to help identify and fix network
related issues.


Solution:


Below is a
listing of the various network related commands used in MS-DOS, Windows,
Linux, Unix, and other operating systems. Each
command includes additional information to what the command does, the
command's syntax, and miscellaneous information.


Note: If you are not the root or admin of a computer, it is possible
for these commands to be disabled or revoked.


Arp

Finger

Hostname

Ipconfig

Pathping

Ping

Nbtstat

Net

Netstat

Nslookup

Route

Tracert / Traceroute

Whois

Winipcfg


ARP


Display or
manipulate the ARP information on a
network device or computer.



  • Additional information about the
    MS-DOS arp command
    can be found here.


FINGER


The finger
command available in Unix / Linux variants allows a user to find sometimes
personal information about a user. This information can include the last
time the user logged in, when they read their e-mail, etc... If the user
creates a .PLAN or other related file the user can also display additional
information.



  • Unix / Linux and variant finger command
    information can be found here.


HOSTNAME


The hostname
command displays the host name of the Windows XP computer currently logged
into.



  • Additional information about the
    MS-DOS hostname command can be found here.


IPCONFIG


Ipconfig is a MS-DOS utility that
can be used from MS-DOS and a MS-DOS shell to display the network settings
currently assigned and given by a network. This command can be utilized to
verify a network connection as well as to verify your network settings.


Windows 2000 users
should use this command to determine network information.



  • Additional information about ipconfig can be found here.


PATHPING


Pathping is a MS-DOS utility
available for Microsoft Windows 2000 and Windows XP users. This utility
enables a user to find network latency and network loss.



  • Additional information about
    the pathping command can be found here.


PING


Ping is one of the most
commonly used and known commands. Ping
allows a user to ping another network IP address. This can help determine
if the network is able to communicate with the network.



  • MS-DOS / Windows ping command and
    information can be found here.

  • Unix / Linux and variant ping command
    information can be found here.


NBTSTAT


The nbtstat MS-DOS utility that displays protocol
statistics and current TCP/IP connections using NBT.



  • MS-DOS / Windows nbtstat command and information can be found here.


NET


The net command
is available in MS-DOS / Windows and is used to set, view and determine
network settings.



  • MS-DOS / Windows net command and
    information can be found here.


NETSTAT


The netstat command is used to display the TCP/IP network
protocol statistics and information.



  • MS-DOS / Windows netstat command and information and be found here.

  • Unix / Linux netstat
    command and information and be found here.


NSLOOKUP


The nslookup MS-DOS utility that enables a user to do a reverse lookup on an IP address of a domain
or host on a network.



  • MS-DOS / Windows nslookup command and information can be found here.

  • Unix / Linux nslookup
    command and information and be found here.
    Linux users may also be interested in the host
    command that performs a similar task.


ROUTE


The route MS-DOS
utility enables computers to view and modify the computer's route table.



  • MS-DOS route command information
    can be found here.


TRACERT
/ TRACEROUTE


The tracert command in MS-DOS / Windows or the traceroute command in Unix / Linux and variants is
another commonly used network command to help determine network related
issues or slowdowns. Using this command you can view a listing of how a
network packet travels through the network and where it may fail or slow
down. Using this information you can determine the computer, router, switch
or other network device possibly causing your network issues.



  • MS-DOS / Windows tracert command and information can be found here.

  • Unix / Linux and variant traceroute command information can be found here.


WHOIS


The whois command available in Unix / Linux variants helps
allow a user to identify a domain name. This command provides information
about a domain name much like the WHOIS on network solutions. In some cases
the domain information will be provided from Network Solutions.



  • Unix / Linux and variant whois command information can be found here.


WINIPCFG


The winipcfg command available in Windows allows a user to
display network and network adapter information. Here, a user can find such
information as an IP address, Subnet Mask, Gateway, etc...



  • Windows winipcfg
    command and information can be found here.


NOTE: Windows
2000, Windows XP and above users do not have winipcfg.
Instead, use ipconfig.




sharing a folder in Windows XP getting problem

May 18, 2009
sharing a folder in Windows XP Pro getting problem
If right click on a folder, share options not shown Because of
Share services are gone to stop

We need to manually start the services from "services.msc"

Start -> Run -> Services.msc

Here we need to start

Workstation, Server and3
Computer Browser Services





Then check it out The problem will be solved. You can see the share options.
Mcafee antivirus ( Virusscan 8.5 ) 8.5

Mcafee antivirus ( Virusscan 8.5 ) 8.5

May 08, 2009
Hownload here


Mcafee antivirus 8.5



Install this software and update through avvdat-5606.zip patch

Patch discription is in other post
File Replication Service Stops Responding When Staging Area is Full

File Replication Service Stops Responding When Staging Area is Full

May 07, 2009
http://support.microsoft.com/kb/264822


WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

When the space consumed by staging files reaches 660 MB, inbound and outbound replication is suspended until free staging space is available. Typically, when the server replicates large amounts of data, staging areas can reach their limit because the FRS moves data to the local staging area at a rate faster than the data can be transferred across the network to the staging area of the other FRS replica partner.

A display of the event that may be registered in the event log is as follows:
Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13522
Date:
Time:
User: N/A
Computer:
Description:

The File Replication Service paused because the staging area is full. Replication will resume if staging space becomes available or if the staging space limit is increased.
To increase the size of the staging area, change the following registry setting to reflect the amount of space that is needed (enter it in kilobytes). For example, if you need to replicate 1.2 gigabytes (GB) of data, increase the staging areas of the inbound and outbound partners to 1.5 GB to ensure that the staging areas can accommodate all data to be replicated.
HKLM\SYSTEM\CurrentControlSet\Services\Ntfrs\Parameters\Staging Space Limit in KB

Data type: REG_DWORD
Range: 0x0 - 0xFFFFFFFF KB
Default value: Default= 0xA5000 (660000 KB = 660 MB)

For example, 1.5 GB = 16e360 (1500000 KB = 1.5 GB)
For additional information about FRS registry entries, click the article number below to view the article in the Microsoft Knowledge Base:
221111 (http://support.microsoft.com/kb/221111/EN-US/ ) Description of FRS Entries in the Registry
For more information about the registry, refer to the Regentry.chm file which is installed with the Microsoft Windows 2000 Server Resource Kit.
Mcafee Update Patch download and configure

Mcafee Update Patch download and configure

May 06, 2009
Browse this link


CommonUpdater

Download AVVDAT-****.ZIP (ex: avvdat-5606.zip)

Extract this zip file to this below folder
C:\Program Files\Common Files\McAfee\Engine

Your Mcafee will update automatically.
How to use the Windows recovery console.

How to use the Windows recovery console.

May 05, 2009

Additional information:

The Microsoft Windows recovery console was first introduced in Microsoft Windows 2000 and is available in all later versions of Windows including Windows XP. This feature enables users to get to a mode that allows them to recover, change, or fix files or settings that may be causing their computer not to boot properly.

A listing of available Windows 2000 and Windows XP recovery console commands can be found on our recovery console definition.
-------------------------------------------------------------------------------------------------

First, to get into the Microsoft Windows recovery console you must have a Microsoft Windows CD, if your computer came with another restore or recovery cd it's possible the below steps my not apply to your CD. Place the Windows CD in your computer and boot from the CD


If you do not have a standard Microsoft Windows XP CD you can get into the recovery console by using the Windows XP bootable diskettes.
How to use a password reset disk

How to use a password reset disk

May 05, 2009
If you forget your password, you can log on to the computer by using a new password that you create by using the Password Reset Wizard and your password reset disk.

To gain access to your local user account on a computer that is a member of a domain, or has been disconnected from a domain, follow these steps:
  1. In the Welcome to Windows dialog box, press CTRL+ALT+DELETE.
  2. In the Log On to Windows dialog box, type an incorrect password in the Password box, and then click OK.
  3. In the Logon Failed dialog box that appears, click Reset. The Password Reset Wizard starts. You can use the Password Reset Wizard to create a new password for your local user account.
  4. On the Welcome to the Password Reset Wizard page, click Next.
  5. Insert the password reset disk in drive A, and then click Next.
  6. On the Reset the User Account Password page, type a new password in the Type a new password box.
  7. Type the same password in the Type the password again to confirm box.
  8. In the Type a new password hint box, type a hint that will help you remember the password if you forget it.

    Note This hint is visible to anyone who tries to log on to the computer by using your user account.
  9. Click Next, and then click Finish. The Password Reset Wizard quits and you return to the Log On to Windows dialog box. The password reset disk is automatically updated with the new password information. You do not have to create a new password reset disk.
  10. In the Log On to Windows dialog box, type your new password in the Password box.
  11. In the Log on to box, click the local computer--for example, click Computer (this computer), and then click OK.
You are logged on to the local computer with your local account information.
create a password reset disk

create a password reset disk

May 05, 2009
Note that this procedure requires one blank, formatted floppy disk.

To create a password reset disk for your local user account, follow these steps:
  1. Press CTRL+ALT+DELETE. The Windows Security dialog box appears.
  2. Click Change Password. The Change Password dialog box appears.
  3. In the Log on to box, click the local computer--for example, click Computer (this computer).
  4. Click Backup. The Forgotten Password Wizard starts.
  5. On the Welcome to the Forgotten Password Wizard page, click Next.
  6. Insert a blank, formatted disk in drive A, and then click Next.
  7. In the Current user account password box, type your password, and then click Next. The Forgotten Password Wizard creates the disk.
  8. When the progress bar reaches 100 percent complete, click Next, and then click Finish. The Forgotten Password Wizard quits and you return to the Change Password dialog box.
  9. Remove and then label the password reset disk. Store the disk in a safe place.
  10. In the Change Password dialog box, click Cancel.
  11. In the Windows Security dialog box, click Cancel.
you can easily change or wipe out your Administrator password for free during a Windows XP Repair.

you can easily change or wipe out your Administrator password for free during a Windows XP Repair.

May 05, 2009

Here’s how with a step-by-step description of the initial Repair process included for newbie’s.


1. Place your Windows XP CD in your cd-rom and start your computer (it’s assumed here that your XP CD is bootable – as it should be - and that you have your bios set to boot from CD)

2. Keep your eye on the screen messages for booting to your cd Typically, it will be “Press any key to boot from cd”

3. Once you get in, the first screen will indicate that Setup is inspecting your system and loading files.

4. When you get to the Welcome to Setup screen, press ENTER to Setup Windows now

5. The Licensing Agreement comes next - Press F8 to accept it.

6. The next screen is the Setup screen which gives you the option to do a Repair.

It should read something like “If one of the following Windows XP installations is damaged, Setup can try to repair it”

Use the up and down arrow keys to select your XP installation (if you only have one, it should already be selected) and press R to begin the Repair process.

7. Let the Repair run. Setup will now check your disks and then start copying files which can take several minutes.

8. Shortly after the Copying Files stage, you will be required to reboot. (this will happen automatically – you will see a progress bar stating “Your computer will reboot in 15 seconds”

9. During the reboot, do not make the mistake of “pressing any key” to boot from the CD again! Setup will resume automatically with the standard billboard screens and you will notice Installing Windows is highlighted.

10. Keep your eye on the lower left hand side of the screen and when you see the Installing Devices progress bar, press SHIFT + F10. This is the security hole! A command console will now open up giving you the potential for wide access to your system.

11. At the prompt, type NUSRMGR.CPL and press Enter. Voila! You have just gained graphical access to your User Accounts in the Control Panel.

12. Now simply pick the account you need to change and remove or change your password as you prefer. If you want to log on without having to enter your new password, you can type control userpasswords2 at the prompt and choose to log on without being asked for password. After you’ve made your changes close the windows, exit the command box and continue on with the Repair (have your Product key handy).

13. Once the Repair is done, you will be able to log on with your new password (or without a password if you chose not to use one or if you chose not to be asked for a password). Your programs and personalized settings should remain intact.

I tested the above on Windows XP Pro with and without SP1 and also used this method in a real situation where someone could not remember their password and it worked like a charm to fix the problem. This security hole allows access to more than just user accounts. You can also access the Registry and Policy Editor, for example. And its gui access with mouse control. Of course, a Product Key will be needed to continue with the Repair after making the changes, but for anyone intent on gaining access to your system, this would be no problem.

And in case you are wondering, NO, you cannot cancel install after making the changes and expect to logon with your new password.

Cancelling will just result in Setup resuming at bootup and your changes will be lost.

Ok, now that your logon problem is fixed, you should make a point to prevent it from ever happening again by creating a Password Reset Disk. This is a floppy disk you can use in the event you ever forget your log on password. It allows you to set a new password.

Here's how to create one if your computer is NOT on a domain:

  • Go to the Control Panel and open up User Accounts.
  • Choose your account (under Pick An Account to Change) and under Related Tasks, click "Prevent a forgotten password".
  • This will initiate a wizard.
  • Click Next and then insert a blank formatted floppy disk into your A: drive.
  • Click Next and enter your logon password in the password box.
  • Click Next to begin the creation of your Password disk.
  • Once completed, label and save the disk to a safe place

How to Log on to your PC Using Your Password Reset Disk

Start your computer and at the logon screen, click your user name and leave the password box blank or just type in anything. This will bring up a Logon Failure box and you will then see the option to use your Password Reset disk to create a new password. Click it which will initiate the Password Reset wizard. Insert your password reset disk into your floppy drive and follow the wizard which will let you choose a new password to use for your account.

Note: If your computer is part of a domain, the procedure for creating a password disk is different.

Reset password from another user account with administrator credentials

Reset password from another user account with administrator credentials

May 05, 2009

If you cannot log on to Windows by using a particular user account, but you can log on to another account that has administrative credentials, follow these steps on how to do the trick:

  1. Log on to Windows by using an administrator account that has a password that you remember. You may need to start WinXP in safe mode.
  2. Click Start, and then click Run.
  3. In the Open box, type “control userpasswords2″, and then click OK.
  4. Click the user account that you forgot the password for, and then click Reset Password.
  5. Type a new password in both the New password and the Confirm new password boxes, and then click OK.
Administrator Password recover or reset Tips

Administrator Password recover or reset Tips

May 05, 2009
John the Ripper password cracker

John the Ripper is a fast password cracker based on dictionary attack with a wordlist currently available for many flavors of Unix (11 are officially supported, not counting different architectures), Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.

Download link:

John the Ripper 1.7.0.1 for Windows


EBCD – Emergency Boot CD


EBCD is a bootable CD, intended for system recovery in the case of software or hardware faults. It is able to create backup copies of normally working system and restore system to saved state. It contains the best system software ever created, properly compiled and configured for the maximum efficient use. Features are such as copy files from unbootable volume, recover master boot record of HDD, recover deleted file, recover data from accidently formatted disk and floppy disk. EBCD also includes function to change password of any user, including administator of Windows NT/2000/XP OS without the need to know the old password.


Download link:

EBCD Lite 0.6.1
EBCD Pro 0.6.1

Both contains necessary NT password recovery feature.



Hack and Reset Windows NT 4.0 and Windows 2000 Administrator or Domain Admin Password with LOGON.SCR Trick

Hack and Reset Windows NT 4.0 and Windows 2000 Administrator or Domain Admin Password with LOGON.SCR Trick

May 05, 2009
  1. Logon or login to the Windows computer with any user account.
  2. Navigate to %systemroot%\System32 in Windows Explorer. %systemroot% is your Windows installation folder, and normally located in \WINNT or \Windows (i.e. \WINNT\System32).
  3. Save a copy of LOGON.SCR file, or simply rename the logon.scr file to something else. Just make sure that you remember where and what name is the backup copy.
  4. Delete the original LOGON.SCR from the %systemroot%\System32 sub-folder after you have backed it up. The file should no longer exist if you rename it.

    Note: If you having problem to delete or rename LOGON.SCR, it may be due to permission settings. Try to take ownership of the LOGON.SCR (by right clicking on LOGON.SCR, then select Properties and go to the Security tab, then click on the Ownership. Click “Take Ownership” and then click Yes to the prompt message.), and give the Everyone group Full Control permissions (by right clicking on LOGON.SCR then select Properties, then go to Security tabs. Click on Add and browse to and add the Everyone group. Give Everyone Full Control and then click on OK.) You may need to install an alternate second copy of Windows on the machine to do so as detailed at the end of this article.

  5. Copy and paste the CMD.EXE located in %systemroot%\System32 to create additional copy of CMD.EXE in the same directory, then rename the new copied file as LOGON.SCR. This will let the Windows NT or Windows 2000 to use CMD.EXE command prompt program as the screen saver that will be activated after computer idle for specific minutes.
  6. Ensure that you activate the screen saver of the Windows.
  7. Wait for the computer screen saver activation idle wait time timeout, so that Windows will load the unprotected DOS command prompt in the context of the local system account as if it’s the screen saver.
  8. In the CMD command prompt that is opened, key in the following command to reset and change the administrator’s password:

    net user administrator newpassword

    And the user account for administrator will have the new password of newpassword (which you should change to your own password). With the syntax of net use user_name new_password, it can be used to reset or modify the password of other administrative user account’s passwords.

  9. You can now log on to the administrator account with the new password. You may want to replace back the original LOGON.SCR that has been backed up or renamed.
  10. You may want to delete the alternate installation of Windows, by deleting the installation folder or format the partition (if you install in different partition), and removing the second Windows entry in BOOT.INI file at the root. Use attrib -r -s -h c:\boot.ini to change and allow the boot.ini to be modified and viewed.