Useful Windows Commands

Useful Windows Commands

^{Created: 2021-06-10 22:02:20 | Last modified: 2025-07-18 00:15:40}
^{Access: Read}^{| Views: 29}^{| Rating: N/A}^{| Tags: windows exchange}
List of useful Windows and Windows Server commands. Also includes exchange

Windows Server

Reset Active Directory (AD) locked account

# Check to see if the account is locked
Get-ADUser -Identity 'USERNAME' -Properties LockedOut | Select-Object Name,Lockedout

# Unlock the account
unlock-adaccount -identity 'USERNAME'

Windows

Kill tasks from the command line, note you will need elevated command privilege's

# List the tasks
tasklist | more

# Kill the task using the processID
taskkill /F /PID processID

# kill the task using the process name (will kill multiple tasks at once)
taskkill /IM "process name" /F

When trying to find a machine on your network with a particular name, you can run a remote PowerShell command to the PC to say something.

Open PowerShell, click File -> New Remote PowerShell Tab
Add the following command;

add-type -assemblyname system.speech
$talk = new-object System.Speech.Synthesis.SpeechSynthesizer
While ($true) {
    $talk.Speak("Hello")
    Start-Sleep -Seconds 3
}

To get the serial number from windows, open a command prompt and enter in the following command

wmic bios get serialnumber

Exchange

Get Microsoft Exchange mailbox sizes in a list

get-mailboxstatistics -Server SERVERNAME| ft DisplayName, TotalItemSize, ItemCount

Robocopy

Copy some files from D:\Files to the current directory.
/mt allows multithreaded, /z allows for resume, /e will copy sub directories and will copy empty directories

robocopy D:\files\ . /mt /z /e

Debugging AD communications

All done on desktop PC. Diagnosed Active Directory as being at fault, however it ended up being an MTU issue on the network causing communication issues to the domain controller.

# Test Domain - OK and OK
nltest /sc_verify:domain.local
nltest /dsgetdc:domain.local

# Get the connection profile e.g. private, public etc - FAIL Private
Get-NetConnectionProfile

# Restart for discovery service
net stop netlogon
net start netlogon

# Check DNS is being resolved
Resolve-DnsName _ldap._tcp.dc._msdcs.domain.local

# Test Ports - OK
Test-NetConnection server.domain.local -Port 135

# Reset secure channel - FAIL - This will rebuild secure channel without having to remove and join the PC to AD again.
Test-ComputerSecureChannel -Repair -Credential (Get-Credential)

# Rejoin computer to domain - FAIL and IGNORED
Add-Computer -WorkgroupName "WORKGROUP" -Force
Add-Computer -DomainName "domain.local" -Credential "domain\admin"
Restart-Computer

# Disable firewall - OK
netsh advfirewall set allprofiles state off

# Test MTU, lower the MTU
ping server.domain.local -f -l 1472 - FAIL
ping server.domain.local -f -l 1394 - OK

# MTUs were bad, this was due to VXLAN. Reduce on end device to test then apply fix to router
Get-NetAdapter
Set-NetIPInterface -InterfaceAlias "Ethernet" -NlMtu 1394