Although you can perform many functions in the Windows GUI, there’s significant power and additional features hidden on the Windows command line. In this video, you’ll learn how to use the command line to manage disks, copy files, shutdown your computer, and much more.
<< Previous Video: Network Command Line ToolsNext: Using the Windows Recovery Console and Command Prompt >>
In Windows, we’re so used to having our graphical user interface, and our mouse, and our keyboard. And we can move things around the screen and drag and drop them. But when you’re troubleshooting Windows, you don’t always have that graphical display to fall back on. In this video, you’ll learn how to take advantage of the Windows command prompt to be able to perform some of those operating system features.
As we go through this video, keep in mind that Windows always has available a help function built into the command line. So you can type, help, and then the name of the command. And it will show you a number of options available to be able to run that command at the command prompt.
Here’s my Windows 7 workstation. If we go to our Start option and we type CMD and we select that command prompt, we’ll have this command view on the screen. And we can use that help command.
If we want information on how to perform a directory, we can type help dir. And we’ll get information about the dir command and all of the different options that might be available. So as you’re going through this video when you’re trying to perform some lab features later, just remember that help is always there to give you more information.
We’re going to start with an extremely powerful command line tool. You’ll want to be very careful when using this command, because this is one that affects the management configuration of your disks and the volumes that you have on those disks. You’re able to create partitions and remove partitions. You’re able to format different volumes or erase everything that might be in a volume if you type the wrong thing with this command. So you want to be very careful.
This is called DISKPART. And it ideally means disk partition, but it does so much more than that. If you’re used to using these disk management commands prior to Windows XP, you may have been using a command called FDISK. You can think of DISKPART as a newer version of FDISK that has so many more capabilities inside of it.
Let’s perform a few DISKPART commands and get you familiar with this interface. If you’re running this on your computer, make sure that you’re either in a virtual environment or on a machine that you can rebuild very easily. Because if you change or modify any part of your disk configuration, you could potentially lose all of the data on your computer.
You’ll know that DISKPART is a little bit more important than the other commands. Because if you type DISKPART at a normal prompt, it tells you that this particular program will make changes to your computer. And you need to be aware of that. And it pops up the user account control to verify that you really, really want to use DISKPART.
Now, if you didn’t want to go through that process, you could simply start your command line prompt at the Windows menu. And you could type cmd. And I’m going to right mouse click on the cmd up here. This is the easy way to run as administrator. It gives me, again, a user account control prompt telling me that whatever I do in this command prompt does have that administrator capability. And I’m going to choose yes.
And you can see that the cmd does launch. But notice that in front on the task bar on the command bar at the top, I have the title administrator in front of the cmd.exe to designate that this is an administrator prompt. Now, when I type DISKPART, you’ll notice that it doesn’t give us another prompt because we’re already in an administrator session.
If we type help, you can get a list of all of the things you can do within DISKPART. And if we look at some of these, you’ll understand why I’m giving you those caveats about running this program. Because you can do things such as enable and disable automatic mounting of volumes. You can clear configuration information or all information off the disk. Or you can delete objects. You can format entire volumes or partitions. You can start to see, there’s a lot you could do here that could be very destructive.
One of the things that I’d like to do inside of this, if I scroll down just a little bit more. The reason I wanted to start with this is that I wanted to use the LIST command. I wanted to get an idea of what type of volumes and disks are on this computer. So if I use LIST and I hit Enter, you’ll notice that I can list a disk. I can list a partition. I can list volumes. Or I could list virtual disks.
On this particular Windows, I have some disks and partitions and volumes. And if I type, list disk, it will show me that I have two disks on this computer. I have a Disk 0 that is online. That is a 25 gig disk. And I have a Disk 1 that is one that is about 8 gig in size, 7,000 megabytes in size.
Well, I’d like to know if there’s volumes here. I’d like to be able to use these disks. So I’m going to list volume. And this will give me a lot more information. It tells me there’s a volume 0 with a drive letter D. That is my CD-ROM. There’s no media in my CD-ROM drive currently.
There’s a volume 1 that is a system reserved partition because I’m running Windows 7. When I installed Windows 7, it created this recovery partition that’s only 100 megabytes in size. And notice, there’s no drive letter associated with that partition.
There’s a volume 2 drive C. That’s the one that my Windows happens to exist on. It is an NTFS partition. And it is 24 gig in size. It is also my Boot partition.
And here’s another one, a drive E, that I’ve got set up that was one that I used to install Windows from a USB key. So I’ve got this USB key out on my system. It is a removable type. It even tells me this is formatted for FAT 32. And it’s removable. And it’s about 8 gig in size.
We just saw that the DISKPART command can be used to create partitions and remove partitions. You can format information from within DISKPART itself. But if all you want to do is format a particular driver or a USB key, you can simply use the FORMAT command. You don’t have to go into DISKPART to be able to do that. The FORMAT command will specify a drive letter. And it formats a disk and makes it available to the Windows operating system.
Again, the FORMAT command we’re going to run at an administrator command prompt. But remember that this is a destructive command. You want to be very careful about what drive you’re going to format.
Now, we just saw with DISKPART that I have a USB key. It already has some data on it. But it’s designated drive E. And that’s the important piece that I’d like to know, because I could run a format from here. And I can specify e:. And I know because that is the E drive. I’ve already looked at it. I can feel pretty secure that I’m not going to erase something that I don’t want to.
It says, insert a new disk for drive E:. Press Enter when ready. We know that it’s already ready. So I’m going to press the Enter key. And it’s going to automatically determine that it’s going to use a FAT 32 file system. It’s going to verify every bit of space that’s on that USB key. And it’s going to go through the process of formatting it, which will effectively delete everything that’s on that USB key already and give us an empty slate to work with.
It may take a bit of time for the format to complete. But once it has, it initializes the file system that is in place and gives us an option to put a new volume label on the partition. So this formatted partition, I’m going to call usb-drive. And I’m going to hit Enter.
And it says it there’s 7.4 gig of total disk space all available. And that gives a volume serial number. And our format is complete. It’s that easy. Now, of course, everything that was on that drive has now been erased. We have a completely new file system in place. And the FORMAT command now makes that drive available for us to add files and store other information on it.
If you’re concerned that a volume might have logical or even physical errors on the disk itself, you may want to run the check disk command. That’s CHKDSK. If you run check disk with a /f at the end, it will look through any logical problems with the file system itself and correct those. The /f tells the check disk program to go ahead and make any changes it needs to correct those errors.
If you’re concerned about the physical drive itself, you can have check disk go through every single sector on the drive and check it all to make sure that there are no problems reading or writing to any of those sectors. And you would use chkdsk/r to locate any bad sectors. Obviously, that’s going to take a lot longer than running simply a chkdsk/f.
You might run into a scenario where you’re running a check disk on a volume that you’re currently using. And it may say that chkdsk can’t run because the volume is in use by another process. Would you like to schedule this to be checked the next time the system starts? And if you select Yes to that, when you restart your system, check disk will begin and go through the process of performing all of the normal checks before your Windows desktop even begins. That way you can check the entire drive before the operating system even gets running.
If you’re wondering if you might have some logical problems with the file system, you could run check disk with no parameters. And that way it will run through the same tests it normally does. And it will tell you if there’s problems, but it will not make any changes to the file system. Let’s run that, a CHKDSK. And we’ll hit Enter.
Notice that if you are a normal user, you can’t run check disk. This is something that requires an elevated prompt, an elevated mode. So I’m going to type my cmd and choose to run as administrator and then run the same command, CHKDSK.
As it goes through this process, notice that it says that it’s running check disk in read-only mode. It’s going to go through each stage of the test. And when it’s finished, it will tell you that Windows has checked the file system and it has found no problems. If it has identified issues, it will tell you what those issues are. But it will tell you that it didn’t change anything.
You have to perform a chkdsk/f. It even says the very beginning as it starts that the f parameter was not specified. It’s just going to run in that read-only mode. And at the bottom, it will tell you there’s no problems. And here’s a summary of all of the statistics associated with that volume.
We’re, of course, used to going into our Windows File Manager and looking at all of the different folders that we have on our computer. But, of course, you can add, remove, and change information that’s in those folder from the command line. At a folder level, we can make a directory, change to a different directory, or remove a directory with the MD, the CD, and the RD commands.
Let’s create some folders and remove some folders and see what this is like at the command line. First, let’s start a command line session with a cmd. I’m going to move it over to this side of the screen. And let’s also at the same time bring up our Windows Explorer. And I’m going to choose the Desktop and then drill down into the user folder, which is the Rodney McKay folder. And let’s make this a little bit narrower. And I’m going to move this over on this side of the screen so we can watch what happens when we make changes.
I’m going to use first the DIR command to show a directory of what’s available on the screen. And you can see it shows a number of directories here, Contacts, Desktop, Documents, Downloads, et cetera. Notice that matches what’s on the side with Contacts, Desktop, Downloads, Favorites, et cetera. We’re looking at exactly the same information, even though this is at the command line and this is in the Windows Explorer.
Let’s now add a folder into our user directory. I want to add a folder called Pegasus. But to do that, I need to use the MD command. I’m going to specify the entire path, so you can understand exactly what we’re doing here. And I’m going to use a quotation, because this will have spaces inside of it. And I’m going to specify that I want a Pegasus folder within the users Rodney McKay folder.
So I’m going to say make a directory under users, under Rodney McKay, and call it Pegasus. And then end the quotation. And when I hit Enter, it’s going to add a new folder. There it is right here called Pegasus. You saw it pop up on our Windows Explorer. And if I peform a dir directory again, you’ll notice there’s now a Pegasus folder that has been added in the Rodney McKay folder.
We can simplify this process, though, if we want to simply type md Pegasus2. Windows will assume that you want to put the folder where you happen to be. And since we’re already in the users Rodney McKay folder, by typing md Pegasus2, it adds another folder called Pegasus2 into that same directory.
If we want to now move one step further inside of that directory, we use the CD command. And I can use the CD with the entire path. Or I can make it relative to where I am. If I want to move into the Pegasus2 folder, I simply type cd Pegasus2. And if I do a directory, there’s no files inside of Pegasus2. What I effectively did was drill down into Pegasus2. This folder is empty. It absolutely is. There’s nothing inside of that folder.
Now to move outside of that folder, back to where we previously were, I could type cd quotation slash backslash users backslash rodney McKay. Or I could use a little shortcut called dot dot. You’ll notice that there is a directory dot and directory dot dot on this screen. The single dot means the existing directory I happened to be in. And two dots together means the previous directory that’s one back from where we are.
So if I type cd space dot dot, notice that we move back to the users Rodney McKay folder. Let’s move back one folder ourselves so that we’re exactly where we are in the Windows Explorer as we are in the command line so we can see what’s happening. Because now I want to remove a folder.
To remove a folder, we perform RD. And we use the folder name as the information we would like to pass along. So if I want to remove the Pegasus2 folder, I could simply choose the entire path rd and then but in quotations, users Roddy McKay Pegasus2. Or because I’m already in the users Rodney McKay folder, simply choose rd Pegasus2. And when I type that, the Pegasus2 folder disappears on this side.
Let’s do the same thing to this Pegasus folder. We will remove directory Pegasus. And if I hit Enter, that removes that folder as well.
So all of those things that you’re used to doing in the Windows Explorer, we can do all of that very, very easily right at the command line using those create, remove, and change directory commands was very easily. And we use that directory command to list all that files and directories that were inside of the current folder that we had at the command prompt.
There’s another great command called DEL or delete. You can also use the term “erase” at the command line. It performs exactly the same thing. This deletes any files that you might have available. Keep in mind that to remove a directory, the directory has to be empty. So you may end up changing to a directory using the DEL command to delete any files that may be inside of it, and then removing the directory itself.
Back in my Rodney McKay user folder, if I perform a dir and look at what’s inside of this folder, there are a number of directories. There’s one called reCon. And I would like to remove that directory. So I’m going to type rd to remove directory and choose reCon.
And if I hit Enter, it tells me wait. You can’t remove this directory. It’s not empty. You can only remove a directory when there’s nothing inside of it. Let’s use the CD command to look at the reCon directory. And if I look at a directory listing of that folder, there is a file within this folder called wraith-info.txt. Well, I need to remove that.
Of course, to remove a file, we need to use the DEL command. And I’m going to type WR. And I’m going to hit the Tab key. Notice that Windows will autopopulate. It will autocomplete what I happen to have here at this prompt. Because I started with the word, it knew how to auto complete that piece.
So if I hit Enter there and perform a DIR, notice the file is gone. I can’t remove this directory yet though, because I’m still inside of it. I’m in the reCon folder right now, and I can’t remove a directory that I’m currently in. So we’re going to use that CD dot dot command to move back one level. And then of course, I can use my remove directory command for reCon. And the folder now disappears. If I perform a DIR, you’ll notice it’s no longer in my list. And it no longer appears in the Windows Explorer.
Now, that we can create and remove files and directories, we can also copy files and move them into different places on our storage medium. One of the copy commands that we’ll use is called COPY. And we can use copy with a /a to say that we’re going to copy an ASCII file. copy/v will do a verification after we’ve copied the files, that the file was copied correctly and that both copies look exactly the same. And a copy/y will suppress the normal prompt when we’re overwriting a file that asks you if you were sure you want to overwrite that file. That’s useful to use if you’re performing a batch process that performs automatically and you know you want to the lead everything that’s in that particular destination.
But keep in mind you don’t want to do this if you aren’t quite sure. You want to be sure that you’re given this prompt, so that you can understand that you are going to be overriding something that is already existing in the destination folder. The syntax for the copy command is to use the word “copy”, then specify the option you would like to use, the /a, the /b, or the /y, then specify the source file or folder that you would like to copy. And then specify the destination to where you’d like to copy it to.
Notice that after you copy it, there will be now two versions of that. You’re not moving the file. You’re simply taking one version of the file and creating a duplicate in that destination location.
Let’s use this COPY command to move things around our hard drive and maybe organize things a little better in our file directory. So I’m going to type the DIR. So we can see all of those folders are there. There’s one directory that’s called P8T-365. And then I have a separate file that’s called p8t-365-mission-notes.txt.
Well, it makes a lot of sense for us to have the mission notes in the folder appropriate to that mission. So one of the things that we can do is I can perform a COPY command. I can specify where I would like to copy from and copy to. But I also want to verify for this particular copy command.
So I’m going to use a /v, then specify the source, which is the p8t-365. And I’m going to use my Tab twice to tab through and autocomplete what I’m looking for. There’s my mission-notes.txt. Now, I specify the destination. And in this case, relative to where I am under the users Rodney McKay directory, there’s a P8T-365 directory there. And I’m going to start the P8 and then just hit a Tab for it to autocomplete. So there’s my COPY command.
It’s copy, verify the text file to this directory. And if I hit Enter, it says one file has been copied. If I’d like to validate that, I can use my directory command. But this time, I’m going to specify the P8T-365 folders. So I’m not going to change into that directory and do a directory listing. I’m going to simply ask for a directory listing of that particular folder. And inside of that folder, we have a p8t-365-mission-notes.txt, which is exactly what we were expecting. And because I didn’t delete the file, if I look at my current folder, I still have a copy here as well.
Let’s say that we perform the same thing again. I’m going to use the up arrow a number of times and just perform the same COPY. But this time, I’m copying to a file that already exists. And if I do that, the COPY command says, do you want to overwrite this? Are you quite certain that you’re doing the right thing here? You could say YES, NO. And if I was doing a bunch of files at one time, I could choose ALL to say do this to all of them.
Well in this case, it’s the same file. I’m going to say NO, let’s not override it. But as I mentioned, we could also use that COPY with the /y. And p8t-365-mission-notes to P8T-365. And if I hit Enter, it just copies it.
So before with the -v, where we were verifying, or even if we didn’t even use a flag there, it would always prompt us. But because I used the /y, we got no prompt at all. And it simply copied the file. If there was a newer version we were copying over, we would have lost that newer version. So be very, very careful about using that /y command.
Now that I know I’ve copied the file, we can use the DEL command to delete that mission-notes.txt. And now, the file has been now copied and now deleted. The only copy of it now exists in the P8T-365 directory. And if I change directory into that location, you could see there’s the mission notes. And it’s now contained within the proper folder.
What if you wanted to copy more than one file at a time and you wanted to copy entire directories of information to another directory? One command that can do this for us very easily is called XCOPY. And this will copy not only files, but entire directory trees, especially if there is a directory within a directory within a directory. The XCOPY command makes it very, very easy to do a really large copy.
Let’s try using the XCOPY command to copy one of these directories that has multiple directories inside of. And there’s files within those other multiple directories. Let’s use that one command line to copy everything at one time.
If I look at my Rodney McKay folder, I’ll do a directory, I still have that P8T-365 folder within it. And if I do a directory of that folder, you’ll see there’s now subfolders within that, one called dj, jo, sc, and t. And if I perform a directory of that P8T-365 and look in the dj folder, there are mission notes inside of that. If I look at the jo folder, there’s other mission notes inside of that. In fact, they have the same name.
So I have a folder within a folder. And there’s files within each one of those folders as well. This is perfect for the XCOPY command. Let’s make a directory where we would like to put these. I’m going to make a directory called Debrief. And let’s perform an XCOPY.
And I’m going to use /s to specify that I would like to copy subdirectories as well. I would like to XCOPY the P8T-365 folder to the Debrief folder and hit Enter. And you could see it now copies all of those folders and the files and the subfolders, everything that’s underneath the P8T-365 folder to the Debrief folder. Now, if I do a directory of the Debrief folder, you can see it’s made an exact duplicate all because I used that XCOPY command and specified that /s to copy not just the current folder, but all of the subdirectories as well.
If you want the ultimate copy command in Windows, however, you need a ROBOCOPY. Unfortunately, there are no robots associated with ROBOCOPY. ROBO stands for robust copy. And this is a very robust copying application.
This program is part of the Windows Resource Kit. So if you’re running Windows XP, you have to download the resource kit to use ROBOCOPY. But if you’re already running Windows Vista or Windows 7, it’s already included. And it is a program that has a lot of different options available, especially if you’re someone who’s copying across the network.
ROBOCOPY is designed not only to do the same things that COPY and XCOPY can do, but it has a lot more flexibility with the type of files that it’s transferring. You can determine whether you would like to use full directories or directories that are empty. You can also tell the ROBOCOPY command that if it loses network connectivity anywhere within the copy, wait until the network comes back and then continue the copy again. Some great capabilities for someone who’s managing very, very large networks.
Let’s try out ROBOCOPY and see if we can perform that same copy we did with XCOPY. Let’s see what the options might be for ROBOCOPY. Back on our Windows desktop at the command line, I have the same configuration I had prior to doing the XCOPY that we just did.
So I have a P8T-365 folder. Within the P8T-365 folder are also multiple folders. And within those folders are the mission files that we have contained. And we would like to copy them to a Debrief folder. So first let’s make that Debrief folder.
Now I want to run ROBOCOPY. But before I do, I want to run ROBOCOPY with a /? just to give you an idea of all of the different options available. I have to scroll way back to the top to see what’s here. Notice you can do almost anything now.
The COPY command, the ROBOCOPY command that’s here copies from a source to a destination. And you have many options you can add, like /s for copy subdirectories, but not empty ones. /e to copy subdirectories including empty ones. And the options go on and on.
You have options here on how you change and copy security settings. Do you want to just move the files instead of copy them? And the list goes on and on. You can read through all of the different options. Fortunately, you don’t have to memorize all of these for the exam.
So let’s use a ROBOCOPY. And let’s do something simple. I’ll specify the P8T-365 folder. I’ll specify the Debrief folder as the destination. And I’ll choose a /s, of course, to specify that I would like to copy the subdirectory as well. We’ll hit Enter.
Notice we’ve got a very different view of the results. If we go back to the top, we can see that the ROBOCOPY started at a certain time. Here’s our source and our destination. We’re doing all files. Notice the asterisk is one that means everything. I could have chosen to even specify asterisk. But by default, that’s what ROBOCOPY is going to use. The actual options are listed here.
Even though I didn’t specify how the copy was to be done and some of these other settings, it simply used the defaults. Then it shows me a result of the job and says, here’s what it copied. Here’s the new directory that it’s created and the new file that was created within the directory. And then at the end, it gives me this really nice summary of how many directories were total, how many were copied, how many were skipped, how many failed, et cetera.
This is one very, very easy way to go through and understand in detail when you copy exactly what happened. And if you’re setting up automated processes that at the middle of the night are copying files from one place to the other, and at the morning you like to step in and look at a report of what happened, ROBOCOPY can give you that and so much more.
If you’ve ever used Task Manager to find the different processes that were running on your computer and list them out, or even remove processes right from the Task Manager, then you’re probably very comfortable with doing that in that graphical environment. And there’s two utilities you need to know to be able to do that. One is called TASKLIST. And the other is called TASKKILL.
Obviously, TASKLIST will list out all of the processes that are running on your computer. You can even specify a list of processors that might be running on a remote computer. So if you’re doing remote management of another device, you can use this utility to be able to see what’s happening on another computer as long as you have the proper credentials.
And if there is a process you would like to terminate, you use TASKKILL. You would need to know the task name or the process ID that’s given. And you can see all of that if you use TASKLIST.
If we’d like to see all the tasks running on our computer, we’ll use that TASKLIST command. And it lists out everything. If we scroll back to the top, these different columns are the Image Name, the Process ID, the Session Name, the number of sessions, and the amount of memory being used.
Notice at the very bottom, I have a task called MineSweeper. And it has a process ID number of 1140. So if I wanted to terminate that process, I would use TASKKILL and then use a /pid option and then choose 1140. And if I hit Enter, MineSweeper goes away. It’s a very simple way right at the command line to do all of the things that you would normally do right in your Windows graphical Task Manager.
If your Windows isn’t starting up properly, or you’re concerned that there was an application that was installed on your computer, or even something that may be malicious that may have changed your Windows system files, then you probably want to run this program called SFC. This utility is extremely useful because it will go to all of your system files, these are protected operating system files, and check them and make sure that they are still valid on your computer. And if it finds any problems, you have the option to replace those files with files that Windows knows to be accurate and correct. Well, let’s run through an SFC session so you can see exactly what happens.
To run SFC, we need to be an administrator and have that elevated prompt. So I’m going to choose the cmd. And then as we did before, right mouse click and run as administrator. If I type SFC and simply put a /?, you’ll see the options available to us.
We can scan now, which it’s going to scan the integrity of all protected system files and repairs any files with anything that might be an issue. If it can VERIFYONLY, which means it’s not going to be doing any type of repair on those files and the other options as well. If we know there’s a problem with this computer and we just want to run an SFC and scannow and hit Enter, it will begin the process of scanning the operating system.
This can take some time, especially on older hard drives or systems that have a very slow processor. It’s going to take a while to go through the entire Windows operating system files. But once you’re finished and it’s made any corrections, you can try restarting your computer and see if those problems you were having earlier have now disappeared. ,
Obviously, if you’re not out in front of the computer and you only have command line access to that device, it becomes a little more difficult to click on that start button and turn off the Windows system. Fortunately, there’s a command that will do this force called SHUTDOWN. We cannot only shut down the computer, but also restart it. It’s an easy way to reboot the computer from across the network.
If you use the shutdown/s command, we’re going to shut down the system completely. It will not restart. And if we use the /t and use a number of seconds, we can wait a certain amount of time before the shut down occurs.
We can also you shutdown/r. This will restart the computer after shutting down. And again, we could specify a number of seconds within that. If at any time though, as the countdown is progressing, we’re not quite certain that we would like to go through with it, we can always use the shutdown/a to abort the count down. And the system won’t shut down or restart.
Let’s try restarting our system from the command line. We’ll use the shutdown command. We’ll use a /r to restart. And let’s put a time in here of 10 seconds. That way we’ll have a count down that we can use.
And if I Enter, we’ll get a message that says, Windows will shut down in less than a minute. If we put a different value in for the amount of time, it would’ve told us that it would shut down in x number of minutes, in 1 minute, or 2 minutes, or 10 minutes, or whatever we chose. And the system has shut down. And because we chose the /r to restart, its now restarting the Windows Operating System right from where it finished last time.
And now, we just go through the process of restarting Windows normally. So if we had installed a new application, we had security patches we wanted to force into the operating system, we would perform this restart at the command line. And we’re back to running our Windows operating system.