Remote Command Line - Example Commands

File System commands

Action	Command
Move or rename file	move myfile.txt myfilemoved.txt
Copy file	copy myfile.txt
Delete file	del myfile.txt
View contents of file	type myfile.txt
List Directory Contents	dir /p (pause after each screen of data) and /w or /d (column formats) not currently supported
List Directory Tree	tree /a Must use "/A", ascii option, for tree to be displayed correctly
Find file	dir /s /b iexplore.exe
Map network drive	net use S: \\fileshare01\shares This only maps the drive for the session and user context under which the Agent is running (by default Local System Account). The "/PERSISTENT" switch makes the mapping permanent (but again only for Local System Account). Running commands as a different user is being investigated.

Process commands

Action	Command
List running processes	tasklist
Kill process by ID	taskkill /PID 4064
Kill process by Name	taskkill /IM notepad.exe

Service commands

Action	Command
List running services	net start
List status of particular service	sc query "Spooler" The "sc" query command requires the service "key" name not the display name. You can retrieve the "key" name from the display name using the "sc GetKeyName" command. For example: sc GetKeyName "Print Spooler"
List installed but stopped services	sc query type= service state= inactive
Start a service	net start "Print Spooler"
Stop a service	net stop "Print Spooler"

Shutdown commands

Action	Command
Shutdown device	shutdown /s /t 600 /c "Maintenance" /i and /l flags are not supported
Restart device	shutdown /r /f /c "Maintenance"
Cancel shutdown	shutdown /a During timeout period only

Action

Command

Shutdown device

shutdown /s /t 600 /c "Maintenance"

/i and /l flags are not supported

Restart device

shutdown /r /f /c "Maintenance"

Cancel shutdown

shutdown /a

During timeout period only

Registry commands

Action	Command
Find Registry Key	reg query HKLM\Software\Microsoft\Windows\CurrentVersion\Themes
Find particular Registry Key value	reg query HKLM\Software\Microsoft\Windows\CurrentVersion\Themes /v InstallTheme
Update value of Key	reg add HKEY_LOCAL_MACHINE\SOFTWARE\SomeApp /f /v Path /t REG_SZ /d "c:\someApp" /f is optional without it you will be prompted for confirmation when editing an existing value
Delete Key	reg delete HKEY_LOCAL_MACHINE\SOFTWARE\SomeApp /f /v Path /f optional as above
Delete particular value	reg delete HKEY_LOCAL_MACHINE\SOFTWARE\SomeApp

Running Installers

Action	Command
Install via MSI	msiexec /i c:\path\installer.msi /quiet /qn /norestart /log c:\msi.log In some cases the msiexec command may return immediately, but the install continues in the background. Programs that install using .exe files may be supported if they provide suitable silent installation flags/

Action

Command

Install via MSI

msiexec /i c:\path\installer.msi /quiet /qn /norestart /log c:\msi.log

In some cases the msiexec command may return immediately, but the install continues in the background.

Programs that install using .exe files may be supported if they provide suitable silent installation flags/

What do you want to do?

Use remote terminal - Standard (CMD)
Administer processes and services (Process and Service control)
Consider Advanced Edition features