I’ll try to keep adding to this list.
Install APPs:
Install Terminal Client from the command line.
dism /online /Enable-Feature /FeatureName:TelnetClient
Find information about a user like Group Policy and Security Groups:
Default is the user logged in but you can do for other users.
gpresult /v
gpresult /s {SYSTEM-SVR-PC} /u {AD_USER_CREDENTIALS} /p {AD_PASSWORD_CREDENTIALS} /user {USER_YOU_WANT_TO_LOOKUP} /v > {EXPORT_FILENAME.txt}
Show domain password policy:
net accounts /domain
Find users who belong to an AD Group:
net group {GROUP_NAME} /domain
View Applied Policies with the Command Prompt:
gpresult /Scope User /v gpresult /Scope Computer /v
Display all IP Addresses and more:
ipconfig :Basic IP Info ipconfig /all :Detailed IP Info including Hostname, DNS & DHCP ipconfig /release :Releases your IP Address if you're using DHCP ipconfig /renew :Renews your IP Address if you're using DHCP ipconfig /flushdns :Purges the DNS Cache ipconfig /registerdns :Refreshes all DHCP leases and re-registers DNS names ipconfig /displaydns :Displays your DNS Cache
Find what DC the user is logged into from their PC/Laptop/Server:
echo %logonserver%
set l <-This is an L
nltest /dsgetdc:{domain}
Find what user is logged into the PC/Laptop/Server:
whoami
Get-WMIObject -class Win32_ComputerSystem -ComputerName {domain_name or IP} | Select-Object Name
query user /server:{domain_name or IP}
Find all the DC’s in a domain:
net group "Domain Controllers" /domain
nltest /dclist:{domain}
Find the AD OU path for a specific user:
dsquery user -samid kcordero "CN=Kerry Cordero,OU=Users,OU=HQ,DC=cordero,DC=me"
Find group membership for a specific user:
net user {AD_USERNAME} /domain
dsquery user -samid kcordero | dsget user -memberof -expand
"CN=VPN,OU=HQ Distribution Lists,OU=ADSG,OU=HQ,DC=cordero,DC=me"
"CN=BYOD,OU=HQ Distribution Lists,OU=ADSG,OU=HQ,DC=cordero,DC=me"
"CN=Online Storage and Backup,OU=HQ Distribution Lists,OU=ADSG,OU=HQ,DC=cordero,DC=me"
"CN=All Social Media Access,OU=HQ Distribution Lists,OU=ADSG,OU=HQ,DC=cordero,DC=me"
Get FSMO Roles:
C:\>netdom /query FSMO Schema master kc-dc1.cordero.me Domain naming master kc-dc1.cordero.me PDC kc-dc1.cordero.me RID pool manager kc-dc1.cordero.me Infrastructure master kc-dc1.cordero.me The command completed successfully
Find Domain Info:
wmic ntdomain ipconfig /all
Find Group Info:
net group /domain net group [groupname] /domain net localgroup net localgroup [groupname] wmic group
Find User Info:
net user net user /domain net user [username] net user [username] /domain wmic useraccount
Find Server/Computer Info:
net group "Domain Computers" /domain net group "Domain Controllers" /domain
Search files that have a specific string in them:
gci -Include *.config -File -Recurse -EA SilentlyContinue | Select-String -Pattern "password"