Sideway
output.to from Sideway



Knowledge Base




Windows 10 System Command


Draft for Information Only

Content

Microsoft Windows 10 System Command
 Windows 10 System Command
 List of Windows 10 System Command

Microsoft Windows 10 System Command

Windows 10 System Command

System commands are commands that can be run from the command prompt of DOS. But windows system command are commands that be interpretered by Windows command interpreter.

image

List of Windows 10 System Command


NameDescriptionAuditpoldisplays information about and performs functions to manipulate audit policies. (tested on w10x64)last updated 2018/1/15
 
last updated 2018/1/15
Usage: AuditPol command [<sub-command><options>]


Commands (only one command permitted per execution)
  /?               Help (context-sensitive)
  /get             Displays the current audit policy.
  /set             Sets the audit policy.
  /list            Displays selectable policy elements.
  /backup          Saves the audit policy to a file.
  /restore         Restores the audit policy from a file.
  /clear           Clears the audit policy.
  /remove          Removes the per-user audit policy for a user account.
  /resourceSACL    Configure global resource SACLs


Use AuditPol <command> /? for details on each command
Bcdbootis used to copy critical boot files to the system partition and to create a new system BCD store. (tested on w10x64)last updated 2018/1/15
 
last updated 2018/1/15
Bcdboot - Bcd boot file creation and repair tool.

The bcdboot.exe command-line tool is used to copy critical boot files to the
system partition and to create a new system BCD store.

bcdboot <source> [/l <locale>] [/s <volume-letter> [/f <firmware>]] [/v]
                 [/m [{OS Loader ID}]] [/addlast] [/p] [/c]

  source     Specifies the location of the windows system root.

  /l         Specifies an optional locale parameter to use when
             initializing the BCD store. The default is US English.

  /s         Specifies an optional volume letter parameter to designate
             the target system partition where boot environment files are
             copied.  The default is the system partition identified by
             the firmware.

  /v         Enables verbose mode.

  /m         If an OS loader GUID is provided, this option merges the
             given loader object with the system template to produce a
             bootable entry. Otherwise, only global objects are merged.

  /d         Specifies that the existing default windows boot entry
             should be preserved.

  /f         Used with the /s command, specifies the firmware type of the
             target system partition. Options for <firmware> are 'UEFI',
             'BIOS', or 'ALL'.

  /addlast   Specifies that the windows boot manager firmware entry
             should be added last. The default behavior is to add it
             first.

  /p         Specifies that the windows boot manager firmware entry
             position should be preserved. If entry does not exist,
             new entry will be added in the first position.

  /c         Specifies that any existing objects described by the template
             should not be migrated.

Examples: bcdboot c:\windows /l en-us
          bcdboot c:\windows /s h:
          bcdboot c:\windows /s h: /f UEFI
          bcdboot c:\windows /m {d58d10c6-df53-11dc-878f-00064f4f4e08}
          bcdboot c:\windows /d /addlast
          bcdboot c:\windows /p
BCDEDITsets properties in boot database to control boot loading. (tested on w10x64)last updated 2018/1/14
 
last updated 2018/1/14
BCDEDIT - Boot Configuration Data Store Editor

The Bcdedit.exe command-line tool modifies the boot configuration data store.
The boot configuration data store contains boot configuration parameters and
controls how the operating system is booted. These parameters were previously
in the Boot.ini file (in BIOS-based operating systems) or in the nonvolatile
RAM entries (in Extensible Firmware Interface-based operating systems). You can
use Bcdedit.exe to add, delete, edit, and append entries in the boot
configuration data store.

For detailed command and option information, type bcdedit.exe /? <command>. For
example, to display detailed information about the /createstore command, type:

     bcdedit.exe /? /createstore

For an alphabetical list of topics in this help file, run "bcdedit /? TOPICS".

Commands that operate on a store
================================
/store          Used to specify a BCD store other than the current system default.
/createstore    Creates a new and empty boot configuration data store.
/export         Exports the contents of the system store to a file. This file
                can be used later to restore the state of the system store.
/import         Restores the state of the system store using a backup file
                created with the /export command.
/sysstore       Sets the system store device (only affects EFI systems, does
                not persist across reboots, and is only used in cases where
                the system store device is ambiguous).

Commands that operate on entries in a store
===========================================
/copy           Makes copies of entries in the store.
/create         Creates new entries in the store.
/delete         Deletes entries from the store.
/mirror         Creates mirror of entries in the store.

Run bcdedit /? ID for information about identifiers used by these commands.

Commands that operate on entry options
======================================
/deletevalue    Deletes entry options from the store.
/set            Sets entry option values in the store.

Run bcdedit /? TYPES for a list of datatypes used by these commands.
Run bcdedit /? FORMATS for a list of valid data formats.

Commands that control output
============================
/enum           Lists entries in the store.
/v              Command-line option that displays entry identifiers in full,
                rather than using names for well-known identifiers.
                Use /v by itself as a command to display entry identifiers
                in full for the ACTIVE type.

Running "bcdedit" by itself is equivalent to running "bcdedit /enum ACTIVE".

Commands that control the boot manager
======================================
/bootsequence   Sets the one-time boot sequence for the boot manager.
/default        Sets the default entry that the boot manager will use.
/displayorder   Sets the order in which the boot manager displays the
                multiboot menu.
/timeout        Sets the boot manager time-out value.
/toolsdisplayorder  Sets the order in which the boot manager displays
                    the tools menu.

Commands that control Emergency Management Services for a boot application
==========================================================================
/bootems        Enables or disables Emergency Management Services
                for a boot application.
/ems            Enables or disables Emergency Management Services for an
                operating system entry.
/emssettings    Sets the global Emergency Management Services parameters.

Command that control debugging
==============================
/bootdebug      Enables or disables boot debugging for a boot application.
/dbgsettings    Sets the global debugger parameters.
/debug          Enables or disables kernel debugging for an operating system
                entry.
/hypervisorsettings  Sets the hypervisor parameters.

Command that control remote event logging
=========================================
/eventsettings  Sets the global remote event logging parameters.
/event          Enables or disables remote event logging for an operating
                system entry.
Bdehdcfgprepares your hard drive for BitLocker Drive Encryption. (tested on w10x64)last updated 2018/1/15
 
last updated 2018/1/15
BitLocker Drive Preparation Tool version 10.0.16299
Copyright (C) 2013 Microsoft Corporation. All rights reserved.

Usage:

BdeHdCfg[.exe]
               [-driveinfo]
               [-target {default | unallocated |
                         TargetDriveLetter {shrink | merge}}]
               [-newdriveletter DriveLetter]
               [-size SizeInMegabytes]
               [-quiet] [-restart] [{-? | /?}]

Description:
  This command prepares your hard drive for BitLocker Drive Encryption.

  Command line parameters are not case-sensitive.

Parameters:
  -driveinfo
        Displays information about valid target drives.

  -target
        Specifies the target and operation.

        Specify 'shrink' to create a new active partition.
        Specify 'merge' to make an existing partition active.
        Specify 'unallocated' to use unformatted space on disk.
        Specify 'default' for the target to be chosen automatically.

        Examples: -target D: merge
                  -target C: shrink
                  -target unallocated
                  -target default

  -newdriveletter
        Specifies the desired drive letter for the new drive. This option is
        only valid when a new drive is created.

        Example: -newdriveletter S:

  -size
        Specifies the desired size of the new drive. This option is only valid
        when a new drive is created.

        If not specified, the Drive Preparation Tool assumes the required
        minimum size of 550 megabytes.

        Example: -size 700

  -quiet
        Specifies operation in quiet mode. No output from the drive preparation
        tool is displayed.

  -restart
        Enables an automatic restart after drive preparation.

        You must restart your computer before enabling BitLocker.

  -? or /?
        Displays help for this command.

Examples:
    BdeHdCfg -target c: shrink -newdriveletter x: -size 550 -quiet -restart
    BdeHdCfg -target d: merge -quiet -restart
    BdeHdCfg -target unallocated -newdriveletter s:
    BdeHdCfg -target default
Bitsadminprovides administrative tools for the BITS service (tested on w10x64)last updated 2018/1/15
 
last updated 2018/1/15
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

USAGE: BITSADMIN [/RAWRETURN] [/WRAP | /NOWRAP] command
The following commands are available:

/HELP           Prints this help
/?              Prints this help
/UTIL /?        Prints the list of utilities commands
/PEERCACHING /?   Prints the list of commands to manage Peercaching
/CACHE /?       Prints the list of cache management commands
/PEERS /?       Prints the list of peer management commands

/LIST    [/ALLUSERS] [/VERBOSE]     List the jobs
/MONITOR [/ALLUSERS] [/REFRESH sec] Monitors the copy manager
/RESET   [/ALLUSERS]                Deletes all jobs in the manager

/TRANSFER <job name> [type] [/PRIORITY priority] [/ACLFLAGS flags]
          remote_url local_name
    Transfers one of more files.
    [type] may be /DOWNLOAD or /UPLOAD; default is download
    Multiple URL/file pairs may be specified.
    Unlike most commands, <job name> may only be a name and not a GUID.

/CREATE [type] <job name>               Creates a job
    [type] may be /DOWNLOAD, /UPLOAD, or /UPLOAD-REPLY; default is download
    Unlike most commands, <job name> may only be a name and not a GUID.

/INFO <job> [/VERBOSE]                   Displays information about the job
/ADDFILE <job> <remote_url> <local_name> Adds a file to the job
/ADDFILESET <job> <textfile>             Adds multiple files to the job
   Each line of <textfile> lists a file's remote name and local name, separated
   by spaces.  A line beginning with '#' is treated as a comment.
   Once the file set is read into memory, the contents are added to the job.

/ADDFILEWITHRANGES  <job> <remote_url> <local_name range_list>
   Like /ADDFILE, but BITS will read only selected byte ranges of the URL.
   range_list is a comma-delimited series of offset and length pairs.
   For example,

       0:100,2000:100,5000:eof

   instructs BITS to read 100 bytes starting at offset zero, 100 bytes starting
   at offset 2000, and the remainder of the URL starting at offset 5000.

/REPLACEREMOTEPREFIX <job> <old_prefix> <new_prefix>
    All files whose URL begins with <old_prefix> are changed to use <new_prefix>

Note that BITS currently supports HTTP/HTTPS downloads and uploads.
It also supports UNC paths and file:// paths as URLS

/LISTFILES <job>                     Lists the files in the job
/SUSPEND <job>                       Suspends the job
/RESUME <job>                        Resumes the job
/CANCEL <job>                        Cancels the job
/COMPLETE <job>                      Completes the job

/GETTYPE <job>                       Retrieves the job type
/GETACLFLAGS <job>                   Retrieves the ACL propagation flags

/SETACLFLAGS <job> <ACL_flags>       Sets the ACL propagation flags for the job
  O - OWNER       G - GROUP
  D - DACL        S - SACL

  Examples:
      bitsadmin /setaclflags MyJob OGDS
      bitsadmin /setaclflags MyJob OGD

/GETBYTESTOTAL <job>                 Retrieves the size of the job
/GETBYTESTRANSFERRED <job>           Retrieves the number of bytes transferred
/GETFILESTOTAL <job>                 Retrieves the number of files in the job
/GETFILESTRANSFERRED <job>           Retrieves the number of files transferred
/GETCREATIONTIME <job>               Retrieves the job creation time
/GETMODIFICATIONTIME <job>           Retrieves the job modification time
/GETCOMPLETIONTIME <job>             Retrieves the job completion time
/GETSTATE <job>                      Retrieves the job state
/GETERROR <job>                      Retrieves detailed error information
/GETOWNER <job>                      Retrieves the job owner
/GETDISPLAYNAME <job>                Retrieves the job display name
/SETDISPLAYNAME <job> <display_name> Sets the job display name
/GETDESCRIPTION <job>                Retrieves the job description
/SETDESCRIPTION <job> <description>  Sets the job description
/GETPRIORITY    <job>                Retrieves the job priority
/SETPRIORITY    <job> <priority>     Sets the job priority
   Priority usage choices:
      FOREGROUND
      HIGH
      NORMAL
      LOW
/GETNOTIFYFLAGS <job>                 Retrieves the notify flags
/SETNOTIFYFLAGS <job> <notify_flags>  Sets the notify flags
    For more help on this option, please refer to the MSDN help page for SetNotifyFlags/GETNOTIFYINTERFACE <job>             Determines if notify interface is registered
/GETMINRETRYDELAY <job>               Retrieves the retry delay in seconds
/SETMINRETRYDELAY <job> <retry_delay> Sets the retry delay in seconds
/GETNOPROGRESSTIMEOUT <job>           Retrieves the no progress timeout in seconds
/SETNOPROGRESSTIMEOUT <job> <timeout> Sets the no progress timeout in seconds
/GETMAXDOWNLOADTIME <job>             Retrieves the download timeout in seconds
/SETMAXDOWNLOADTIME <job> <timeout>   Sets the download timeout in seconds
/GETERRORCOUNT <job>                  Retrieves an error count for the job

/SETPROXYSETTINGS <job> <usage>      Sets the proxy usage
   usage choices:
    PRECONFIG   - Use the owner's default Internet settings.
    AUTODETECT  - Force autodetection of proxy.
    NO_PROXY    - Do not use a proxy server.
    OVERRIDE    - Use an explicit proxy list and bypass list.
                  Must be followed by a proxy list and a proxy bypass list.
                  NULL or "" may be used for an empty proxy bypass list.
  Examples:
      bitsadmin /setproxysettings MyJob PRECONFIG
      bitsadmin /setproxysettings MyJob AUTODETECT
      bitsadmin /setproxysettings MyJob NO_PROXY
      bitsadmin /setproxysettings MyJob OVERRIDE proxy1:80 "<local>"
      bitsadmin /setproxysettings MyJob OVERRIDE proxy1,proxy2,proxy3 NULL

/GETPROXYUSAGE <job>                 Retrieves the proxy usage setting
/GETPROXYLIST <job>                  Retrieves the proxy list
/GETPROXYBYPASSLIST <job>            Retrieves the proxy bypass list

/TAKEOWNERSHIP <job>                 Take ownership of the job

/SETNOTIFYCMDLINE <job> <program_name> [program_parameters]
    Sets a program to execute for notification, and optionally parameters.
    The program name and parameters can be NULL.
    IMPORTANT: if parameters are non-NULL, then the program name should be the
               first parameter.

  Examples:
    bitsadmin /SetNotifyCmdLine MyJob c:\winnt\system32\notepad.exe  NULL
    bitsadmin /SetNotifyCmdLine MyJob c:\callback.exe "c:\callback.exe parm1 parm2"
    bitsadmin /SetNotifyCmdLine MyJob NULL NULL

/GETNOTIFYCMDLINE <job>              Returns the job's notification command line

/SETCREDENTIALS <job> <target> <scheme> <username> <password>
  Adds credentials to a job.
  <target> may be either SERVER or PROXY
  <scheme> may be BASIC, DIGEST, NTLM, NEGOTIATE, or PASSPORT.

/REMOVECREDENTIALS <job> <target> <scheme>
  Removes credentials from a job.
/GETCUSTOMHEADERS <job>                           Gets the Custom HTTP Headers
/SETCUSTOMHEADERS <job> <header1> <header2> <...> Sets the Custom HTTP Headers
/GETCLIENTCERTIFICATE <job>                       Gets the job's Client Certificate Information
/SETCLIENTCERTIFICATEBYID <job> <store_location> <store_name> <hexa-decimal_cert_id>
  Sets a client authentication certificate to a job.
  <store_location> may be
        1(CURRENT_USER), 2(LOCAL_MACHINE), 3(CURRENT_SERVICE),
        4(SERVICES), 5(USERS), 6(CURRENT_USER_GROUP_POLICY),
        7(LOCAL_MACHINE_GROUP_POLICY) or 8(LOCAL_MACHINE_ENTERPRISE).

/SETCLIENTCERTIFICATEBYNAME <job> <store_location> <store_name> <subject_name>
  Sets a client authentication certificate to a job.
  <store_location> may be
        1(CURRENT_USER), 2(LOCAL_MACHINE), 3(CURRENT_SERVICE),
        4(SERVICES), 5(USERS), 6(CURRENT_USER_GROUP_POLICY),
        7(LOCAL_MACHINE_GROUP_POLICY) or 8(LOCAL_MACHINE_ENTERPRISE).

/REMOVECLIENTCERTIFICATE <job>                Removes the Client Certificate Information from the job

/SETSECURITYFLAGS <job> <value>
   Sets the HTTP security flags for URL redirection and checks performed on the server certificate during the transfer.
   The value is an unsigned integer with the following interpretation for the bits in the binary representation.
     Enable CRL Check                                 : Set the least significant bit
     Ignore invalid common name in server certificate : Set the 2nd bit from right
     Ignore invalid date in  server certificate       : Set the 3rd bit from right
     Ignore invalid certificate authority in server
       certificate                                    : Set the 4th bit from right
     Ignore invalid usage of certificate              : Set the 5th bit from right
     Redirection policy                               : Controlled by the 9th-11th bits from right
         0,0,0  - Redirects will be automatically allowed.
         0,0,1  - Remote name in the IBackgroundCopyFile interface will be updated if a redirect occurs.
         0,1,0  - BITS will fail the job if a redirect occurs.

     Allow redirection from HTTPS to HTTP             : Set the 12th bit from right

/GETSECURITYFLAGS <job>
   Reports the HTTP security flags for URL redirection and checks performed on the server certificate during the transfer.

/SETVALIDATIONSTATE  <job>  <file-index> <true|false>
      <file-index> starts from 0
    Sets the content-validation state of the given file within the job.

/GETVALIDATIONSTATE  <job>  <file-index>
      <file-index> starts from 0
    Reports the content-validation state of the given file within the job.

/GETTEMPORARYNAME  <job>  <file-index>
      <file-index> starts from 0
    Reports the temporary filename of the given file within the job.

The following options control peercaching of a particular job:

/SETPEERCACHINGFLAGS  <job> <value>
    Sets the flags for the job's peercaching behavior.
    The value is an unsigned integer with the following interpretation for the bits in the binary representation.
        Allow the job's data to be downloaded from a peer : Set the least significant bit
        Allow the job's data to be served to peers        : Set the 2nd bit from right

/GETPEERCACHINGFLAGS  <job>
    Reports the flags for the job's peercaching behavior.

The following options are valid for UPLOAD-REPLY jobs only:

/GETREPLYFILENAME <job>        Gets the path of the file containing the server reply
/SETREPLYFILENAME <job> <path> Sets the path of the file containing the server reply
/GETREPLYPROGRESS <job>        Gets the size and progress of the server reply
/GETREPLYDATA     <job>        Dumps the server's reply data in hex format

The following options can be placed before the command:
/RAWRETURN                     Return data more suitable for parsing
/WRAP                          Wrap output around console (default)
/NOWRAP                        Don't wrap output around console

The /RAWRETURN option strips new line characters and formatting.
It is recognized by the /CREATE and /GET* commands.

Commands that take a <job> parameter will accept either a job name or a job ID
GUID inside braces.  BITSADMIN reports an error if a name is ambiguous.
Bootsectupdates the master boot code for hard disk partitions in order to switch between BOOTMGR and NTLDR. You can use this tool to restore the boot sector on your computer. (tested on w10x64)last updated 2018/1/15
 
last updated 2018/1/15
bootsect {/help|/nt60|/nt52} {SYS|ALL|<DriveLetter>:} [/force] [/mbr]

Boot sector restoration tool

Bootsect.exe updates the master boot code for hard disk partitions in order to
switch between BOOTMGR and NTLDR.  You can use this tool to restore the boot
sector on your computer.

Run "bootsect /help" for detailed usage instructions.
Certreqis used to request certificates from a certification authority (CA), to retrieve a response to a previous request from a CA, to create a new request from an .inf file, to accept and install a response to a request, to construct a cross-certification or qualified subordination request from an existing CA certificate or request, and to sign a cross-certification or qualified subordination request. (tested on w10x64)last updated 2018/1/15
 
last updated 2018/1/15
Usage:
  CertReq -?
  CertReq [-v] -?
  CertReq [-Command] -?

  CertReq [-Submit] [Options] [RequestFileIn [CertFileOut [CertChainFileOut [FullResponseFileOut]]]]
    Submit a request to a Certification Authority.

  Options:
    -attrib AttributeString
    -binary
    -PolicyServer PolicyServer
    -config ConfigString
    -Anonymous
    -Kerberos
    -ClientCertificate ClientCertId
    -UserName UserName
    -p Password
    -crl
    -rpc
    -AdminForceMachine
    -RenewOnBehalfOf
    -NoChallenge

  CertReq -Retrieve [Options] RequestId [CertFileOut [CertChainFileOut [FullResponseFileOut]]]
    Retrieve a response to a previous request from a Certification Authority.

  Options:
    -binary
    -PolicyServer PolicyServer
    -config ConfigString
    -Anonymous
    -Kerberos
    -ClientCertificate ClientCertId
    -UserName UserName
    -p Password
    -crl
    -rpc
    -AdminForceMachine

  CertReq -New [Options] [PolicyFileIn [RequestFileOut]]
    Create a new request as directed by PolicyFileIn

  Options:
    -attrib AttributeString
    -binary
    -cert CertId
    -PolicyServer PolicyServer
    -config ConfigString
    -Anonymous
    -Kerberos
    -ClientCertificate ClientCertId
    -UserName UserName
    -p Password
    -pin Pin
    -user
    -machine
    -xchg ExchangeCertFile

  CertReq -Accept [Options] [CertChainFileIn | FullResponseFileIn | CertFileIn]
    Accept and install a response to a previous new request.

  Options:
    -user
    -machine
    -pin Pin

  CertReq -Policy [Options] [RequestFileIn [PolicyFileIn [RequestFileOut [PKCS10FileOut]]]]
    Construct a cross certification or qualified subordination request
    from an existing CA certificate or from an existing request.

  Options:
    -attrib AttributeString
    -binary
    -cert CertId
    -PolicyServer PolicyServer
    -Anonymous
    -Kerberos
    -ClientCertificate ClientCertId
    -UserName UserName
    -p Password
    -pin Pin
    -noEKU
    -AlternateSignatureAlgorithm
    -HashAlgorithm HashAlgorithm

  CertReq -Sign [Options] [RequestFileIn [RequestFileOut]]
    Sign a certificate request with an enrollment agent or qualified
    subordination signing certificate.

  Options:
    -binary
    -cert CertId
    -PolicyServer PolicyServer
    -Anonymous
    -Kerberos
    -ClientCertificate ClientCertId
    -UserName UserName
    -p Password
    -pin Pin
    -crl
    -noEKU
    -HashAlgorithm HashAlgorithm

  CertReq -Enroll [Options] TemplateName
  CertReq -Enroll -cert CertId [Options] Renew [ReuseKeys]
    Enroll for or renew a certificate.

  Options:
    -PolicyServer PolicyServer
    -user
    -machine
    -pin Pin

  CertReq -EnrollAIK [Options] [KeyContainerName]
    Enroll for AIK certificate.

  Options:
    -config

  CertReq -EnrollCredGuardCert [Options] TemplateName [ExtensionInfFile]
    Enroll for machine account Credential Guard certificate.

  Options:
    -config

  CertReq -EnrollLogon [Options]
    Enroll for Hello for Business Logon certificate via ADFS.

  Options:
    -q

  CertReq -Post [Options]
    POST an http request.

  Options:
    -attrib AttributeString
    -config URL
Certutildumps and displays certification authority (CA) configuration information, configure Certificate Services, backup and restore CA components, and verify certificates, key pairs, and certificate chains (tested on w10x64)last updated 2018/1/15
 
last updated 2018/1/15
Verbs:
  -dump             -- Dump configuration information or file
  -dumpPFX          -- Dump PFX structure
  -asn              -- Parse ASN.1 file

  -decodehex        -- Decode hexadecimal-encoded file
  -decode           -- Decode Base64-encoded file
  -encode           -- Encode file to Base64

  -deny             -- Deny pending request
  -resubmit         -- Resubmit pending request
  -setattributes    -- Set attributes for pending request
  -setextension     -- Set extension for pending request
  -revoke           -- Revoke Certificate
  -isvalid          -- Display current certificate disposition

  -getconfig        -- Get default configuration string
  -ping             -- Ping Active Directory Certificate Services Request interface
  -pingadmin        -- Ping Active Directory Certificate Services Admin interface
  -CAInfo           -- Display CA Information
  -ca.cert          -- Retrieve the CA's certificate
  -ca.chain         -- Retrieve the CA's certificate chain
  -GetCRL           -- Get CRL
  -CRL              -- Publish new CRLs [or delta CRLs only]
  -shutdown         -- Shutdown Active Directory Certificate Services

  -installCert      -- Install Certification Authority certificate
  -renewCert        -- Renew Certification Authority certificate

  -schema           -- Dump Certificate Schema
  -view             -- Dump Certificate View
  -db               -- Dump Raw Database
  -deleterow        -- Delete server database row

  -backup           -- Backup Active Directory Certificate Services
  -backupDB         -- Backup Active Directory Certificate Services database
  -backupKey        -- Backup Active Directory Certificate Services certificate and private key
  -restore          -- Restore Active Directory Certificate Services
  -restoreDB        -- Restore Active Directory Certificate Services database
  -restoreKey       -- Restore Active Directory Certificate Services certificate and private key
  -importPFX        -- Import certificate and private key
  -dynamicfilelist  -- Display dynamic file List
  -databaselocations -- Display database locations
  -hashfile         -- Generate and display cryptographic hash over a file

  -store            -- Dump certificate store
  -enumstore        -- Enumerate certificate stores
  -addstore         -- Add certificate to store
  -delstore         -- Delete certificate from store
  -verifystore      -- Verify certificate in store
  -repairstore      -- Repair key association or update certificate properties or key security descriptor
  -viewstore        -- Dump certificate store
  -viewdelstore     -- Delete certificate from store
  -UI               -- invoke CryptUI
  -attest           -- Verify Key Attestation Request

  -dsPublish        -- Publish certificate or CRL to Active Directory

  -ADTemplate       -- Display AD templates
  -Template         -- Display Enrollment Policy templates
  -TemplateCAs      -- Display CAs for template
  -CATemplates      -- Display templates for CA
  -SetCASites       -- Manage Site Names for CAs
  -enrollmentServerURL -- Display, add or delete enrollment server URLs associated with a CA
  -ADCA             -- Display AD CAs
  -CA               -- Display Enrollment Policy CAs
  -Policy           -- Display Enrollment Policy
  -PolicyCache      -- Display or delete Enrollment Policy Cache entries
  -CredStore        -- Display, add or delete Credential Store entries
  -InstallDefaultTemplates -- Install default certificate templates
  -URLCache         -- Display or delete URL cache entries
  -pulse            -- Pulse autoenrollment event or NGC task
  -MachineInfo      -- Display Active Directory machine object information
  -DCInfo           -- Display domain controller information
  -EntInfo          -- Display enterprise information
  -TCAInfo          -- Display CA information
  -SCInfo           -- Display smart card information

  -SCRoots          -- Manage smart card root certificates

  -verifykeys       -- Verify public/private key set
  -verify           -- Verify certificate, CRL or chain
  -verifyCTL        -- Verify AuthRoot or Disallowed Certificates CTL
  -syncWithWU       -- Sync with Windows Update
  -generateSSTFromWU -- Generate SST from Windows Update
  -generatePinRulesCTL -- Generate Pin Rules CTL
  -downloadOcsp     -- Download OCSP Responses and Write to Directory
  -generateHpkpHeader -- Generate HPKP header using certificates in specified file or directory
  -addEccCurve      -- Add ECC Curve
  -deleteEccCurve   -- Delete ECC Curve
  -displayEccCurve  -- Display ECC Curve
  -sign             -- Re-sign CRL or certificate

  -vroot            -- Create/delete web virtual roots and file shares
  -vocsproot        -- Create/delete web virtual roots for OCSP web proxy
  -addEnrollmentServer -- Add an Enrollment Server application
  -deleteEnrollmentServer -- Delete an Enrollment Server application
  -addPolicyServer  -- Add a Policy Server application
  -deletePolicyServer -- Delete a Policy Server application
  -oid              -- Display ObjectId or set display name
  -error            -- Display error code message text
  -getreg           -- Display registry value
  -setreg           -- Set registry value
  -delreg           -- Delete registry value

  -ImportKMS        -- Import user keys and certificates into server database for key archival
  -ImportCert       -- Import a certificate file into the database
  -GetKey           -- Retrieve archived private key recovery blob, generate a recovery script,
      or recover archived keys
  -RecoverKey       -- Recover archived private key
  -MergePFX         -- Merge PFX files
  -ConvertEPF       -- Convert PFX files to EPF file

  -add-chain        -- (-AddChain) Add certificate chain
  -add-pre-chain    -- (-AddPrechain) Add pre-certificate chain
  -get-sth          -- (-GetSTH) Get signed tree head
  -get-sth-consistency -- (-GetSTHConsistency) Get signed tree head changes
  -get-proof-by-hash -- (-GetProofByHash) Get proof by hash
  -get-entries      -- (-GetEntries) Get entries
  -get-roots        -- (-GetRoots) Get roots
  -get-entry-and-proof -- (-GetEntryAndProof) Get entry and proof
  -VerifyCT         -- Verify certificate SCT
  -?                -- Display this usage message


CertUtil -?              -- Display a verb list (command list)
CertUtil -dump -?        -- Display help text for the "dump" verb
CertUtil -v -?           -- Display all help text for all verbs

CertUtil: -? command completed successfully.
Checknetisolationis a diagnostic tool that helps developers test, diagnose and troubleshoot a Windows Store app that requires network capabilities. (tested on w10x64)last updated 2018/1/15
 
last updated 2018/1/15
Usage:
   CheckNetIsolation [Module]
      List Of Modules:
          LoopbackExempt - controls the loopback exemption of AppContainers
                           and Package Families to ease application
                           development.
          Debug          - Starts a network traffic troubleshooting session
                           of an AppContainer or Package Family. Generates a
                           report of network capabilities that are used, not
                           used or missing, together with the network traffic
                           generated by the application.
          -?            -  Displays this help message.
Chglogonenables or disables logons from client sessions on an RD Session Host server, or displays current logon status. (tested on w10x64)last updated 2018/1/15
 
last updated 2018/1/15
Enable, disable, or drain session logins.

CHANGE LOGON {/QUERY | /ENABLE | /DISABLE | /DRAIN | /DRAINUNTILRESTART}

  /QUERY    Query current session login mode.
  /ENABLE   Enable user login from sessions.
  /DISABLE  Disable user login from sessions.
  /DRAIN    Disable new user logons, but allow reconnections to existing sessions.
  /DRAINUNTILRESTART    Disable new user logons until the server is restarted, but allow reconnections to existing sessions.
Chgportlist or change COM port mappings for DOS application compatibility. (tested on w10x64)last updated 2018/1/15
 
last updated 2018/1/15
List or change COM port mappings for DOS application compatibility.

CHANGE PORT [portx=porty | /D portx | /QUERY]

  portx=porty  Map port x to port y.
  /D portx    Delete mapping for port x.
  /QUERY      Display current mapping ports.
Chgusrchange Install Mode. (tested on w10x64)last updated 2018/1/15
 
last updated 2018/1/15
Change Install Mode.

CHANGE USER {/EXECUTE | /INSTALL | /QUERY}

  /EXECUTE  Enable execute mode (default).
  /INSTALL  Enable install mode.
  /QUERY    Display current settings.
Choiceallows users to select one item from a list of choices and returns the index of the selected choice. (tested on w10x64)last updated 2018/1/15
 
last updated 2018/1/15
CHOICE [/C choices] [/N] [/CS] [/T timeout /D choice] [/M text]

Description:
    This tool allows users to select one item from a list
    of choices and returns the index of the selected choice.

Parameter List:
   /C    choices       Specifies the list of choices to be created.
                       Default list is "YN".

   /N                  Hides the list of choices in the prompt.
                       The message before the prompt is displayed
                       and the choices are still enabled.

   /CS                 Enables case-sensitive choices to be selected.
                       By default, the utility is case-insensitive.

   /T    timeout       The number of seconds to pause before a default
                       choice is made. Acceptable values are from 0 to
                       9999. If 0 is specified, there will be no pause
                       and the default choice is selected.

   /D    choice        Specifies the default choice after nnnn seconds.
                       Character must be in the set of choices specified
                       by /C option and must also specify nnnn with /T.

   /M    text          Specifies the message to be displayed before
                       the prompt. If not specified, the utility
                       displays only a prompt.

   /?                  Displays this help message.

   NOTE:
   The ERRORLEVEL environment variable is set to the index of the
   key that was selected from the set of choices. The first choice
   listed returns a value of 1, the second a value of 2, and so on.
   If the user presses a key that is not a valid choice, the tool
   sounds a warning beep. If tool detects an error condition,
   it returns an ERRORLEVEL value of 255. If the user presses
   CTRL+BREAK or CTRL+C, the tool returns an ERRORLEVEL value
   of 0. When you use ERRORLEVEL parameters in a batch program, list
   them in decreasing order.

Examples:
   CHOICE /?
   CHOICE /C YNC /M "Press Y for Yes, N for No or C for Cancel."
   CHOICE /T 10 /C ync /CS /D y
   CHOICE /C ab /M "Select a for option 1 and b for option 2."
   CHOICE /C ab /N /M "Select a for option 1 and b for option 2."
Clipredirects output of command line tools to the Windows clipboard. (tested on w10x64)last updated 2018/1/15
 
last updated 2018/1/15
CLIP

Description:
    Redirects output of command line tools to the Windows clipboard.
    This text output can then be pasted into other programs.

Parameter List:
    /?                  Displays this help message.

Examples:
    DIR | CLIP          Places a copy of the current directory
                        listing into the Windows clipboard.

    CLIP < README.TXT   Places a copy of the text from readme.txt
                        on to the Windows clipboard.
Cmdkeycreates, displays, and deletes stored user names and passwords. (tested on w10x64)last updated 2018/1/16
 
last updated 2018/1/16
Creates, displays, and deletes stored user names and passwords.

The syntax of this command is:

CMDKEY [{/add | /generic}:targetname {/smartcard | /user:username {/pass{:password}}} | /delete{:targetname | /ras} | /list{:targetname}]

Examples:

  To list available credentials:
     cmdkey /list
     cmdkey /list:targetname

  To create domain credentials:
     cmdkey /add:targetname /user:username /pass:password
     cmdkey /add:targetname /user:username /pass
     cmdkey /add:targetname /user:username
     cmdkey /add:targetname /smartcard

  To create generic credentials:
     The /add switch may be replaced by /generic to create generic credentials

  To delete existing credentials:
     cmdkey /delete:targetname

  To delete RAS credentials:
     cmdkey /delete /ras
controldisplays the 'Control Panel' window. (tested on w10x64)last updated 2018/1/18 Diskperfis used to remotely enable or disable physical or logical disk performance counters on computers (tested on w10x64)last updated 2018/1/16
 
last updated 2018/1/16
DISKPERF [-Y[D|V] | -N[D|V]] [\\computername]

  -Y  Sets the system to start all disk performance counters
      when the system is restarted.

  -YD Enables the disk performance counters for physical drives.
      when the system is restarted.
  -YV Enables the disk performance counters for logical drives
      or storage volumes when the system is restarted.
  -N  Sets the system to disable all disk performance counters
      when the system is restarted.

  -ND Disables the disk performance counters for physical drives.
  -NV Disables the disk performance counters for logical drives.
  \\computername        Is the name of the computer you want to
                        see or set disk performance counter use.
                        The computer must be a Windows 2000 system.
  NOTE: Disk performance counters are permanently enabled on
        systems beyond Windows 2000.
Diskraidlaunches the DiskRAID application. (tested on w10x64)last updated 2018/1/16
 
last updated 2018/1/16
Microsoft DiskRAID version 10.0.16299.15

Copyright (C) 2003-2013 Microsoft Corporation.
On computer: DESKTOP-EVP2T60

Usage:  DISKRAID [/? | [/s <script>] [/v]]

    Launches the DiskRAID application.

    /?          specifies that DiskRAID should display this usage text.

    /s <script> specifies that DiskRAID should execute commands from the script
                file at the location specified.

    /v          specifies that DiskRAID should run in verbose mode, printing
                out additional information about each command being executed.

Examples:

    DISKRAID
    DISKRAID /v
Dismenumerates, installs, uninstalls, configures, and updates features and packages in Windows images. The commands that are available depend on the image being serviced and whether the image is offline or running. (tested on w10x64)last updated 2018/1/16
 
last updated 2018/1/16
Deployment Image Servicing and Management tool
Version: 10.0.16299.15


DISM.exe [dism_options] {Imaging_command} [<Imaging_arguments>]
DISM.exe {/Image:<path_to_offline_image> | /Online} [dism_options]
         {servicing_command} [<servicing_arguments>]

DESCRIPTION:

  DISM enumerates, installs, uninstalls, configures, and updates features
  and packages in Windows images. The commands that are available depend
  on the image being serviced and whether the image is offline or running.


GENERIC IMAGING COMMANDS:

  /Split-Image            - Splits an existing .wim file into multiple
                            read-only split WIM (SWM) files.
  /Apply-Image            - Applies an image.
  /Get-MountedImageInfo   - Displays information about mounted WIM and VHD
                            images.
  /Get-ImageInfo          - Displays information about images in a WIM, a VHD
                            or a FFU file.
  /Commit-Image           - Saves changes to a mounted WIM or VHD image.
  /Unmount-Image          - Unmounts a mounted WIM or VHD image.
  /Mount-Image            - Mounts an image from a WIM or VHD file.
  /Remount-Image          - Recovers an orphaned image mount directory.
  /Cleanup-Mountpoints    - Deletes resources associated with corrupted
                            mounted images.

WIM COMMANDS:

  /Apply-CustomDataImage  - Dehydrates files contained in the custom data image.
  /Capture-CustomImage    - Captures customizations into a delta WIM file on a
                            WIMBoot system. Captured directories include all
                            subfolders and data.
  /Get-WIMBootEntry       - Displays WIMBoot configuration entries for the
                            specified disk volume.
  /Update-WIMBootEntry    - Updates WIMBoot configuration entry for the
                            specified disk volume.
  /List-Image             - Displays a list of the files and folders in a
                            specified image.
  /Delete-Image           - Deletes the specified volume image from a WIM file
                            that has multiple volume images.
  /Export-Image           - Exports a copy of the specified image to another
                            file.
  /Append-Image           - Adds another image to a WIM file.
  /Capture-Image          - Captures an image of a drive into a new WIM file.
                            Captured directories include all subfolders and
                            data.
  /Get-MountedWimInfo     - Displays information about mounted WIM images.
  /Get-WimInfo            - Displays information about images in a WIM file.
  /Commit-Wim             - Saves changes to a mounted WIM image.
  /Unmount-Wim            - Unmounts a mounted WIM image.
  /Mount-Wim              - Mounts an image from a WIM file.
  /Remount-Wim            - Recovers an orphaned WIM mount directory.
  /Cleanup-Wim            - Deletes resources associated with mounted WIM
                            images that are corrupted.

FFU COMMANDS:

  /Capture-Ffu            - Captures a physical disk image into a new FFU file.
  /Apply-Ffu              - Applies an .ffu image.
  /Split-Ffu              - Splits an existing .ffu file into multiple read-only
                            split FFU files.

IMAGE SPECIFICATIONS:

  /Online                 - Targets the running operating system.
  /Image                  - Specifies the path to the root directory of an
                            offline Windows image.

DISM OPTIONS:

  /English                - Displays command line output in English.
  /Format                 - Specifies the report output format.
  /WinDir                 - Specifies the path to the Windows directory.
  /SysDriveDir            - Specifies the path to the system-loader file named
                            BootMgr.
  /LogPath                - Specifies the logfile path.
  /LogLevel               - Specifies the output level shown in the log (1-4).
  /NoRestart              - Suppresses automatic reboots and reboot prompts.
  /Quiet                  - Suppresses all output except for error messages.
  /ScratchDir             - Specifies the path to a scratch directory.

For more information about these DISM options and their arguments, specify an
option immediately before /?.

  Examples:
    DISM.exe /Mount-Wim /?
    DISM.exe /ScratchDir /?
    DISM.exe /Image:C:\test\offline /?
    DISM.exe /Online /?
Dispdiaglogs display information to a file in the current directory. (tested on w10x64)last updated 2018/1/16
 
last updated 2018/1/16
Logs display information to a file in the current directory.

Usage: dispdiag [-testacpi] [-d] [-delay <seconds>] [-brightnesslogging] [-out <FilePath>]
        -testacpi            runs hotkey diagnostics test
        -d                   generates a dmp file as well with additional data.
        -delay               delays the collection of data by specified time in seconds.
        -out <FilePath>      path where the dispdiag file should be saved, including filename. This must be the last parameter
        -DumpIdDiag          force Indirect DIsplay framework to dump diag info via WPP
        -brightnesslogging              toggle verbose brightness logging.
        -ccddatabaselogging <on|off>    toggle Ccd database access logging.
        -dxgautologger <on|off>         toggle DxgDiagnostics autologger. Requires admin and a reboot.
        -DodFullscreenupdates <on|off>  toggle if all active display only drivers should process each present
                                        as full screen dirty.
        -Msg <Message to log>           Inserts the specified message into the diagnostic buffers
Output:
        Name of the saved file.
Djoinprovisions a computer account in a domain and requests an offline domain join when a computer restarts. (tested on w10x64)last updated 2018/1/16
 
last updated 2018/1/16
Usage: djoin.exe [/OPTIONS]

  /PROVISION  - Provision a computer account in the domain
      /DOMAIN <Name> - <Name> of the domain to join
      /MACHINE <Name> - Host <Name> of the computer joining the domain
      /MACHINEOU <OU> - Optional <OU> where the account is created
      /DCNAME <DC> - Optional <DC> to target for account creation
      /REUSE - Reuse any existing account (password will be reset)
      /SAVEFILE <FilePath> - Save provisioning data to a file at <FilePath>
      /NOSEARCH - Skip account conflict detection, requires DCNAME (faster)
      /DOWNLEVEL - Support using a Windows Server 2008 DC or earlier
      /PRINTBLOB - Return base64 encoded metadata blob for an answer file
      /DEFPWD - Use default machine account password (not recommended)
      /ROOTCACERTS - Opt. include root Certificate Authority certificates.
      /CERTTEMPLATE <Name> - Optional <Name> of machine certificate template.
                             Includes root Certificate Authority certificates.
      /POLICYNAMES <Name(s)> - Opt. semicolon-separated list of policy names.
                               Each name is the displayName of the GPO in AD.
      /POLICYPATHS <Path(s)> - Opt. semicolon-separated list of policy paths.
                               Each path is a path to a registry policy file.
      /NETBIOS <Name> - Opt. Netbios <Name> of the computer joining the domain.
      /PSITE <Name> - Opt. <Name> of persistent site to put the computer joining
                      the domain in.
      /DSITE <Name> - Opt. <Name> of dynamic site to initially put the computer 
                      joining the domain in.
      /PRIMARYDNS <Name> - Opt. <Name> of primary DNS domain of the computer
                           joining the domain.

  /REQUESTODJ  - Request offline domain join at next boot
      /LOADFILE <FilePath> - <FilePath> specified previously via /SAVEFILE
      /WINDOWSPATH <Path> - <Path> to the Windows directory in an offline image
      /LOCALOS - Allows /WINDOWSPATH to specify the locally running OS.
                 This command must be run as a local Administrator.
                 This option requires a reboot for changes to be applied.

Examples:

To provision a computer account in the domain:
djoin.exe /PROVISION /DOMAIN <DomainName> /MACHINE <MachineName>
          /SAVEFILE <FilePath>
          Note: Other parameters are optional

To request the local machine to perform an offline domain join:
djoin.exe /REQUESTODJ /LOADFILE <FilePath> /WINDOWSPATH <Path>
          Note: Other parameters are optional
ERASEdeletes one or more files. (tested on w10x64)last updated 2018/1/14
 
last updated 2018/1/14
Deletes one or more files.

DEL [/P] [/F] [/S] [/Q] [/A[[:]attributes]] names
ERASE [/P] [/F] [/S] [/Q] [/A[[:]attributes]] names

  names         Specifies a list of one or more files or directories.
                Wildcards may be used to delete multiple files. If a
                directory is specified, all files within the directory
                will be deleted.

  /P            Prompts for confirmation before deleting each file.
  /F            Force deleting of read-only files.
  /S            Delete specified files from all subdirectories.
  /Q            Quiet mode, do not ask if ok to delete on global wildcard
  /A            Selects files to delete based on attributes
  attributes    R  Read-only files            S  System files
                H  Hidden files               A  Files ready for archiving
                I  Not content indexed Files  L  Reparse Points
                -  Prefix meaning not

If Command Extensions are enabled DEL and ERASE change as follows:

The display semantics of the /S switch are reversed in that it shows
you only the files that are deleted, not the ones it could not find.
Esentutlis used to manage Extensible Storage Engine databases. (tested on w10x64)last updated 2018/1/16
 
last updated 2018/1/16
Extensible Storage Engine Utilities for Microsoft(R) Windows(R)
Version 10.0
Copyright (C) Microsoft Corporation. All Rights Reserved.

DESCRIPTION:  Database utilities for the Extensible Storage Engine for Microsoft(R) Windows(R).

MODES OF OPERATION:
      Defragmentation:   /d <database name> [options]
             Recovery:   /r <logfile base name> [options]
            Integrity:   /g <database name> [options]
             Checksum:   /k <file name> [options]
               Repair:   /p <database name> [options]
            File Dump:   /m[mode-modifier] <filename>
            Copy File:   /y <source file> [options]

<<<<<  Press a key for more help  >>>>>
D=Defragmentation, R=Recovery, G=inteGrity, K=checKsum,
P=rePair, M=file duMp, Y=copY file
=>
Extrac32uncompress one or more compressed .CAB cabinet files. (tested on w10x64)last updated 2018/1/16 Fltmcmanages MiniFilter drivers. (tested on w10x64)last updated 2018/1/16
 
last updated 2018/1/16
Valid commands:
    load        Loads a Filter driver
    unload      Unloads a Filter driver
    filters     Lists the Filters currently registered in the system
    instances   Lists the Instances for a Filter or Volume currently
                registered in the system
    volumes     Lists all volumes/RDRs in the system
    attach      Creates a Filter Instance to a Volume
    detach      Removes a Filter Instance from a Volume

    Use fltmc help [ command ] for help on a specific command
Fondueenables Windows optional features by downloading required files from Windows Update or another source specified by Group Policy. (tested on w10x64)last updated 2018/1/16
 
last updated 2018/1/16
Features on Demand User Experience Tool

FONDUE.exe /enable-feature <value> [/caller-name:<value>][/hide-ux:{all | rebootRequest}]

Fondue.exe enables windows optional features by downloading required files
from windows Update or a source that Group Policy specifies.

/enable-feature	-Specifies the name of the Windows optional feature that 
  you want to enable. You can enable only one feature per command line. To
  enable multiple features, use Fondue.exe for each feature.

/caller-name	-specifies the program or process name when you call
  Fondue.exe from a script or a batch file. You can use this options to send
  a report of the program name to Microsoft.

/hide-ux{all | rebootRequest}	-Use "all" to hide all messages to the user.
  including progress and permission requests to access Windows Update. If
  permission is required, the operation will fail.
  Use "rebootRequest" only to hide user messages that ask for permission to
  reboot the PC. Use this option if you have a script that controls reboot
  request.

EXAMPLES:
 FONDUE.exe /enable-feature:NETFX3
 FONDUE.exe /enable-feature:NETFX3 /caller-name:Admin.bat /hide-ux:all
Forfilesselects a file (or set of files) and executes a command on that file. This is helpful for batch jobs. (tested on w10x64)last updated 2018/1/16
 
last updated 2018/1/16
FORFILES [/P pathname] [/M searchmask] [/S]
         [/C command] [/D [+ | -] {MM/dd/yyyy | dd}]

Description:
    Selects a file (or set of files) and executes a
    command on that file. This is helpful for batch jobs.

Parameter List:
    /P    pathname      Indicates the path to start searching.
                        The default folder is the current working
                        directory (.).

    /M    searchmask    Searches files according to a searchmask.
                        The default searchmask is '*' .

    /S                  Instructs forfiles to recurse into
                        subdirectories. Like "DIR /S".

    /C    command       Indicates the command to execute for each file.
                        Command strings should be wrapped in double
                        quotes.

                        The default command is "cmd /c echo @file".

                        The following variables can be used in the
                        command string:
                        @file    - returns the name of the file.
                        @fname   - returns the file name without
                                   extension.
                        @ext     - returns only the extension of the
                                   file.
                        @path    - returns the full path of the file.
                        @relpath - returns the relative path of the
                                   file.
                        @isdir   - returns "TRUE" if a file type is
                                   a directory, and "FALSE" for files.
                        @fsize   - returns the size of the file in
                                   bytes.
                        @fdate   - returns the last modified date of the
                                   file.
                        @ftime   - returns the last modified time of the
                                   file.

                        To include special characters in the command
                        line, use the hexadecimal code for the character
                        in 0xHH format (ex. 0x09 for tab). Internal
                        CMD.exe commands should be preceded with
                        "cmd /c".

    /D    date          Selects files with a last modified date greater
                        than or equal to (+), or less than or equal to
                        (-), the specified date using the
                        "MM/dd/yyyy" format; or selects files with a
                        last modified date greater than or equal to (+)
                        the current date plus "dd" days, or less than or
                        equal to (-) the current date minus "dd" days. A
                        valid "dd" number of days can be any number in
                        the range of 0 - 32768.
                        "+" is taken as default sign if not specified.

    /?                  Displays this help message.

Examples:
    FORFILES /?
    FORFILES
    FORFILES /P C:\WINDOWS /S /M DNS*.*
    FORFILES /S /M *.txt /C "cmd /c type @file | more"
    FORFILES /P C:\ /S /M *.bat
    FORFILES /D -30 /M *.exe
             /C "cmd /c echo @path 0x09 was changed 30 days ago"
    FORFILES /D 01/01/2001
             /C "cmd /c echo @fname is new since Jan 1st 2001"
    FORFILES /D +1/15/2018 /C "cmd /c echo @fname is new today"
    FORFILES /M *.exe /D +1
    FORFILES /S /M *.doc /C "cmd /c echo @fsize"
    FORFILES /M *.txt /C "cmd /c if @isdir==FALSE notepad.exe @file"
Graphicsis used to load a program that can print graphics. (tested on w10x64)last updated 2018/1/16 Hwrcompis used to compile custom dictionaries for handwriting recognition. (tested on w10x64)last updated 2018/1/16
 
last updated 2018/1/16
Usage: hwrcomp [-lang <locale>]
               [-type <type>]
               [-comment <comment>]
               [-check | -o <dictfile.hwrdict>]
               <inputfile>

-check                Verify the input file
-lang <locale>        Assign this default language to the dictionary file.
                      Locale is of the form <language>-<REGION> using ISO codes
-type <type>          Assign this type to the dictionary file
-comment <comment>    Compile this comment into the dictionary file
-o <dictfile.hwrdict> Output to this file name.
                      If this option is missing, use <inputfile>.hwrdict

Examples:
hwrcomp -check mylist1.txt
  verifies file content
hwrcomp -lang en-US -type SECONDARY-DICTIONARY -o myrsrc1 mylist1.txt
  compiles mylist1.txt into myrsrc1.hwrdict,
  assigns language 'English (US)' and type 'SECONDARY-DICTIONARY'
Hwrregis used to install a previously compiled custom dictionary for handwriting recognition. (tested on w10x64)last updated 2018/1/16
 
last updated 2018/1/16
USAGE:
  hwrreg [-check]
         [-lang <locale>]
         [-scope {all|me}]
         [-noprompt]
         <dictfile.hwrdict>

-check          Verify dictionary file and show its registration information
-lang <locale>  Assign this language to the installed dictionary.
                Locale is of the form <language>-<REGION> using ISO codes
-scope {all|me} Install for all users on this machine or just for me
-noprompt       Don't prompt for confirmation

Example:
hwrreg -lang en-US myrsrc1.hwrdict
  installs myrsrc1.hwrdict with language 'English (US)' and default scope 'me'


Usage: hwrreg [-lang <localename>]
              [-scope {all|me}]
              [-type <type>]
              -list | -remove

-lang <locale>  List or remove dictionaries registered for this language.
                Locale is of the form <language>-<REGION> using ISO codes
-scope {all|me} List or remove dictionaries installed for all users
                or or just dictionaries installed for me (default)
-type <type>    List or remove dictionaries registered with this type
-list           List all installed dictionaries matching the other options
-remove         Prompts for removal of any dictionary  matching other options

Examples:
hwrreg -list -lang en-US -type PRIMARY-DICTIONARY
  lists dictionaries installed for me with this language and type
hwrreg -remove -lang en-US -type PRIMARY-DICTIONARY
  removes dictionaries installed for me with this language and type
ICACLSdisplay, modify, backup, or restore ACLs for files and directories. (tested on w10x64)last updated 2018/1/14
 
last updated 2018/1/14
ICACLS name /save aclfile [/T] [/C] [/L] [/Q]
    stores the DACLs for the files and folders that match the name
    into aclfile for later use with /restore. Note that SACLs,
    owner, or integrity labels are not saved.

ICACLS directory [/substitute SidOld SidNew [...]] /restore aclfile
                 [/C] [/L] [/Q]
    applies the stored DACLs to files in directory.

ICACLS name /setowner user [/T] [/C] [/L] [/Q]
    changes the owner of all matching names. This option does not
    force a change of ownership; use the takeown.exe utility for
    that purpose.

ICACLS name /findsid Sid [/T] [/C] [/L] [/Q]
    finds all matching names that contain an ACL
    explicitly mentioning Sid.

ICACLS name /verify [/T] [/C] [/L] [/Q]
    finds all files whose ACL is not in canonical form or whose
    lengths are inconsistent with ACE counts.

ICACLS name /reset [/T] [/C] [/L] [/Q]
    replaces ACLs with default inherited ACLs for all matching files.

ICACLS name [/grant[:r] Sid:perm[...]]
       [/deny Sid:perm [...]]
       [/remove[:g|:d]] Sid[...]] [/T] [/C] [/L] [/Q]
       [/setintegritylevel Level:policy[...]]

    /grant[:r] Sid:perm grants the specified user access rights. With :r,
        the permissions replace any previously granted explicit permissions.
        Without :r, the permissions are added to any previously granted
        explicit permissions.

    /deny Sid:perm explicitly denies the specified user access rights.
        An explicit deny ACE is added for the stated permissions and
        the same permissions in any explicit grant are removed.

    /remove[:[g|d]] Sid removes all occurrences of Sid in the ACL. With
        :g, it removes all occurrences of granted rights to that Sid. With
        :d, it removes all occurrences of denied rights to that Sid.

    /setintegritylevel [(CI)(OI)]Level explicitly adds an integrity
        ACE to all matching files.  The level is to be specified as one
        of:
            L[ow]
            M[edium]
            H[igh]
        Inheritance options for the integrity ACE may precede the level
        and are applied only to directories.

    /inheritance:e|d|r
        e - enables inheritance
        d - disables inheritance and copy the ACEs
        r - remove all inherited ACEs


Note:
    Sids may be in either numerical or friendly name form. If a numerical
    form is given, affix a * to the start of the SID.

    /T indicates that this operation is performed on all matching
        files/directories below the directories specified in the name.

    /C indicates that this operation will continue on all file errors.
        Error messages will still be displayed.

    /L indicates that this operation is performed on a symbolic link
       itself versus its target.

    /Q indicates that icacls should suppress success messages.

    ICACLS preserves the canonical ordering of ACE entries:
            Explicit denials
            Explicit grants
            Inherited denials
            Inherited grants

    perm is a permission mask and can be specified in one of two forms:
        a sequence of simple rights:
                N - no access
                F - full access
                M - modify access
                RX - read and execute access
                R - read-only access
                W - write-only access
                D - delete access
        a comma-separated list in parentheses of specific rights:
                DE - delete
                RC - read control
                WDAC - write DAC
                WO - write owner
                S - synchronize
                AS - access system security
                MA - maximum allowed
                GR - generic read
                GW - generic write
                GE - generic execute
                GA - generic all
                RD - read data/list directory
                WD - write data/add file
                AD - append data/add subdirectory
                REA - read extended attributes
                WEA - write extended attributes
                X - execute/traverse
                DC - delete child
                RA - read attributes
                WA - write attributes
        inheritance rights may precede either form and are applied
        only to directories:
                (OI) - object inherit
                (CI) - container inherit
                (IO) - inherit only
                (NP) - don't propagate inherit
                (I) - permission inherited from parent container

Examples:

        icacls c:\windows\* /save AclFile /T
        - Will save the ACLs for all files under c:\windows
          and its subdirectories to AclFile.

        icacls c:\windows\ /restore AclFile
        - Will restore the Acls for every file within
          AclFile that exists in c:\windows and its subdirectories.

        icacls file /grant Administrator:(D,WDAC)
        - Will grant the user Administrator Delete and Write DAC
          permissions to file.

        icacls file /grant *S-1-1-0:(D,WDAC)
        - Will grant the user defined by sid S-1-1-0 Delete and
          Write DAC permissions to file.
Iscsiclistarts the Microsoft iSCSI Initiator, used to manage iSCSI. (tested on w10x64)last updated 2018/1/16
 
last updated 2018/1/16
Microsoft iSCSI Initiator Version 10.0 Build 16299

iscsicli

iscsicli AddTarget <TargetName> <TargetAlias> <TargetPortalAddress>
                           <TargetPortalSocket> <Target flags>
                           <Persist> <Login Flags> <Header Digest> <Data Digest>
                           <Max Connections> <DefaultTime2Wait>
                           <DefaultTime2Retain> <Username> <Password> <AuthType>
                           <Mapping Count> <Target Lun> <OS Bus> <Os Target>
                           <OS Lun> ...

iscsicli RemoveTarget <TargetName>

iscsicli AddTargetPortal <TargetPortalAddress> <TargetPortalSocket>
                         [HBA Name] [Port Number]
                         <Security Flags>
                         <Login Flags> <Header Digest> <Data Digest>
                         <Max Connections> <DefaultTime2Wait>
                        <DefaultTime2Retain> <Username> <Password> <AuthType>

iscsicli RemoveTargetPortal <TargetPortalAddress> <TargetPortalSocket> [HBA Name] [Port Number]

iscsicli RefreshTargetPortal <TargetPortalAddress> <TargetPortalSocket> [HBA Name] [Port Number]

iscsicli ListTargets [ForceUpdate]

iscsicli ListTargetPortals

iscsicli TargetInfo <TargetName> [Discovery Mechanism]

iscsicli LoginTarget <TargetName> <ReportToPNP>
                     <TargetPortalAddress> <TargetPortalSocket>
                     <InitiatorInstance> <Port number> <Security Flags>
                    <Login Flags> <Header Digest> <Data Digest>
                    <Max Connections> <DefaultTime2Wait>
                    <DefaultTime2Retain> <Username> <Password> <AuthType> <Key>
                    <Mapping Count> <Target Lun> <OS Bus> <Os Target>
                    <OS Lun> ...

iscsicli LogoutTarget <SessionId>

iscsicli PersistentLoginTarget <TargetName> <ReportToPNP>
                     <TargetPortalAddress> <TargetPortalSocket>
                    <InitiatorInstance> <Port number> <Security Flags>
                    <Login Flags> <Header Digest> <Data Digest>
                    <Max Connections> <DefaultTime2Wait>
                    <DefaultTime2Retain> <Username> <Password> <AuthType> <Key>
                    <Mapping Count> <Target Lun> <OS Bus> <Os Target>
                    <OS Lun> ...

iscsicli ListPersistentTargets

iscsicli RemovePersistentTarget <Initiator Name> <TargetName>
                               <Port Number>
                               <Target Portal Address>
                                <Target Portal Socket>

iscsicli AddConnection <SessionId> <Initiator Instance>
                      <Port Number> <Target Portal Address>
                      <Target Portal Socket> <Security Flags>
                      <Login Flags> <Header Digest> <Data Digest>
                      <Max Connections> <DefaultTime2Wait>
                      <DefaultTime2Retain> <Username> <Password> <AuthType> <Key>

iscsicli RemoveConnection <SessionId> <ConnectionId>
iscsicli ScsiInquiry <SessionId> <LUN> <EvpdCmddt> <PageCode>

iscsicli ReadCapacity <SessionId> <LUN>

iscsicli ReportLUNs <SessionId>

iscsicli ReportTargetMappings

iscsicli ListInitiators

iscsicli AddiSNSServer <iSNS Server Address>

iscsicli RemoveiSNSServer <iSNS Server Address>

iscsicli RefreshiSNSServer <iSNS Server Address>

iscsicli ListiSNSServers

iscsicli FirewallExemptiSNSServer

iscsicli NodeName <node name>

iscsicli SessionList <Show Session Info>

iscsicli CHAPSecret <chap secret>

iscsicli TunnelAddr <Initiator Name> <InitiatorPort> <Destination Address> <Tunnel Address> <Persist>

iscsicli GroupKey <Key> <Persist>

iscsicli BindPersistentVolumes

iscsicli BindPersistentDevices

iscsicli ReportPersistentDevices

iscsicli AddPersistentDevice <Volume or Device Path>

iscsicli RemovePersistentDevice <Volume or Device Path>

iscsicli ClearPersistentDevices

iscsicli Ping <Initiator Name> <Address> [Request Count] [Request Size] [Request Timeout]

iscsicli GetPSKey <Initiator Name> <initiator Port> <Id Type> <Id>

iscsicli PSKey <Initiator Name> <initiator Port> <Security Flags> <Id Type> <Id> <Key> <persist>
Quick Commands

iscsicli QLoginTarget <TargetName>  [CHAP Username] [CHAP Password]

iscsicli QAddTarget <TargetName> <TargetPortalAddress>

iscsicli QAddTargetPortal <TargetPortalAddress>
                          [CHAP Username] [CHAP Password]

iscsicli QAddConnection <SessionId> <Initiator Instance>
                        <Target Portal Address>
                        [CHAP Username] [CHAP Password]

Target Mappings:
    <Target Lun> is the LUN value the target uses to expose the LUN.
                 It must be in the form 0x0123456789abcdef
    <OS Bus> is the bus number the OS should use to surface the LUN
    <OS Target> is the target number the OS should use to surface the LUN
    <OS LUN> is the LUN number the OS should use to surface the LUN

Payload Id Type:
    ID_IPV4_ADDR is      1 - Id format is 1.2.3.4
    ID_FQDN is           2 - Id format is ComputerName
    ID_IPV6_ADDR is      5 - Id form is IPv6 Address
Security Flags:
    TunnelMode is          0x00000040
    TransportMode is       0x00000020
    PFS Enabled is         0x00000010
    Aggressive Mode is     0x00000008
    Main mode is           0x00000004
    IPSEC/IKE Enabled is   0x00000002
    Valid Flags is         0x00000001

Login Flags:
    ISCSI_LOGIN_FLAG_REQUIRE_IPSEC                0x00000001
        IPsec is required for the operation

    ISCSI_LOGIN_FLAG_MULTIPATH_ENABLED            0x00000002
        Multipathing is enabled for the target on this initiator

AuthType:
    ISCSI_NO_AUTH_TYPE = 0,
        No iSCSI in-band authentication is used

    ISCSI_CHAP_AUTH_TYPE = 1,
        One way CHAP (Target authenticates initiator is used)

    ISCSI_MUTUAL_CHAP_AUTH_TYPE = 2
        Mutual CHAP (Target and Initiator authenticate each other is used)

Target Flags:
    ISCSI_TARGET_FLAG_HIDE_STATIC_TARGET            0x00000002
        If this flag is set then the target will never be reported unless it
        is also discovered dynamically.

    ISCSI_TARGET_FLAG_MERGE_TARGET_INFORMATION      0x00000004
        If this flag is set then the target information passed will be
        merged with any target information already statically configured for
        the target

CHAP secrets, CHAP passwords and IPSEC preshared keys can be specified as
a text string or as a sequence of hexadecimal values. The value specified on
the command line is always considered a string unless the first two characters
0x in which case it is considered a hexadecimal value.

For example 0x12345678 specifies a 4 byte secret

All numerical values are assumed decimal unless preceeded by 0x. If
preceeded by 0x then value is assumed to be hex

iscsicli can also be run in command line mode where iscsicli commands
can be entered directly from the console. To enter command line
mode, just run iscsicli without any parameters

The operation completed successfully.
Klistdisplays a list of currently cached Kerberos tickets. (tested on w10x64)last updated 2018/1/16
 
last updated 2018/1/16
Usage: klist.exe [command]

Command list:
  [tickets] [-lh <LogonId.HighPart>] [-li <LogonId.LowPart>]
  tgt [-lh <LogonId.HighPart>] [-li <LogonId.LowPart>]
  purge [-lh <LogonId.HighPart>] [-li <LogonId.LowPart>]
  sessions [-lh <LogonId.HighPart>] [-li <LogonId.LowPart>]
  kcd_cache [-lh <LogonId.HighPart>] [-li <LogonId.LowPart>]
  get <SPN> [-lh <LogonId.HighPart>] [-li <LogonId.LowPart>]
            [-kdcoptions <options>] [-cacheoptions <options>]
  add_bind <DOMAIN> <DC>
  query_bind
  purge_bind
Ksetupperforms tasks that are related to setting up and maintaining Kerberos protocol and the Key Distribution Center (KDC) to support Kerberos realms, which are not also Windows domains. (tested on w10x64)last updated 2018/1/16
 
last updated 2018/1/16
USAGE:
/SetRealm <DnsDomainName>
        Makes this computer a member of an RFC1510 Kerberos Realm
/MapUser <Principal> [Account]
        Maps a Kerberos Principal ('*' = any principal)
        to an account ('*' = an account by same name);
        If account name is omitted, mapping is deleted
        for the specified principal
/AddKdc <RealmName> [KdcName]
        Defines a KDC entry for the given realm.
        If KdcName omitted, DNS may be used to locate KDCs.
/DelKdc <RealmName> [KdcName]
        deletes a KDC entry for the realm.
        If KdcName omitted, the realm entry itself is deleted.
/AddKpasswd <Realmname> <KpasswdName>
        Add Kpasswd server address for a realm
/DelKpasswd <Realmname> <KpasswdName>
        Delete Kpasswd server address for a realm
/Server <Servername>
        specify name of a Windows machine to target the changes.
/SetComputerPassword <Password>
        Sets the password for the computer's domain account
        (or host principal)
/RemoveRealm <RealmName>
        delete all information for this realm from the registry.
/Domain [DomainName]
        use this domain (if DomainName is unspecified, detect it)
/ChangePassword <OldPasswd> <NewPasswd>
        Use Kpasswd to change the logged-on user's password.
        Use '*' to be prompted for passwords.
/ListRealmFlags (no args)
        Lists the available Realm flags that ksetup knows
/SetRealmFlags <realm> <flag> [flag] [flag] [...]
        Sets RealmFlags for a specific realm
/AddRealmFlags <realm> <flag> [flag] [flag] [...]
        Adds additional RealmFlags to a realm
/DelRealmFlags <realm> <flag> [flag] [flag] [...]
        Deletes RealmFlags from a realm.
/DumpState (no args)
        Analyze the kerberos configuration on the given machine.
/AddHostToRealmMap <host> <realm>
        Adds a mapping for <host> to <realm> to the registry.
/DelHostToRealmMap <host> <realm>
        Deletes existing mapping for <host> to <realm> from the registry.
/SetEncTypeAttr <domainname> <enctypes>
        Sets the encryption types trust attribute for <domain> to <enctypes> (multiple types should be separated by spaces).
        Supported encryption types are:
          DES-CBC-CRC, DES-CBC-MD5, RC4-HMAC-MD5,
          AES128-CTS-HMAC-SHA1-96, AES256-CTS-HMAC-SHA1-96
/GetEncTypeAttr <domainname>
        Gets the encryption types trust attribute for <domain>.
/AddEncTypeAttr <domainname> <enctypes>
        Adds <enctypes> to the encryption types trust attribute for <domain> (multiple types should be separated by spaces).
/DelEncTypeAttr <domainname>
        Deletes the encryption types trust attribute for <domain>.
Ktmutilstarts the Kernel Transaction Manager utility. If used without parameters, (tested on w10x64)last updated 2018/1/16
 
last updated 2018/1/16
---- Commands Supported ----

tx     Commands related to transactions
tm     Commands related to transaction managers
Licensingdiagis used to generate a text-based log and other data files that contain product activation and other Windows licensing information. (tested on w10x64)last updated 2018/1/16 Makecabpackage existing files into a cabinet (.cab) file. (tested on w10x64)last updated 2018/1/16
 
last updated 2018/1/16
Cabinet Maker - Lossless Data Compression Tool

MAKECAB [/V[n]] [/D var=value ...] [/L dir] source [destination]
MAKECAB [/V[n]] [/D var=value ...] /F directive_file [...]

  source         File to compress.
  destination    File name to give compressed file.  If omitted, the
                 last character of the source file name is replaced
                 with an underscore (_) and used as the destination.
  /F directives  A file with MakeCAB directives (may be repeated). Refer to
                 Microsoft Cabinet SDK for information on directive_file.
  /D var=value   Defines variable with specified value.
  /L dir         Location to place destination (default is current directory).
  /V[n]          Verbosity level (1..3).
Manage-bdeconfigures BitLocker Drive Encryption on disk volumes. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
BitLocker Drive Encryption: Configuration Tool version 10.0.16299
Copyright (C) 2013 Microsoft Corporation. All rights reserved.

manage-bde[.exe] -parameter [arguments]

Description:
    Configures BitLocker Drive Encryption on disk volumes.

Parameter List:
    -status     Provides information about BitLocker-capable volumes.
    -on         Encrypts the volume and turns BitLocker protection on.
    -off        Decrypts the volume and turns BitLocker protection off.
    -pause      Pauses encryption, decryption, or free space wipe.
    -resume     Resumes encryption, decryption, or free space wipe.
    -lock       Prevents access to BitLocker-encrypted data.
    -unlock     Allows access to BitLocker-encrypted data.
    -autounlock Manages automatic unlocking of data volumes.
    -protectors Manages protection methods for the encryption key.
    -SetIdentifier or -si
                Configures the identification field for a volume.
    -ForceRecovery or -fr
                Forces a BitLocker-protected OS to recover on restarts.
    -changepassword
                Modifies password for a data volume.
    -changepin  Modifies PIN for a volume.
    -changekey  Modifies startup key for a volume.
    -KeyPackage or -kp
                Generates a key package for a volume.
    -upgrade    Upgrades the BitLocker version.
    -WipeFreeSpace or -w
                Wipes the free space on the volume.
    -ComputerName or -cn
                Runs on another computer. Examples: "ComputerX", "www.output.to"
    -? or /?    Displays brief help. Example: "-ParameterSet -?"
    -Help or -h Displays complete help. Example: "-ParameterSet -h"

Examples:
    manage-bde -status
    manage-bde -on C: -RecoveryPassword -RecoveryKey F:\
    manage-bde -unlock E: -RecoveryKey F:\84E151C1...7A62067A512.bek
MDcreates a directory. (tested on w10x64)last updated 2018/1/14
 
last updated 2018/1/14
Creates a directory.

MKDIR [drive:]path
MD [drive:]path

If Command Extensions are enabled MKDIR changes as follows:

MKDIR creates any intermediate directories in the path, if needed.
For example, assume \a does not exist then:

    mkdir \a\b\c\d

is the same as:

    mkdir \a
    chdir \a
    mkdir b
    chdir b
    mkdir c
    chdir c
    mkdir d

which is what you would have to type if extensions were disabled.
MKLINKcreates Symbolic Links and Hard Links (tested on w10x64)last updated 2018/1/14
 
last updated 2018/1/14
Creates a symbolic link.

MKLINK [[/D] | [/H] | [/J]] Link Target

        /D      Creates a directory symbolic link.  Default is a file
                symbolic link.
        /H      Creates a hard link instead of a symbolic link.
        /J      Creates a Directory Junction.
        Link    Specifies the new symbolic link name.
        Target  Specifies the path (relative or absolute) that the new link
                refers to.
Mofcompdisplays the data within a Managed Object Format (MOF) file. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Microsoft (R) MOF Compiler Version 10.0.16299.15
Copyright (c) Microsoft Corp. 1997-2006. All rights reserved.

usage: mofcomp [-check] [-N:<Path>]
               [-class:updateonly|-class:createonly]
               [-instance:updateonly|-instance:createonly]
               [-B:<filename>] [-P:<Password>] [-U:<UserName>]
               [-A:<Authority>] [-WMI] [-AUTORECOVER]
               [-MOF:<path>] [-MFL:<path>] [-AMENDMENT:<Locale>]
               [-ER:<ResourceName>] [-L:<ResourceLocale>]
               <MOF filename>

   -check                    Syntax check only
   -N:<path>                 Load into this namespace by default
   -class:updateonly         Do not create new classes
   -class:safeupdate         Update unless conflicts exist
   -class:forceupdate        Update resolving conflicts if possible
   -class:createonly         Do not change existing classes
   -instance:updateonly      Do not create new instances
   -instance:createonly      Do not change existing instances
   -U:<UserName>             User Name
   -P:<Password>             Login password
   -A:<Authority>            Example: NTLMDOMAIN:Domain
   -B:<destination filename> Creates a binary MOF file, does not add to DB
   -WMI                      Do Windows Driver Model (WDM) checks, requires -B switch
   -AUTORECOVER              Adds MOF to list of files compiled during DB recovery
   -Amendment:<LOCALE>       splits MOF into language neutral and specific versions
                             where locale is of the form "MS_4??"
   -MOF:<path>               name of the language neutral output
   -MFL:<path>               name of the language specific output
   -ER:<ResourceName>        extracts binary mof from named resource
   -L:<ResourceLocale>       optional specific locale number when using -ER switch

   Example c:>mofcomp -N:root\default yourmof.mof
Mrinfois used to provide information about a router's interfaces and neighbors. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Usage: mrinfo [-n?] [-i address] [-t secs] [-r retries] destination

 -n           Display IP addresses in numeric format
 -i address   Address of local interface to send query out
 -t seconds   Timeout in seconds for IGMP queries (default = 3 seconds)
 -r retries   Number of extra times to send the SNMP queries (default = 0)      
 -?           Print Usage
 destination  Address or name of destination
Muiunattendstarts the Multilanguage User Interface unattended setup process. (tested on w10x64)last updated 2018/1/17 Net1is used to display, configure, and correct a wide variety of network settings. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
The syntax of this command is:

NET
    [ ACCOUNTS | COMPUTER | CONFIG | CONTINUE | FILE | GROUP | HELP |
      HELPMSG | LOCALGROUP | PAUSE | SESSION | SHARE | START |
      STATISTICS | STOP | TIME | USE | USER | VIEW ]
Netcfginstalls the Windows Preinstallation Environment (WinPE), a lightweight version of Windows used to deploy workstations. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
netcfg [-v] [-winpe] [-l <full-path-to-component-INF>] -c <p|s|c>
       -i <comp-id>

    -winpe installs TCP/IP, NetBIOS and Microsoft Client for Windows
           preinstallation environment
    -l     provides the location of INF
    -c     provides the class of the component to be installed (p == Protocol,
           s == Service, c == Client)
    -i     provides the component ID

    The arguments must be passed in the order shown.

    Examples:

    netcfg -l c:\oemdir\myprot.inf -c p -i myprot

        Installs protocol 'myprot' using c:\oemdir\myprot.inf

    netcfg -c s -i MS_Server

        Installs service 'MS_Server'

OR

netcfg [-v] -winpe

    Example:

    netcfg -v -winpe

        Installs TCP/IP, NetBIOS, and Microsoft Client for Windows
        preinstallation environment

OR

netcfg [-v] -q <comp-id>

    Example:

    netcfg -q MS_IPX

        Displays if component 'MS_IPX' is installed

OR

netcfg [-v] -u <comp-id>

    Example:

    netcfg -u MS_IPX

        Uninstalls component 'MS_IPX'

OR

netcfg [-v] -s <a|n>

    -s  provides the type of components to show (a == adapters,
        n == net components)

    Example:

    netcfg -s n

        Shows all installed net components

OR

netcfg [-v] -b <comp-id>

    Example:

    netcfg -b ms_tcpip

        Shows binding paths containing 'MS_TCPIP'

OR

netcfg [-v] -m

    Example:

    netcfg -m

        Outputs the binding map to NetworkBindingMap.txt in the current directory.
        -v will also display the binding map to the console.

OR

netcfg -d

    Example:

    netcfg -d

        Performs a cleanup on all networking devices.
                This will require a reboot.

OR

netcfg -x

    Example:

    netcfg -x

        Performs a cleanup on networking devices, skipping those without physical
        object names.
                This will require a reboot.

General Notes:
  -v    Run in verbose (detailed) mode
  -?    Displays this help information
Nltestperforms network administrative tasks. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Usage: nltest [/OPTIONS]


    /SERVER:<ServerName> - Specify <ServerName>

    /QUERY - Query <ServerName> netlogon service
    /REPL - Force partial sync on <ServerName> BDC
    /SYNC - Force full sync on <ServerName> BDC
    /PDC_REPL - Force UAS change message from <ServerName> PDC

    /SC_QUERY:<DomainName> - Query secure channel for <Domain> on <ServerName>
    /SC_RESET:<DomainName>[\<DcName>] - Reset secure channel for <Domain> on <ServerName> to <DcName>
    /SC_VERIFY:<DomainName> - Verify secure channel for <Domain> on <ServerName>
    /SC_CHANGE_PWD:<DomainName> - Change a secure channel  password for <Domain> on <ServerName>
    /DCLIST:<DomainName> - Get list of DC's for <DomainName>
    /DCNAME:<DomainName> - Get the PDC name for <DomainName>
    /DSGETDC:<DomainName> - Call DsGetDcName /PDC /DS /DSP /GC /KDC
        /TIMESERV /GTIMESERV /WS /NETBIOS /DNS /IP /FORCE /WRITABLE /AVOIDSELF /LDAPONLY /BACKG /DS_6 /DS_8 /DS_9 /DS_10
        /TRY_NEXT_CLOSEST_SITE /SITE:<SiteName> /ACCOUNT:<AccountName> /RET_DNS /RET_NETBIOS
    /DNSGETDC:<DomainName> - Call DsGetDcOpen/Next/Close /PDC /GC
        /KDC /WRITABLE /LDAPONLY /FORCE /SITESPEC
    /DSGETFTI:<DomainName> - Call DsGetForestTrustInformation
        /UPDATE_TDO
    /DSGETSITE - Call DsGetSiteName
    /DSGETSITECOV - Call DsGetDcSiteCoverage
    /DSADDRESSTOSITE:[MachineName] - Call DsAddressToSiteNamesEx
        /ADDRESSES:<Address1,Address2,...>
    /PARENTDOMAIN - Get the name of the parent domain of this machine
    /WHOWILL:<Domain>* <User> [<Iteration>] - See if <Domain> will log on <User>
    /FINDUSER:<User> - See which trusted domain will log on <User>
    /TRANSPORT_NOTIFY - Notify netlogon of new transport

    /DBFLAG:<HexFlags> - New debug flag

    /USER:<UserName> - Query User info on <ServerName>

    /TIME:<Hex LSL> <Hex MSL> - Convert NT GMT time to ascii
    /LOGON_QUERY - Query number of cumulative logon attempts
    /DOMAIN_TRUSTS - Query domain trusts on <ServerName>
        /PRIMARY /FOREST /DIRECT_OUT /DIRECT_IN /ALL_TRUSTS /V
    /DSREGDNS - Force registration of all DC-specific DNS records
    /DSDEREGDNS:<DnsHostName> - Deregister DC-specific DNS records for specified DC
        /DOM:<DnsDomainName> /DOMGUID:<DomainGuid> /DSAGUID:<DsaGuid>
    /DSQUERYDNS - Query the status of the last update for all DC-specific DNS records

    /BDC_QUERY:<DomainName> - Query replication status of BDCs for <DomainName>

    /LIST_DELTAS:<FileName> - display the content of given change log file

    /CDIGEST:<Message> /DOMAIN:<DomainName> - Get client digest
    /SDIGEST:<Message> /RID:<RID in hex> - Get server digest

    /SHUTDOWN:<Reason> [<Seconds>] - Shutdown <ServerName> for <Reason>
    /SHUTDOWN_ABORT - Abort a system shutdown
Pkgmgris used to start the Windows Package Manager from the Command Prompt. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Note: PkgMgr.exe has been deprecated. Please update your scripts to 
use DISM.exe to install, uninstall, configure, and update features
and packages for Windows.
See http://go.microsoft.com/fwlink/?LinkID=195329 for more 
information.

/?, /h, /help			-Displays this help.

/ip				-Install package

/up				-Uninstall package

/up:[{package name1}[;...]]	-Uninstall package(s)

/iu:{update name1}[;...]	-Install update(s) specified by name

/uu:{update name1}[;...]	-Uninstall update(s) specified by name

/m:"{package directory}"	-Specifies the location of the package

/p:"{package name}"		-specifies the identity of the package

/o:"[{boot drive path};]{offline Windows directory path}"
				-Specifies operation against an offline
				 Windows image
/n:{unattend file}		-Specifies unattended operation
				 parameters

/s:{sandbox directory}		-Specifies directory to extract files to

/quiet				-Runs pkgmgr.exe without UI. If restart
				 is required it will be performed without a prompt

/norestart			-Suppress restart (when restart is necessary)

/l:{log file}			-Specifies a file for diagnostic output
Pnpunattendaudits a computer for device drivers, and perform unattended driver installations, or search for drivers without installing and, optionally, report the results to the command line. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
DESCRIPTION:
AuditSystem, Unattend online driver install

USAGE:
   PnPUnattend.exe [auditSystem | /help /? /h] [/s] [/L]
       auditSystem   Online driver install.
       /help /? /h    This help.
       /s             Search without installing.
       /L             Print Logging information to the command line.
Pnputiluses to manage the driver store. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Microsoft PnP Utility

PNPUTIL [/add-driver <...> | /delete-driver <...> |
         /export-driver <...> | /enum-drivers | /?]

Commands:

  /add-driver <filename.inf | *.inf> [/subdirs] [/install] [/reboot]

    Add driver package(s) into the driver store.
      /subdirs - traverse sub directories for driver packages.
      /install - install/update drivers on any matching devices.
      /reboot - reboot system if needed to complete the operation.

  /delete-driver <oem#.inf> [/uninstall] [/force] [/reboot]

    Delete driver package from the driver store.
      /uninstall - uninstall driver package from any devices using it.
      /force - delete driver package even when it is in use by devices.
      /reboot - reboot system if needed to complete the operation.

  /export-driver <oem#.inf | *> <target directory>

    Export driver package(s) from the driver store into a target directory.

  /enum-drivers

    Enumerate all 3rd party driver packages in the driver store.

  /?

    Show this usage screen.

Legacy Commands:

  [-i] -a <filename.inf> ==> /add-driver <filename.inf> [/install]
  [-f] -d <oem#.inf>     ==> /delete-driver <oem#.inf> [/force]
  -e                     ==> /enum-drivers

Examples:

  pnputil /add-driver x:\driver.inf       <- Add driver package
  pnputil /add-driver c:\oem\*.inf        <- Add multiple driver packages
  pnputil /add-driver device.inf /install <- Add and install driver package
  pnputil /enum-drivers                   <- Enumerate OEM driver packages
  pnputil /delete-driver oem0.inf         <- Delete driver package
  pnputil /delete-driver oem1.inf /force  <- Force delete driver package
  pnputil /export-driver oem6.inf .       <- Export driver package
  pnputil /export-driver * c:\backup      <- Export all driver packages
Powercfgcontrol power settings and configure computers to default to Hibernate or Standby modes. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
POWERCFG /COMMAND [ARGUMENTS]

Description:
  Enables users to control power settings on a local system.

  For detailed command and option information, run "POWERCFG /? <COMMAND>"

Command List:
  /LIST, /L          Lists all power schemes.

  /QUERY, /Q         Displays the contents of a power scheme.

  /CHANGE, /X        Modifies a setting value in the current power scheme.

  /CHANGENAME        Modifies the name and description of a power scheme.

  /DUPLICATESCHEME   Duplicates a power scheme.

  /DELETE, /D        Deletes a power scheme.

  /DELETESETTING     Deletes a power setting.

  /SETACTIVE, /S     Makes a power scheme active on the system.

  /GETACTIVESCHEME   Retrieves the currently active power scheme.

  /SETACVALUEINDEX   Sets the value associated with a power setting
                     while the system is powered by AC power.

  /SETDCVALUEINDEX   Sets the value associated with a power setting
                     while the system is powered by DC power.

  /IMPORT            Imports all power settings from a file.

  /EXPORT            Exports a power scheme to a file.

  /ALIASES           Displays all aliases and their corresponding GUIDs.

  /GETSECURITYDESCRIPTOR
                     Gets a security descriptor associated with a specified
                     power setting, power scheme, or action.

  /SETSECURITYDESCRIPTOR
                     Sets a security descriptor associated with a
                     power setting, power scheme, or action.

  /HIBERNATE, /H     Enables and disables the hibernate feature.

  /AVAILABLESLEEPSTATES, /A
                     Reports the sleep states available on the system.

  /DEVICEQUERY       Returns a list of devices that meet specified criteria.

  /DEVICEENABLEWAKE  Enables a device to wake the system from a sleep state.

  /DEVICEDISABLEWAKE Disables a device from waking the system from a sleep
                     state.

  /LASTWAKE          Reports information about what woke the system from the
                     last sleep transition.

  /WAKETIMERS        Enumerates active wake timers.

  /REQUESTS          Enumerates application and driver Power Requests.

  /REQUESTSOVERRIDE  Sets a Power Request override for a particular Process,
                     Service, or Driver.

  /ENERGY            Analyzes the system for common energy-efficiency and
                     battery life problems.

  /BATTERYREPORT     Generates a report of battery usage.

  /SLEEPSTUDY        Generates a diagnostic system power transition report.

  /SRUMUTIL          Dumps Energy Estimation data from System Resource Usage
                     Monitor (SRUM).

  /SYSTEMSLEEPDIAGNOSTICS
                     Generates a diagnostic report of system sleep transitions.

  /SYSTEMPOWERREPORT Generates a diagnostic system power transition report.

  /POWERTHROTTLING   Control power throttling for an application.
Pwlauncheris used to enable, disable, or show the status of your Windows To Go startup options. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
pwlauncher.exe - Windows To Go startup options command-line tool.

The pwlauncher.exe command-line tool is used to query or change your Windows To
Go startup options.

pwlauncher [/enable | /disable]

    <<no parameter>>    Display the current state.

    /enable             Enable the startup option.

    /disable            Disable the startup option.
Qappsrvdisplays a list of all Remote Desktop Session Host (RD Session Host) servers on the network. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Displays the available Remote Desktop Session Host servers on the network.

QUERY TERMSERVER [servername] [/DOMAIN:domain] [/ADDRESS] [/CONTINUE]

  servername      Identifies a Remote Desktop Session Host server.
  /DOMAIN:domain  Displays information for the specified domain (defaults
                  to the current domain).
  /ADDRESS        Displays network and node addresses.
  /CONTINUE       Does not pause after each screen of information.
Qprocessdisplays information about processes that are running on a Remote Desktop Session Host (RD Session Host) server. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Displays information about processes.

QUERY PROCESS [* | processid | username | sessionname | /ID:nn | programname]
  [/SERVER:servername]

  *                  Display all visible processes.
  processid          Display process specified by processid.
  username           Display all processes belonging to username.
  sessionname        Display all processes running at sessionname.
  /ID:nn             Display all processes running at session nn.
  programname        Display all processes associated with programname.
  /SERVER:servername The Remote Desktop Session Host server to be queried.
Quserdisplays information about user sessions on a Remote Desktop Session Host (RD Session Host) server. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Display information about users logged on to the system.

QUERY USER [username | sessionname | sessionid] [/SERVER:servername]

  username            Identifies the username.
  sessionname         Identifies the session named sessionname.
  sessionid           Identifies the session with ID sessionid.
  /SERVER:servername  The server to be queried (default is current).
Qwinstadisplays information about sessions on a Remote Desktop Session Host (RD Session Host) server. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Display information about Remote Desktop Services sessions.

QUERY SESSION [sessionname | username | sessionid]
              [/SERVER:servername] [/MODE] [/FLOW] [/CONNECT] [/COUNTER] [/VM]

  sessionname         Identifies the session named sessionname.
  username            Identifies the session with user username.
  sessionid           Identifies the session with ID sessionid.
  /SERVER:servername  The server to be queried (default is current).
  /MODE               Display current line settings.
  /FLOW               Display current flow control settings.
  /CONNECT            Display current connect settings.
  /COUNTER            Display current Remote Desktop Services counters information.
  /VM                 Display information about sessions within virtual machines.
Rasautouis used to manage Remote Access Dialer AutoDial addresses. (tested on w10x64)last updated 2018/1/17 RDremoves a directory. (tested on w10x64)last updated 2018/1/14
 
last updated 2018/1/14
Removes (deletes) a directory.

RMDIR [/S] [/Q] [drive:]path
RD [/S] [/Q] [drive:]path

    /S      Removes all directories and files in the specified directory
            in addition to the directory itself.  Used to remove a directory
            tree.

    /Q      Quiet mode, do not ask if ok to remove a directory tree with /S
Rdpsignenables you to digitally sign a Remote Desktop Protocol (.rdp) file. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
NAME

rdpsign [options] [items to sign]

OPTIONS

  /sha256 HASH
       Specified the SHA256 hash of the signing certificate.
  /q
       Quiet mode:  No output when success, minimal output when failed.
  /v
       Verbose mode:  Display all warnings, messages, and status.
  /l
       Test signing and output results without actually replacing any of the inputs.  Ignores when input files are on stdin.


All rdp file(s) have been succesfully signed.
Reagentcconfigures the Windows Recovery Environment (Windows RE) and enables image recovery solutions. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Configures the Windows Recovery Environment (Windows RE) and system reset.

REAGENTC.EXE <command> <arguments>

The following commands can be specified:

  /info             - Displays Windows RE and system reset configuration
                      information.
  /setreimage       - Sets the location of the custom Windows RE image.
  /enable           - Enables Windows RE.
  /disable          - Disables Windows RE.
  /boottore         - Configures the system to start Windows RE next time the
                      system starts up.
  /setbootshelllink - Adds an entry to the Reset and Restore page in the boot
                      menu.

For more information about these commands and their arguments, type
REAGENTC.EXE <command> /?.

  Examples:
    REAGENTC.EXE /setreimage /?
    REAGENTC.EXE /disable /?

REAGENTC.EXE: Operation Successful.
Reginimodifies the registry from the command line or a script, and applies changes that were preset in one or more text files. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
usage: REGINI [-m \\machinename | -h hivefile hiveroot]
              [-i n] [-o outputWidth]
              [-b] textFiles...

where: -m specifies a remote Windows NT machine whose registry is to be manipulated.
       -h specifies a specify local hive to manipulate.
       -i n specifies the display indentation multiple.  Default is 4
       -o outputWidth specifies how wide the output is to be.  By default the
          outputWidth is set to the width of the console window if standard
          output has not been redirected to a file.  In the latter case, an
          outputWidth of 240 is used.

       -b specifies that REGINI should be backward compatible with older
           versions of REGINI that did not strictly enforce line continuations
           and quoted strings Specifically, REG_BINARY, REG_RESOURCE_LIST and
           REG_RESOURCE_REQUIREMENTS_LIST data types did not need line
           continuations after the first number that gave the size of the data.
           It just kept looking on following lines until it found enough data
           values to equal the data length or hit invalid input.  Quoted
           strings were only allowed in REG_MULTI_SZ.  They could not be
           specified around key or value names, or around values for REG_SZ or
           REG_EXPAND_SZ  Finally, the old REGINI did not support the semicolon
           as an end of line comment character.

       textFiles is one or more ANSI or Unicode text files with registry data.

       Some general rules are:
           Semicolon character is an end-of-line comment character, provided it
           is the first non-blank character on a line

           Backslash character is a line continuation character.  All
           characters from the backslash up to but not including the first
           non-blank character of the next line are ignored.  If there is more
           than one space before the line continuation character, it is
           replaced by a single space.

           Indentation is used to indicate the tree structure of registry keys
           The REGDMP program uses indentation in multiples of 4.  You may use
           hard tab characters for indentation, but embedded hard tab
           characters are converted to a single space regardless of their
           position

           Values should come before child keys, as they are associated with
           the previous key at or above the value's indentation level.

           For key names, leading and trailing space characters are ignored and
           not included in the key name, unless the key name is surrounded by
           quotes.  Imbedded spaces are part of a key name.

           Key names can be followed by an Access Control List (ACL) which is a
           series of decimal numbers, separated by spaces, bracketed by a
           square brackets (e.g.  [8 4 17]).  The valid numbers and their
           meanings are:

              1  - Administrators Full Access
              2  - Administrators Read Access
              3  - Administrators Read and Write Access
              4  - Administrators Read, Write and Delete Access
              5  - Creator Full Access
              6  - Creator Read and Write Access
              7  - World Full Access
              8  - World Read Access
              9  - World Read and Write Access
              10 - World Read, Write and Delete Access
              11 - Power Users Full Access
              12 - Power Users Read and Write Access
              13 - Power Users Read, Write and Delete Access
              14 - System Operators Full Access
              15 - System Operators Read and Write Access
              16 - System Operators Read, Write and Delete Access
              17 - System Full Access
              18 - System Read and Write Access
              19 - System Read Access
              20 - Administrators Read, Write and Execute Access
              21 - Interactive User Full Access
              22 - Interactive User Read and Write Access
              23 - Interactive User Read, Write and Delete Access

           If there is an equal sign on the same line as a left square bracket
           then the equal sign takes precedence, and the line is treated as a
           registry value.  If the text between the square brackets is the
           string DELETE with no spaces, then REGINI will delete the key and
           any values and keys under it.

           For registry values, the syntax is:

              value Name = type data

           Leading spaces, spaces on either side of the equal sign and spaces
           between the type keyword and data are ignored, unless the value name
           is surrounded by quotes.  If the text to the right of the equal sign
           is the string DELETE, then REGINI will delete the value.

           The value name may be left off or be specified by an at-sign
           character which is the same thing, namely the empty value name.  So
           the following two lines are identical:

              = type data
              @ = type data

           This syntax means that you can't create a value with leading or
           trailing spaces, an equal sign or an at-sign in the value name,
           unless you put the name in quotes.

           Valid value types and format of data that follows are:

              REG_SZ text
              REG_EXPAND_SZ text
              REG_MULTI_SZ "string1" "str""ing2" ...
              REG_DATE mm/dd/yyyy HH:MM DayOfWeek
              REG_DWORD numberDWORD
              REG_BINARY numberOfBytes numberDWORD(s)...
              REG_NONE (same format as REG_BINARY)
              REG_RESOURCE_LIST (same format as REG_BINARY)
              REG_RESOURCE_REQUIREMENTS (same format as REG_BINARY)
              REG_RESOURCE_REQUIREMENTS_LIST (same format as REG_BINARY)
              REG_FULL_RESOURCE_DESCRIPTOR (same format as REG_BINARY)
              REG_QWORD numberQWORD
              REG_MULTISZ_FILE fileName
              REG_BINARYFILE fileName

           If no value type is specified, default is REG_SZ

           For REG_SZ and REG_EXPAND_SZ, if you want leading or trailing spaces
           in the value text, surround the text with quotes.  The value text
           can contain any number of imbedded quotes, and REGINI will ignore
           them, as it only looks at the first and last character for quote
           characters.

           For REG_MULTI_SZ, each component string is surrounded by quotes.  If
           you want an imbedded quote character, then double quote it, as in
           string2 above.

           For REG_BINARY, the value data consists of one or more numbers The
           default base for numbers is decimal.  Hexidecimal may be specified
           by using 0x prefix.  The first number is the number of data bytes,
           excluding the first number.  After the first number must come enough
           numbers to fill the value.  Each number represents one DWORD or 4
           bytes.  So if the first number was 0x5 you would need two more
           numbers after that to fill the 5 bytes.  The high order 3 bytes
           of the second DWORD would be ignored.

       Whenever specifying a registry path, either on the command line
       or in an input file, the following prefix strings can be used:

            HKEY_LOCAL_MACHINE
            HKEY_USERS
            HKEY_CURRENT_USER
            USER:

          Each of these strings can stand alone as the key name or be followed
          a backslash and a subkey path.
Repair-bdeis used to repair or decrypt a damaged drive that's been encrypted using BitLocker. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
BitLocker Drive Encryption: Repair Tool version 10.0.16299
Copyright (C) 2013 Microsoft Corporation. All rights reserved.

Usage:

repair-bde[.exe] InputVolume
                  { OutputVolumeOrImage }
                  { {-RecoveryPassword|-rp} NumericalPassword |
                    {-RecoveryKey|-rk} PathToExternalKeyFile |
                    {-Password|-pw} }
                  [{-KeyPackage|-kp} PathToKeyPackage]
                  [{-LogFile|-lf} PathToLogFile]
                  [{-?|/?}]

Description:
  Attempts to repair or decrypt a damaged BitLocker-encrypted volume using the
  supplied recovery information. If BitLocker was in the process of encryption
  or decryption or had been suspended prior to volume failure a clear key will
  be present on the volume. Repair-bde attempts to use this clear key by
  default if another key is not specified.

  WARNING! To avoid additional data loss, you should have a spare hard drive
  available. Use this spare drive to store decrypted output or to back up the
  contents of the damaged volume.

Parameters:
  InputVolume
                The BitLocker-encrypted volume to repair.
                Example: "C:",
                         "\\?\Volume{26a21bda-a627-11d7-9931-806e6f6e6963}".

  OutputVolumeOrImage
                The volume to store decrypted contents, or the file
                location to create an image file of the contents.
                Examples: "D:", "D:\imagefile.img".

                WARNING! All information on this output volume will be
                overwritten.

  -rk  or -RecoveryKey
                Provide an external key to unlock the volume.
                Example: "F:\RecoveryKey.bek".

  -rp  or -RecoveryPassword
                Provide a numerical password to unlock the volume.
                Example: "111111-222222-333333-...".

  -pw  or -Password
                Provide a password to unlock the volume.

  -kp  or -KeyPackage
                Optional. Provide a key package to unlock the volume.
                Example: "F:\ExportedKeyPackage"

            If this option is blank, the tool will look for the key package
            automatically. This option is needed only if required by the tool.

  -lf  or -LogFile
                Optional. Provide a path to a file that will store progress
                information. Example: "F:\log.txt".

  -f   or -Force
                Optional. When used, forces a volume to be dismounted even if
                it cannot be locked. This option is needed only if required by
                the tool.

  -?   or /?
                Shows this screen.

Examples:
  repair-bde C: D: -rk F:\RecoveryKey.bek -Force
  repair-bde C: D: -rp 111111-222222-[...] -lf F:\log.txt
  repair-bde C: D: -kp F:\KeyPackage -rp 111111-222222-[...]
  repair-bde C: D:\imagefile.img -kp F:\KeyPackage -rk F:\RecoveryKey.bek
  repair-bde C: D: -pw
ROBOCOPYadvanced utility to copy files and directory trees (tested on w10x64)last updated 2018/1/14
 
last updated 2018/1/14
-------------------------------------------------------------------------------
   ROBOCOPY     ::     Robust File Copy for Windows
-------------------------------------------------------------------------------

  Started : Monday, January 15, 2018 3:48:07 AM
              Usage :: ROBOCOPY source destination [file [file]...] [options]

             source :: Source Directory (drive:\path or \\server\share\path).
        destination :: Destination Dir  (drive:\path or \\server\share\path).
               file :: File(s) to copy  (names/wildcards: default is "*.*").

::
:: Copy options :
::
                 /S :: copy Subdirectories, but not empty ones.
                 /E :: copy subdirectories, including Empty ones.
             /LEV:n :: only copy the top n LEVels of the source directory tree.

                 /Z :: copy files in restartable mode.
                 /B :: copy files in Backup mode.
                /ZB :: use restartable mode; if access denied use Backup mode.
                 /J :: copy using unbuffered I/O (recommended for large files).
            /EFSRAW :: copy all encrypted files in EFS RAW mode.

  /COPY:copyflag[s] :: what to COPY for files (default is /COPY:DAT).
                       (copyflags : D=Data, A=Attributes, T=Timestamps).
                       (S=Security=NTFS ACLs, O=Owner info, U=aUditing info).


               /SEC :: copy files with SECurity (equivalent to /COPY:DATS).
           /COPYALL :: COPY ALL file info (equivalent to /COPY:DATSOU).
            /NOCOPY :: COPY NO file info (useful with /PURGE).
            /SECFIX :: FIX file SECurity on all files, even skipped files.
            /TIMFIX :: FIX file TIMes on all files, even skipped files.

             /PURGE :: delete dest files/dirs that no longer exist in source.
               /MIR :: MIRror a directory tree (equivalent to /E plus /PURGE).

               /MOV :: MOVe files (delete from source after copying).
              /MOVE :: MOVE files AND dirs (delete from source after copying).

     /A+:[RASHCNET] :: add the given Attributes to copied files.
     /A-:[RASHCNET] :: remove the given Attributes from copied files.

            /CREATE :: CREATE directory tree and zero-length files only.
               /FAT :: create destination files using 8.3 FAT file names only.
               /256 :: turn off very long path (> 256 characters) support.

             /MON:n :: MONitor source; run again when more than n changes seen.
             /MOT:m :: MOnitor source; run again in m minutes Time, if changed.

      /RH:hhmm-hhmm :: Run Hours - times when new copies may be started.
                /PF :: check run hours on a Per File (not per pass) basis.

             /IPG:n :: Inter-Packet Gap (ms), to free bandwidth on slow lines.

                /SL :: copy symbolic links versus the target.

            /MT[:n] :: Do multi-threaded copies with n threads (default 8).
                       n must be at least 1 and not greater than 128.
                       This option is incompatible with the /IPG and /EFSRAW options.
                       Redirect output using /LOG option for better performance.

 /DCOPY:copyflag[s] :: what to COPY for directories (default is /DCOPY:DA).
                       (copyflags : D=Data, A=Attributes, T=Timestamps).

           /NODCOPY :: COPY NO directory info (by default /DCOPY:DA is done).

         /NOOFFLOAD :: copy files without using the Windows Copy Offload mechanism.

::
:: File Selection Options :
::
                 /A :: copy only files with the Archive attribute set.
                 /M :: copy only files with the Archive attribute and reset it.
    /IA:[RASHCNETO] :: Include only files with any of the given Attributes set.
    /XA:[RASHCNETO] :: eXclude files with any of the given Attributes set.

 /XF file [file]... :: eXclude Files matching given names/paths/wildcards.
 /XD dirs [dirs]... :: eXclude Directories matching given names/paths.

                /XC :: eXclude Changed files.
                /XN :: eXclude Newer files.
                /XO :: eXclude Older files.
                /XX :: eXclude eXtra files and directories.
                /XL :: eXclude Lonely files and directories.
                /IS :: Include Same files.
                /IT :: Include Tweaked files.

             /MAX:n :: MAXimum file size - exclude files bigger than n bytes.
             /MIN:n :: MINimum file size - exclude files smaller than n bytes.

          /MAXAGE:n :: MAXimum file AGE - exclude files older than n days/date.
          /MINAGE:n :: MINimum file AGE - exclude files newer than n days/date.
          /MAXLAD:n :: MAXimum Last Access Date - exclude files unused since n.
          /MINLAD:n :: MINimum Last Access Date - exclude files used since n.
                       (If n < 1900 then n = n days, else n = YYYYMMDD date).

                /XJ :: eXclude Junction points. (normally included by default).

               /FFT :: assume FAT File Times (2-second granularity).
               /DST :: compensate for one-hour DST time differences.

               /XJD :: eXclude Junction points for Directories.
               /XJF :: eXclude Junction points for Files.

::
:: Retry Options :
::
               /R:n :: number of Retries on failed copies: default 1 million.
               /W:n :: Wait time between retries: default is 30 seconds.

               /REG :: Save /R:n and /W:n in the Registry as default settings.

               /TBD :: wait for sharenames To Be Defined (retry error 67).

::
:: Logging Options :
::
                 /L :: List only - don't copy, timestamp or delete any files.
                 /X :: report all eXtra files, not just those selected.
                 /V :: produce Verbose output, showing skipped files.
                /TS :: include source file Time Stamps in the output.
                /FP :: include Full Pathname of files in the output.
             /BYTES :: Print sizes as bytes.

                /NS :: No Size - don't log file sizes.
                /NC :: No Class - don't log file classes.
               /NFL :: No File List - don't log file names.
               /NDL :: No Directory List - don't log directory names.

                /NP :: No Progress - don't display percentage copied.
               /ETA :: show Estimated Time of Arrival of copied files.

          /LOG:file :: output status to LOG file (overwrite existing log).
         /LOG+:file :: output status to LOG file (append to existing log).

       /UNILOG:file :: output status to LOG file as UNICODE (overwrite existing log).
      /UNILOG+:file :: output status to LOG file as UNICODE (append to existing log).

               /TEE :: output to console window, as well as the log file.

               /NJH :: No Job Header.
               /NJS :: No Job Summary.

           /UNICODE :: output status as UNICODE.

::
:: Job Options :
::
       /JOB:jobname :: take parameters from the named JOB file.
      /SAVE:jobname :: SAVE parameters to the named job file
              /QUIT :: QUIT after processing command line (to view parameters).
              /NOSD :: NO Source Directory is specified.
              /NODD :: NO Destination Directory is specified.
                /IF :: Include the following Files.

::
:: Remarks :
::
       Using /PURGE or /MIR on the root directory of the volume will
       cause robocopy to apply the requested operation on files inside
       the System Volume Information directory as well. If this is not
       intended then the /XD switch may be used to instruct robocopy
       to skip that directory.
Rpcpingconfirms the RPC connectivity between the computer running Microsoft Exchange Server and any of the supported Microsoft Exchange Client workstations on the network. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Usage:
rpcping [-t <protseq>] [-s <server_addr>] [-e <endpoint>
        |-f <interface UUID>[,MajorVer]] [-O <Interface Object UUID]
        [-i <#_iterations>] [-u <security_package_id>] [-a <authn_level>]       
        [-N <server_princ_name>] [-I <auth_identity>] [-C <capabilities>]
        [-T <identity_tracking>] [-M <impersonation_type>]
        [-S <server_sid>] [-P <proxy_auth_identity>] [-F <RPCHTTP_flags>]
        [-H <RPC/HTTP_authn_schemes>] [-o <binding_options>]
        [-B <server_certificate_subject>] [-b] [-E] [-q] [-c]
        [-A <http_proxy_auth_identity>] [-U <HTTP_proxy_authn_schemes>]
        [-r <report_results_interval>] [-v <verbose_level>]

Pings a server using RPC. Options are:

-t <protseq> - protocol sequence to use. Can be one of the standard
    RPC protocol sequences - ncacn_ip_tcp, ncacn_np, ncacn_http, etc.
    If not specified, default is ncacn_ip_tcp.

-s <server_addr> - the server address. If not specified, the local
    machine will be pinged. E.g. server, server.com, 157.59.244.141

-e <endpoint> - the endpoint to ping. If none is specified, the endpoint
    mapper on the target machine will be pinged. This option is mutually
    exclusive with the interface (-f) option.

-o <binding_options> - the binding options for the RPC ping. See the
    MSDN for more details (RpcStringBindingCompose and RPC over HTTP).

-f <interface UUID>[,MajorVer] - the interface to ping. This option is
    mutually exclusive with the endpoint option. The interface is specified
    as a UUID. If the MajorVer is not specified, version 1 of the interface
    will be sought. When interface is specified, rpcping will query the
    endpoint mapper on the target machine to retrieve the endpoint for the
    specified interface. The endpoint mapper will be queried using the
    options specified in the command line.

-O <Object UUID> - Object Uuid if the interface registerd one.

-i <#_iterations> - number of calls to make. The default is 1. This
    option is useful for measuring connection latency if multiple
    iterations are specified.

-u <security_package_id> - the security package (security provider) RPC
    will use to make the call. The security package is identified as a
    number or a name. If a number is used it is the same number as in the
    RpcBindingSetAuthInfoEx API. The table below gives the names and
    numbers. Names are not case sensitive:
        Negotiate - 9 or one of nego, snego or negotiate
        NTLM - 10 or NTLM
        SChannel - 14 or SChannel
        Kerberos - 16 or Kerberos
        Kernel - 20 or Kernel
    If you specify this option you must specify authentication level other
    than none. There is no default for this option. If it is not specified,
    RPC will not use security for the ping.

-a <authn_level> - the authentication level to use. Possible values are
    connect, call, pkt, integrity and privacy. If this option is
    specified, the security package id (-u) must also be specified. There
    is no default for this option. If this option is not specified, RPC
    will not use security for the ping.

-N <server_princ_name> - specifies a server principal name. Same semantics
    as the ServerPrincName argument to RpcBindingSetAuthInfoEx. See the
    MSDN for more information on RpcBidningSetAuthInfoEx. This field can be
    used only when authentication level and security package are selected.

-I <auth_identity> - allows you to specify alternative identity to connect
    to the server. The identity is in the form user,domain,password where
    the three fields have the obvious meaning. If the user name, domain or
    password have special characters that can be interpreted by the shell
    be sure to enclose the identity in double quotes. You can specify *
    instead of the password and RPC will prompt you to enter the password
    without echoing it on the screen. If this field is not specified, the
    identity of the logged on user will be used. This field can be used
    only when authentication level and security package are selected.

-C <capabilities> - a hex bitmask of flags. It has the same meaning as
    the Capabilities field in the RPC_SECURITY_QOS structure described
    in the MSDN. This field can be used only when authentication level and
    security package are selected.

-T <identity_tracking> - can be static or dynamic. If not specified,
    dynamic is the default. This field can be used only when authentication
    level and security package are selected.

-M <impersonation_type> - can be anonymous, identify, impersonate or
    delegate. Default is impersonate. This field can be used only when
    authentication level and security package are selected.

-S <server_sid> - the expected SID of the server. For more information
    see the Sid field in the RPC_SECURITY_QOS structure in the MSDN. Using      
    this option requires Windows .NET Server 2003 or higher. This field can
    be used only when authentication level and security package are
    selected.

-Z <effectiveonly> - the EffectiveOnly setting to use.  For more information
    see the EffectiveOnly field in the RPC_SECURITY_QOS structure in MSDN.
    Using this option requires Windows Vista or higher. This field can be
    used only when authentication level and security package are selected.

-D <serversecuritydescriptor> - the security descriptor (in string format)
    of the server when using mutual authentication.  For more information
    see the ServerSecurityDescriptor field in the RPC_SECURITY_QOS structure
    in MSDN. Using this option requires Windows 8 or higher. This field can
    be used only when authentication level and security package are
    selected.

-P <proxy_auth_identity> - specifies the identity to authenticate with to
    the RPC/HTTP proxy. Has the same format as for the -I option.
    Also, you must specify security package (-u), authentication level
    (-a), and authentication schemes (-H) in order to use this option.

-F <RPCHTTP_flags> - the flags to pass for RPC/HTTP front end
    authentication. The flags may be specified as numbers or names
    The currently recognized flags are:
        Use SSL - 1 or ssl or use_ssl
        Use first auth scheme - 2 or first or use_first
    See the Flags field in RPC_HTTP_TRANSPORT_CREDENTIALS for more
    information. Also, you must specify security package (-u) and
    authentication level (-a) in order to use this option.

-H <RPC/HTTP_authn_schemes> - the authentication schemes to use for
    RPC/HTTP front end authentication. This option is a list of numerical
    values or names separated by comma. E.g. Basic,NTLM. Recognized values
    are (names are not case sensitive:
        Basic - 1 or Basic
        NTLM - 2 or NTLM
        Certificate - 65536 or Cert
    Also, you must specify security package (-u) and authentication level
    (-a) in order to use this option.

-B <server_certificate_subject> - the server certificate subject. For
    more information, see the ServerCertificateSubject field in the
    RPC_HTTP_TRANSPORT_CREDENTIALS structure in the MSDN. You must use
    SSL for this option to work. Also, you must specify security package
    (-u) and authentication level (-a) in order to use this option.

-b - retrieves the server certificate subject from the certificate sent
    by the server and prints it to a screen or a log file. Valid only when
    the Proxy Echo only option (-E) and the use SSL options are specified.
    Also, you must specify security package (-u) and authentication level
    (-a) in order to use this option.

-R - specifies the HTTP proxy. if it's 'none', we will not use HTTP proxy but
    directly attempt the RPC proxy. the value 'default' means to use the IE
    settings in your client machine. any other value will be treated as the
    explicit HTTP proxy. if you don't specify this flag, the default value
    is assumed, that is, the IE settings are checked. this flag is valid
    only when the -E (Echo Only) flag is enabled.

-E - restricts the ping to the RPC/HTTP proxy only. The ping does not
    reach the server. Useful when trying to establish whether the RPC/HTTP
    proxy is reachable. Also, you must specify security package (-u) and
    authentication level (-a) in order to use this option. To specify an
    HTTP proxy, use the -R flag. If an HTTP proxy is specified in the -o
    flag, this option will be ignored.

-q - quiet mode. Does not issue any prompts except for passwords. Assumes
    'Y' response to all queries. Use this option with care.

-c - use smart card certificate. RPCPing will prompt user to choose
    smart card.

-A <http_proxy_auth_identity> - specifies the identity to authenticate
    with to the HTTP proxy. Has the same format as for the -I option.
    Also, you must specify authentication schemes (-U), security package
    (-u) and authentication level (-a) in order to use this option.

-U <HTTP_proxy_authn_schemes> - the authentication schemes to use for
    HTTP proxy authentication. This option is a list of numerical
    values or names separated by comma. E.g. Basic,NTLM. Recognized values
    are (names are not case sensitive:
        Basic - 1 or Basic
        NTLM - 2 or NTLM
    You must specify security package (-u) and authentication level (-a)
    in order to use this option.

-r <report_results_interval> - if multiple iterations are specified, this
    option will make rpcping display current execution statistics
    periodically instead after the last call. The report interval is given
    in seconds. Default is 15.

-v <verbose_level> - tells rpcping how verbose to make the output. Default
    value is 1. 2 and 3 provide more output from rpcping.

Example: Find out if your Exchange server that you connect through
RPC/HTTP is accessible:
    rpcping -t ncacn_http -s exchange_server -o RpcProxy=front_end_proxy
        -P "username,domain,*" -H Basic -u NTLM -a connect -F 3
When prompted for the password, enter it. exchange_server is the name of
your exchange server, front_end_proxy is the name of your proxy, username
and domain are your user name and domain as you would enter them in the
Outlook prompt. The other parameters will ask rpcping to ping your
Exchange server in exactly the same way as Outlook will connect to it for
the typical profile.

-p - Prompt for credentials if authentication fails.
Rwinstaenables you to reset (delete) a session on a Remote Desktop Session Host (RD Session Host) server. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Reset the session subsytem hardware and software to known initial values.

RESET SESSION {sessionname | sessionid} [/SERVER:servername] [/V]

  sessionname         Identifies the session with name sessionname.
  sessionid           Identifies the session with ID sessionid.
  /SERVER:servername  The server containing the session (default is current).
  /V                  Display additional information.
Sdbinstis used to deploy customized SDB database files. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Usage: Sdbinst [-?] [-q] [-u] [-g] [-p] [-n[:WIN32|WIN64]] myfile.sdb | {guid} | "name"

    -? - print this help text.
    -p - Allow SDBs containing patches.
    -q - Quiet mode: prompts are auto-accepted.
    -u - Uninstall.
    -g {guid} - GUID of file (uninstall only).
    -n "name" - Internal name of file (uninstall only).
Setspnreads, modifies, and deletes the Service Principal Names (SPN) directory property for an Active Directory service account. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Usage: Setspn [modifiers switch] [accountname]
  Where "accountname" can be the name or domain\name
  of the target computer or user account

  Edit Mode Switches:
   -R = reset HOST ServicePrincipalName
    Usage:   setspn -R accountname
   -S = add arbitrary SPN after verifying no duplicates exist
    Usage:   setspn -S SPN accountname
   -D = delete arbitrary SPN
    Usage:   setspn -D SPN accountname
   -L = list SPNs registered to target account
    Usage:   setspn [-L] accountname

  Edit Mode Modifiers:
   -C = specify that accountname is a computer account
   -U = specify that accountname is a user account

    Note: -C and -U are exclusive.  If neither is specified, the tool
     will interpret accountname as a computer name if such a computer
     exists, and a user name if it does not.

  Query Mode Switches:
   -Q = query for existence of SPN
    Usage:   setspn -Q SPN
   -X = search for duplicate SPNs
    Usage:   setspn -X

    Note: searching for duplicates, especially forestwide, can take
     a long period of time and a large amount of memory.  -Q will execute
     on each target domain/forest.  -X will return duplicates that exist
     across all targets. SPNs are not required to be unique across forests,
     but duplicates can cause authentication issues when authenticating
     cross-forest.

  Query Mode Modifiers:
   -P = suppresses progress to the console and can be used when redirecting
    output to a file or when used in an unattended script.  There will be no
    output until the command is complete.
   -F = perform queries at the forest, rather than domain level
   -T = perform query on the speicified domain or forest (when -F is also used)
    Usage:   setspn -T domain (switches and other parameters)
     "" or * can be used to indicate the current domain or forest.

    Note: these modifiers can be used with the -S switch in order to specify
     where the check for duplicates should be performed before adding the SPN.
    Note: -T can be specified multiple times.

Examples:
setspn -R daserver1
   It will register SPN "HOST/daserver1" and "HOST/{DNS of daserver1}"
setspn -S http/daserver daserver1
   It will register SPN "http/daserver" for computer "daserver1"
    if no such SPN exists in the domain
setspn -D http/daserver daserver1
   It will delete SPN "http/daserver" for computer "daserver1"
setspn -F -S http/daserver daserver1
   It will register SPN "http/daserver" for computer "daserver1"
    if no such SPN exists in the forest
setspn -U -S http/daserver dauser
   It will register SPN "http/daserver" for user account "dauser"
    if no such SPN exists in the domain
setspn -T * -T bar -X
   It will report all duplicate registration of SPNs in this domain and bar
setspn -T bar -F -Q */daserver
   It will find all SPNs of the form */daserver registered in the forest to
    which bar belongs
Setxis used to create or change environment variables in the user environment or the system environment. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
SetX has three ways of working:

Syntax 1:
    SETX [/S system [/U [domain\]user [/P [password]]]] var value [/M]

Syntax 2:
    SETX [/S system [/U [domain\]user [/P [password]]]] var /K regpath [/M]

Syntax 3:
    SETX [/S system [/U [domain\]user [/P [password]]]]
         /F file {var {/A x,y | /R x,y string}[/M] | /X} [/D delimiters]

Description:
    Creates or modifies environment variables in the user or system
    environment. Can set variables based on arguments, regkeys or
    file input.

Parameter List:
    /S     system          Specifies the remote system to connect to.

    /U     [domain\]user   Specifies the user context under which
                           the command should execute.

    /P     [password]      Specifies the password for the given
                           user context. Prompts for input if omitted.

    var                    Specifies the environment variable to set.

    value                  Specifies a value to be assigned to the
                           environment variable.

    /K     regpath         Specifies that the variable is set based
                           on information from a registry key.
                           Path should be specified in the format of
                           hive\key\...\value. For example,
                           HKEY_LOCAL_MACHINE\System\CurrentControlSet\
                           Control\TimeZoneInformation\StandardName.

    /F     file            Specifies the filename of the text file
                           to use.

    /A     x,y             Specifies absolute file coordinates
                           (line X, item Y) as parameters to search
                           within the file.

    /R     x,y string      Specifies relative file coordinates with
                           respect to "string" as the search parameters.

    /M                     Specifies that the variable should be set in
                           the system wide (HKEY_LOCAL_MACHINE)
                           environment. The default is to set the
                           variable under the HKEY_CURRENT_USER
                           environment.

    /X                     Displays file contents with x,y coordinates.

    /D     delimiters      Specifies additional delimiters such as ","
                           or "\". The built-in delimiters are space,
                           tab, carriage return, and linefeed. Any
                           ASCII character can be used as an additional
                           delimiter. The maximum number of delimiters,
                           including the built-in delimiters, is 15.

    /?                     Displays this help message.

NOTE: 1) SETX writes variables to the master environment in the registry.

      2) On a local system, variables created or modified by this tool
         will be available in future command windows but not in the
         current CMD.exe command window.

      3) On a remote system, variables created or modified by this tool
         will be available at the next logon session.

      4) The valid Registry Key data types are REG_DWORD, REG_EXPAND_SZ,
         REG_SZ, REG_MULTI_SZ.

      5) Supported hives:  HKEY_LOCAL_MACHINE (HKLM),
         HKEY_CURRENT_USER (HKCU).

      6) Delimiters are case sensitive.

      7) REG_DWORD values are extracted from the registry in decimal
         format.

Examples:
    SETX MACHINE COMPAQ
    SETX MACHINE "COMPAQ COMPUTER" /M
    SETX MYPATH "%PATH%"
    SETX MYPATH ~PATH~
    SETX /S system /U user /P password  MACHINE COMPAQ
    SETX /S system /U user /P password MYPATH ^%PATH^%
    SETX TZONE /K HKEY_LOCAL_MACHINE\System\CurrentControlSet\
         Control\TimeZoneInformation\StandardName
    SETX BUILD /K "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
         NT\CurrentVersion\CurrentBuildNumber" /M
    SETX /S system /U user /P password TZONE /K HKEY_LOCAL_MACHINE\
         System\CurrentControlSet\Control\TimeZoneInformation\
         StandardName
    SETX /S system /U user /P password  BUILD /K
         "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\
         CurrentVersion\CurrentBuildNumber" /M
    SETX /F ipconfig.out /X
    SETX IPADDR /F ipconfig.out /A 5,11
    SETX OCTET1 /F ipconfig.out /A 5,3 /D "#$*."
    SETX IPGATEWAY /F ipconfig.out /R 0,7 Gateway
    SETX /S system /U user /P password  /F c:\ipconfig.out /X
Sxstracediagnoses side-by-side problems. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
WinSxs Tracing Utility.
Usage: SxsTrace [Options]
Options:
   Trace -logfile:FileName [-nostop]
       Enabling tracing for sxs.
       Tracing log is saved to FileName.
       If -nostop is specified, will not prompt to stop tracing.
   Parse -logfile:FileName -outfile:ParsedFile  [-filter:AppName]
       Translate the raw trace file into a human readable format and save the result to ParsedFile.
       Use -filter option to filter the output.
   Stoptrace
       Stop the trace if it is not stopped before.
Example:  SxsTrace Trace -logfile:SxsTrace.etl
          SxsTrace Parse -logfile:SxsTrace.etl -outfile:SxsTrace.txt
Timeoutpauses the command processor for the specified number of seconds. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
TIMEOUT [/T] timeout [/NOBREAK]

Description:
    This utility accepts a timeout parameter to wait for the specified
    time period (in seconds) or until any key is pressed. It also
    accepts a parameter to ignore the key press.

Parameter List:
    /T        timeout       Specifies the number of seconds to wait.
                            Valid range is -1 to 99999 seconds.

    /NOBREAK                Ignore key presses and wait specified time.

    /?                      Displays this help message.

NOTE: A timeout value of -1 means to wait indefinitely for a key press.

Examples:
    TIMEOUT /?
    TIMEOUT /T 10
    TIMEOUT /T 300 /NOBREAK
    TIMEOUT /T -1
Tpmvscmgrallows users with Administrative credentials to create and delete TPM virtual smart cards on a computer. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
TpmVscMgr.exe

 Commands:
        create
                [/quiet]
                /name <name>
                /adminkey 'PROMPT'|'DEFAULT'|'RANDOM'
                [/puk 'PROMPT'|'DEFAULT']
                /pin 'PROMPT'|'DEFAULT'
                [/generate]
                [/machine <machine name>]
                [/pinpolicy [policy options]]
                    policy options:
                        minlen <minimum PIN length>
                        maxlen <maximum PIN length>
                        uppercase 'ALLOWED'|'DISALLOWED'|'REQUIRED'
                        lowercase 'ALLOWED'|'DISALLOWED'|'REQUIRED'
                        digits 'ALLOWED'|'DISALLOWED'|'REQUIRED'
                        specialchars 'ALLOWED'|'DISALLOWED'|'REQUIRED'
                [/attestation 'AIK_AND_CERT'|'AIK_ONLY']

        destroy
                [/quiet]
                /instance <device instance ID>
                [/machine <machine name>]

 Legend:
                'PROMPT' => prompt for parameter
                'DEFAULT' => default value for parameter
                'RANDOM' => generate a random value
                'ALLOWED' => these characters are allowed
                'DISALLOWED' => these characters are not
                    allowed
                'REQUIRED' => at least one such character
                    is required
                'AIK_AND_CERT' => Creates an AIK and obtains
                    an AIK certificate from the cloud CA
                'AIK_ONLY' => Creates an AIK but
                    does not obtain an AIK certificate

 Note:
                The generate command formats the TPM
                virtual smart card so that it can be used
                to enroll for certificates. If this option
                is not specified, a card management
                system/tool will need to be used to format
                the card before first use.

 Note:
                /pinpolicy may only be used in conjunction
                with /pin prompt.

 Note:
                The default PIN policy options are as
                follows:
                    minlen 8
                    maxlen 127
                    uppercase allowed
                    lowercase allowed
                    digits allowed
                    specialchars allowed

                The lower and upper bounds on PIN length
                are 4 and 127, respectively. When using
                /pinpolicy, PIN characters must be
                printable ASCII characters.

 Note:
                If '/attestation AIK_AND_CERT' is specified, it
                is possible that VSC creation will fail if
                there is no network connectivity.
 Examples:
    Create a TPM virtual smart card with default value for
    PIN and a random admin key with no attestation:

        TpmVscMgr create /name MyVSC /pin default /adminkey random /generate

    Create a TPM virtual smart card with default value for
    admin key and a specified PIN policy and attestation method:

        TpmVscMgr create /name MyVSC /pin prompt /pinpolicy minlen 4 maxlen 8
            /adminkey default /attestation AIK_AND_CERT /generate

    Destroy a TPM virtual smart card using the instance ID
    that was returned when the card was created:

        TpmVscMgr destroy /instance root\smartcardreader\0000
Tzutildisplays the Windows Time Zone Utility. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Windows Time Zone Utility

Usage:
TZUTIL </? | /g | /s TimeZoneID[_dstoff] | /l>

Parameters:
    /? Displays usage information.

    /g Displays the current time zone ID.

    /s TimeZoneID[_dstoff]
       Sets the current time zone using the specified time zone ID.
       The _dstoff suffix disables Daylight Saving Time adjustments
       for the time zone (where applicable).

    /l Lists all valid time zone IDs and display names. The output will
       be:
           <display name>
           <time zone ID>

Examples:
    TZUTIL /g
    TZUTIL /s "Pacific Standard Time"
    TZUTIL /s "Pacific Standard Time_dstoff"

Remarks:
    An exit code of 0 indicates the command completed successfully.
Vaultcmdcreates, displays and deletes stored credentials. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Creates, displays and deletes stored credentials.
Following commands are supported.Use VaultCmd /<command> /? for further help
VaultCmd /list
VaultCmd /listschema
VaultCmd /listcreds
VaultCmd /addcreds
VaultCmd /deletecreds
VaultCmd /listproperties
VaultCmd /sync
Waitforsends or waits for a signal on a system. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
WaitFor has two ways of working:

Syntax 1: to send a signal
    WAITFOR [/S system [/U user [/P [password]]]] /SI signal

Syntax 2: to wait for a signal
    WAITFOR [/T timeout] signal

Description:
    This tool sends, or waits for, a signal on a system. When /S is not
    specified, the signal will be broadcasted to all the systems in a
    domain. If /S is specified, then the signal will be sent only
    to the specified system.

Parameter List:
    /S     system         Specifies remote system to send signal to.

    /U     [domain\]user  Specifies the user context under which
                          the command should execute.

    /P     [password]     Specifies the password for the given user context.

    /SI                   Sends the signal across the net to waiting machines

    /T     timeout        Number of seconds to wait for signal. Valid range
                          is 1 - 99999. Default is to wait forever for signal.

    signal                The name of the signal to wait for or to send.

    /?                    Displays this help message.

    NOTE: A system can wait for multiple unique signal names.
    The signal name cannot exceed 225 characters and cannot
    contain characters other than a-z, A-Z, 0-9 and ASCII
    characters in the range 128-255.

Examples:
    WAITFOR /?
    WAITFOR SetupReady
    WAITFOR CopyDone /T 100
    WAITFOR /SI SetupReady
    WAITFOR /S system  /U user /P password /SI CopyDone
Wbadminenables you to back up and restore your operating system, volumes, files, folders, and applications from a command prompt. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
wbadmin 1.0 - Backup command-line tool
(C) Copyright 2013 Microsoft Corporation. All rights reserved.

---- Commands Supported ----

ENABLE BACKUP             -- Creates or modifies a daily backup schedule.
DISABLE BACKUP            -- Disables the scheduled backups.
START BACKUP              -- Runs a one-time backup.
STOP JOB                  -- Stops the currently running backup or recovery
                              operation.
GET VERSIONS              -- Lists details of backups that can be recovered
                              from a specified location.
GET ITEMS                 -- Lists items contained in a backup.
GET STATUS                -- Reports the status of the currently running
                              operation.
DELETE BACKUP             -- Deletes one or more backups.
Wecutilenables you to create and manage subscriptions to events that are forwarded from remote computers, which support WS-Management protocol. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Windows Event Collector Utility

Enables you to create and manage subscriptions to events forwarded from remote
event sources that support WS-Management protocol.

Usage:

You can use either the short (i.e. es, /f) or long (i.e. enum-subscription, /format)
version of the command and option names. Commands, options and option values are
case-insensitive.

(ALL UPPER-CASE = VARIABLE)

wecutil COMMAND [ARGUMENT [ARGUMENT] ...] [/OPTION:VALUE [/OPTION:VALUE] ...]

Commands:

es (enum-subscription)               List existent subscriptions.
gs (get-subscription)                Get subscription configuration.
gr (get-subscriptionruntimestatus)   Get subscription runtime status.
ss (set-subscription)                Set subscription configuration.
cs (create-subscription)             Create new subscription.
ds (delete-subscription)             Delete subscription.
rs (retry-subscription)              Retry subscription.
qc (quick-config)                    Configure Windows Event Collector service.

Common options:

/h|? (help)
Get general help for the wecutil program.

wecutil { -help | -h | -? }

For arguments and options, see usage of specific commands:

wecutil COMMAND -?
Wevtutilenables you to retrieve information about event logs and publishers. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Windows Events Command Line Utility.

Enables you to retrieve information about event logs and publishers, install
and uninstall event manifests, run queries, and export, archive, and clear logs.

Usage:

You can use either the short (for example, ep /uni) or long (for example,
enum-publishers /unicode) version of the command and option names. Commands,
options and option values are not case-sensitive.

Variables are noted in all upper-case.

wevtutil COMMAND [ARGUMENT [ARGUMENT] ...] [/OPTION:VALUE [/OPTION:VALUE] ...]

Commands:

el | enum-logs          List log names.
gl | get-log            Get log configuration information.
sl | set-log            Modify configuration of a log.
ep | enum-publishers    List event publishers.
gp | get-publisher      Get publisher configuration information.
im | install-manifest   Install event publishers and logs from manifest.
um | uninstall-manifest Uninstall event publishers and logs from manifest.
qe | query-events       Query events from a log or log file.
gli | get-log-info      Get log status information.
epl | export-log        Export a log.
al | archive-log        Archive an exported log.
cl | clear-log          Clear a log.

Common options:

/{r | remote}:VALUE
If specified, run the command on a remote computer. VALUE is the remote computer
name. Options /im and /um do not support remote operations.

/{u | username}:VALUE
Specify a different user to log on to the remote computer. VALUE is a user name
in the form domain\user or user. Only applicable when option /r is specified.

/{p | password}:VALUE
Password for the specified user. If not specified, or if VALUE is "*", the user 
will be prompted to enter a password. Only applicable when the /u option is
specified.

/{a | authentication}:[Default|Negotiate|Kerberos|NTLM]
Authentication type for connecting to remote computer. The default is Negotiate.

/{uni | unicode}:[true|false]
Display output in Unicode. If true, then output is in Unicode.

To learn more about a specific command, type the following:

wevtutil COMMAND /?
Wheredisplays the location of files that match the given search pattern. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
WHERE [/R dir] [/Q] [/F] [/T] pattern...

Description:
    Displays the location of files that match the search pattern.
    By default, the search is done along the current directory and
    in the paths specified by the PATH environment variable.

Parameter List:
    /R       Recursively searches and displays the files that match the
             given pattern starting from the specified directory.

    /Q       Returns only the exit code, without displaying the list
             of matched files. (Quiet mode)

    /F       Displays the matched filename in double quotes.

    /T       Displays the file size, last modified date and time for all
             matched files.

    pattern  Specifies the search pattern for the files to match.
             Wildcards * and ? can be used in the pattern. The
             "$env:pattern" and "path:pattern" formats can also be
             specified, where "env" is an environment variable and
             the search is done in the specified paths of the "env"
             environment variable. These formats should not be used
             with /R. The search is also done by appending the
             extensions of the PATHEXT variable to the pattern.

     /?      Displays this help message.

  NOTE: The tool returns an error level of 0 if the search is
        successful, of 1 if the search is unsuccessful and
        of 2 for failures or errors.

Examples:
    WHERE /?
    WHERE myfilename1 myfile????.*
    WHERE $windir:*.*
    WHERE /R c:\windows *.exe *.dll *.bat
    WHERE /Q ??.???
    WHERE "c:\windows;c:\windows\system32:*.dll"
    WHERE /F /T *.dll
Whoamidisplays user, group and privileges information for the user who is currently logged on to the local system. I (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
WhoAmI has three ways of working:

Syntax 1:
    WHOAMI [/UPN | /FQDN | /LOGONID]

Syntax 2:
    WHOAMI { [/USER] [/GROUPS] [/CLAIMS] [/PRIV] } [/FO format] [/NH]

Syntax 3:
    WHOAMI /ALL [/FO format] [/NH]

Description:
    This utility can be used to get user name and group information
    along with the respective security identifiers (SID), claims,
    privileges, logon identifier (logon ID) for the current user
    on the local system. I.e. who is the current logged on user?
    If no switch is specified, tool displays the user name in NTLM
    format (domain\username).

Parameter List:
    /UPN                    Displays the user name in User Principal
                            Name (UPN) format.

    /FQDN                   Displays the user name in Fully Qualified
                            Distinguished Name (FQDN) format.

    /USER                   Displays information on the current user
                            along with the security identifier (SID).

    /GROUPS                 Displays group membership for current user,
                            type of account, security identifiers (SID)
                            and attributes.

    /CLAIMS                 Displays claims for current user,
                            including claim name, flags, type and values.

    /PRIV                   Displays security privileges of the current
                            user.

    /LOGONID                Displays the logon ID of the current user.

    /ALL                    Displays the current user name, groups
                            belonged to along with the security
                            identifiers (SID), claims and privileges for
                            the current user access token.

    /FO       format        Specifies the output format to be displayed.
                            Valid values are TABLE, LIST, CSV.
                            Column headings are not displayed with CSV
                            format. Default format is TABLE.

    /NH                     Specifies that the column header should not
                            be displayed in the output. This is
                            valid only for TABLE and CSV formats.

    /?                      Displays this help message.

Examples:
    WHOAMI
    WHOAMI /UPN
    WHOAMI /FQDN
    WHOAMI /LOGONID
    WHOAMI /USER
    WHOAMI /USER /FO LIST
    WHOAMI /USER /FO CSV
    WHOAMI /GROUPS
    WHOAMI /GROUPS /FO CSV /NH
    WHOAMI /CLAIMS
    WHOAMI /CLAIMS /FO LIST
    WHOAMI /PRIV
    WHOAMI /PRIV /FO TABLE
    WHOAMI /USER /GROUPS
    WHOAMI /USER /GROUPS /CLAIMS /PRIV
    WHOAMI /ALL
    WHOAMI /ALL /FO LIST
    WHOAMI /ALL /FO CSV /NH
    WHOAMI /?
Winmgmtstarts the command line version of WMI, a scripting tool in Windows. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Windows Management Instrumentation

Usage:  winmgmt [/backup <filename>] [/restore <filename> <flag>]
                [/resyncperf] [/standalonehost [<level>]] [/sharedhost]
                [/verifyrepository [<path>]] [/salvagerepository]
                [/resetrepository]

/backup <filename>
        Causes WMI to back up the repository to the specified file name. The
        filename argument should contain the full path to the file location.
        This process requires a write lock on the repository so that write
        operations to the repository are suspended until the backup process is
        completed.

/restore <filename> <flag>
        Manually restores the WMI repository from the specified backup file.
        The filename argument should contain the full path to the backup file
        location. To perform the restore operation, WMI saves the existing
        repository to write back if the operation fails. Then the repository is
        restored from the backup file that is specified in the filename
        argument. If exclusive access to the repository cannot be achieved,
        existing clients are disconnected from WMI. The flag argument must be a
        1 (force - disconnect users and restore) or 0 (default - restore if no
        users connected) and specifies the restore mode.

/resyncperf
        Registers the system performance libraries with WMI.

/standalonehost [<level>]
        Moves the Winmgmt service to a standalone Svchost process that has a
        fixed DCOM endpoint. The default endpoint is "ncacn_ip_tcp.0.24158".
        However, the endpoint may be changed by running Dcomcnfg.exe. The level
        argument is the authentication level for the Svchost process. If level
        is not specified, the default is 4 (RPC_C_AUTHN_LEVEL_PKT).

/sharedhost
        Moves the Winmgmt service into the shared Svchost process.

/verifyrepository [<path>]
        Performs a consistency check on the WMI repository. When you add the
        /verifyrepository switch without the <path> argument, then the live
        repository currently used by WMI is verified. When you specify the path
        argument, you can verify any saved copy of the repository. In this
        case, the path argument should contain the full path to the saved
        repository copy. The saved repository should be a copy of the entire
        repository folder.

/salvagerepository
        Performs a consistency check on the WMI repository, and if an
        inconsistency is detected, rebuilds the repository.  The content of the
        inconsistent repository is merged into the rebuilt repository, if it
        can be read. The salvage operation always works with the repository
        that the WMI service is currently using. MOF files that contain the
        #pragma autorecover preprocessor statement are restored to the
        repository.

/resetrepository
        The repository is reset to the initial state when the operating system
        is first installed. MOF files that contain the #pragma autorecover
        preprocessor statement are restored to the repository.
Winrmis used to start the command line version of Windows Remote Management, used to manage secure communications with local and remote computers using web services. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Windows Remote Management Command Line Tool

Windows Remote Management (WinRM) is the Microsoft implementation of
the WS-Management protocol which provides a secure way to communicate
with local and remote computers using web services.

Usage:
  winrm OPERATION RESOURCE_URI [-SWITCH:VALUE [-SWITCH:VALUE] ...]
        [@{KEY=VALUE[;KEY=VALUE]...}]

For help on a specific operation:
  winrm g[et] -?        Retrieving management information.
  winrm s[et] -?        Modifying management information.
  winrm c[reate] -?     Creating new instances of management resources.
  winrm d[elete] -?     Remove an instance of a management resource.
  winrm e[numerate] -?  List all instances of a management resource.
  winrm i[nvoke] -?     Executes a method on a management resource.
  winrm id[entify] -?   Determines if a WS-Management implementation is
                        running on the remote machine.
  winrm quickconfig -?  Configures this machine to accept WS-Management
                        requests from other machines.
  winrm configSDDL -?   Modify an existing security descriptor for a URI.
  winrm helpmsg -?      Displays error message for the error code.

For help on related topics:
  winrm help uris       How to construct resource URIs.
  winrm help aliases    Abbreviations for URIs.
  winrm help config     Configuring WinRM client and service settings.
  winrm help certmapping Configuring client certificate access.
  winrm help remoting   How to access remote machines.
  winrm help auth       Providing credentials for remote access.
  winrm help input      Providing input to create, set, and invoke.
  winrm help switches   Other switches such as formatting, options, etc.
  winrm help proxy      Providing proxy information.
Winrsallows you to manage and execute programs remotely. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
USAGE
=====
(ALL UPPER-CASE = value that must be supplied by user.)

winrs [-/SWITCH[:VALUE]] COMMAND

COMMAND - Any string that can be executed as a command in the cmd.exe shell.

SWITCHES
========
(All switches accept both short form or long form. For example both -r and
-remote are valid.)

-r[emote]:ENDPOINT      - The target endpoint using a NetBIOS name or the standard connection URL: [TRANSPORT://]TARGET[:PORT]. If not specified
-r:localhost is used.

-un[encrypted]          - Specify that the messages to the remote shell will not be encrypted. This is useful for troubleshooting, or when the network traffic is already encrypted using ipsec, or when physical security is enforced. By default the messages are encrypted using Kerberos or NTLM keys. This switch is ignored when HTTPS transport is selected.

-u[sername]:USERNAME    - Specify username on command line. If not specified the tool will use Negotiate authentication or prompt for the name.
If -username is specified, -password must be as well.

-p[assword]:PASSWORD    - Specify password on command line. If -password is not specified but -username is the tool will prompt for the password. If -password is specified, -user must be specified as well.

-t[imeout]:SECONDS      - This option is deprecated.

-d[irectory]:PATH       - Specifies starting directory for remote shell. If not specified the remote shell will start in the user's home directory defined by the environment variable %USERPROFILE%.

-env[ironment]:STRING=VALUE   - Specifies a single environment variable to be set when shell starts, which allows changing default environment for shell. Multiple occurrences of this switch must be used to specify multiple environment variables.

-noe[cho]               - Specifies that echo should be disabled. This may be necessary to ensure that user's answers to remote prompts are not displayed locally. By default echo is "on".

-nop[rofile]            - Specifies that the user's profile should not be loaded. By default the server will attempt to load the user profile. If the remote user is not a local administrator on the target system then this option will be required (the default will result in error).

-a[llow]d[elegate]      - Specifies that the user's credentials can be used to access a remote share, for example, found on a different machine than the target endpoint.

-comp[ression]          - Turn on compression.  Older installations on remote machines may not support compression so it is off by default.

-[use]ssl               - Use an SSL connection when using a remote endpoint.  Specifying this instead of the transport "https:" will use the default WinRM default port.

-?                      - Help

To terminate the remote command the user can type Ctrl-C or Ctrl-Break, which will be sent to the remote shell. The second Ctrl-C will force termination of winrs.exe.

To manage active remote shells or WinRS configuration, use the WinRM tool.  The URI alias to manage active shells is shell/cmd.  The URI alias for WinRS configuration is winrm/config/winrs.  Example usage can be found in the WinRM tool by typing "WinRM -?".

Examples:
winrs -r:https://myserver.com command
winrs -r:myserver.com -usessl command
winrs -r:myserver command
winrs -r:http://www.output.to command
winrs -r:http://169.51.2.101:80 -unencrypted command
winrs -r:https://[::FFFF:129.144.52.38] command
winrs -r:http://[1080:0:0:0:8:800:200C:417A]:80 command
winrs -r:https://myserver.com -t:600 -u:administrator -p:$%fgh7 ipconfig
winrs -r:myserver -env:PATH=^%PATH^%;c:\tools -env:TEMP=d:\temp config.cmd
winrs -r:myserver netdom join myserver /domain:testdomain /userd:johns /passwordd:$%fgh789
winrs -r:myserver -ad -u:administrator -p:$%fgh7 dir \\anotherserver\share
Winsatassesses various features, capabilities, and attributes of a computer running Windows Vista®. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Windows System Assessment Tool


COMMAND LINE USAGE :
    WINSAT <assessment_name> [switches]

It's necessary to supply an assessment name.  In contrast, switches are optional.
Valid assessment names already seen in Vista include:

    formal              run the full set of assessments

    dwm         Run the Desktop Windows Manager assessment
            - Re-assess the systems graphics capabilities and
              restart the Desktop Window Manager.

    cpu         Run the CPU assessment.
    mem         Run the system memory assessment.
    d3d         Run the d3d assessment
                (Note that the d3d assessment no longer runs the workload.
                For backward compatibility, pre-determined scores and metrics are reported.)
    disk                Run the storage assessment
    media               Run the media assessment
    mfmedia             Run the Media Foundation based assessment
    features    Run just the features assessment
            - Enumerates the system's features.
            - It's best used with the -xml <filename> switch
            to save the data.
            - The 'eef'switch can be used to enumerate extra
            features such as optical disks,     memory modules,
            and other items.

PRE-POPULATION:
The new command-line  options for pre-populating WinSAT assessment results are :

    Winsat prepop [-datastore <directory>] [ -graphics | -cpu | -mem | -disk | -dwm ]


This generates WinSAT xml files whose filenames contain "prepop".  For example :
    0008-09-26 14.48.28.542 Cpu.Assessment (Prepop).WinSAT.xml

The filename pattern is :
    %IdentifierDerivedFromDate% %Component%.Assessment(Prepop).WinSAT.xml

The datastore directory option specifies an alternative target location for generated xml files.
If no location is specified, everything is pre-populated to
    %WINDIR%\performance\winsat\datastore.

To generate a full set of result xml files, use "winsat prepop".

It is also possible to pre-populate results for a subsystem, such as CPU,
subject to the following dependencies:

    The CPU assessment has a secondary dependency on the Memory assessment
    The Memory assessment has a secondary dependency on the CPU assessment
    The Graphics assessment has a secondary dependency on both CPU and Memory assessments
    The DWM assessment can run standalone
    The Disk assessment can run standalone

If the assessment for a secondary dependency is not present, WinSAT will run the
secondary assessment along with the requested primary assessment.

For example,  "winsat prepop -cpu"  will run both the CPU and the Memory test,
if the xml file for the Memory test is not present.



OTHER NEW Win7 ASSESSMENT OPTIONS :

    dwmformal   Run Desktop Windows Manager assessment to generate the WinSAT Graphics score
    cpuformal   Run CPU assessment to generate the WinSAT Processor score
    memformal   Run Memory assessment to generate the WinSAT Memory (RAM) score
    graphicsformal      Run Graphics assessment to generate the WinSAT Gaming Graphics score
    diskformal  Run Disk assessment to generate the WinSAT Primary Hard Disk score

All formal assessments will save the data (xml files) in
        %WINDIR%\performance\winsat\datastore.

If a system has been prepopulated (using files generated by the "winsat prepop" option),
it is not necessary to run formal assessments.


SUB-ASSESSMENTS:
While investigating results, it may be convenient to look at individual assessments.
Options for running Gaming Graphics sub-assessments include:

    Winsat graphicsformal3d
    Winsat graphicsformalmedia

    DX9 Variations:
        Winsat d3d -dx9
        winsat d3d -batch
        winsat d3d -alpha
        winsat d3d -tex
        winsat d3d -alu

    DWM/DX10 variations:
        Winsat d3d -dx10
        winsat d3d -dx10 -alpha
        winsat d3d -dx10 -tex
        winsat d3d -dx10 -alu
        winsat d3d -dx10 -batch
        winsat d3d -dx10 -geomf4
        winsat d3d -dx10 -geomf27
        winsat d3d -dx10 -geomv8
        winsat d3d -dx10 -gemov32
        winsat d3d -dx10 -cbuffer



OPTIONS FOR FORMAL ASSESSMENTS FOR SUBSEQUENT RUNS ON THE SAME MACHINE:

The default behavior for "WinSAT formal" when a complete set of winsat formal files is present
and a second "winsat formal" run is requested is to
    1) Run incrementally if component change implies that an assessment needs to be re-run,
        e.g. if a video card were updated
    2) If no component updates were detected, re-run all assessments.

    The restart option enables behavior other than the default.  The syntax is :
        Winsat formal -restart [clean|never]

        Winsat formal -restart          Reruns all assessments.
        Winsat formal -restart never    Attempts to run incrementally.
        Winsat formal -restart clean    Reruns all assessments and provides the same functionality as "forgethistory".
        Winsat forgethistory            Choosing to forgethistory will rate a machine as if for the first time.


OTHER COMMAND LINE OPTIONS :
    -v                  Enables verbose output
    -xml                        Saves the XML output to 'filename'

    <command> -log <fn> Generates a log file associated with the specified command, such as disk
                The -log switch can be used with any WinSAT command.

    viewlog -i <filename>       Dumps the results of a log file .
    viewevents          Used to view relevant winsat events in the event log.
                (This launches the event log)
    query                       Can be used to query the current datastore.
winverdisplays the 'About Windows' window. (tested on w10x64)last updated 2018/1/18 writeopens the GUI of 'wordpad' application. (tested on w10x64)last updated 2018/1/18 Wsmanhttpconfigis used to manage aspects of the Windows Remote Management (WinRM) service. (tested on w10x64)last updated 2018/1/17 Xwizardis used to register data in Windows, often from a preconfigured XML file. (tested on w10x64)last updated 2018/1/17
 
last updated 2018/1/17
Usage:
	xwizard ProcessXMLFile [/u] [/m] <filename>
	xwizard RunWizard [/u] [/t<?>] [/f<?>] [/p<GUID>] <GUID> [/z[<?>]]
	xwizard RunPropertySheet [/u] [/c<?>] [/f<?>] [/p<GUID>] <GUID> [/z[<?>]]
	where:
	 /c = context flags
	 /f = user defined flags
	 /m = additionally generate Vista setup manifest file section 
		(create resulting file in current directory as <filename>.man)
	 /p = parent host GUID identifier ({<GUID>})
	 /t = optional wizard type (wizard97, aero, dui, moderndui)
	 /u = unattended (log errors instead of showing them)
	 /z = user command line (should always be last, rest of line)
	 filename = XML file name
	 GUID = Wizard component GUID identifier ({<GUID>})
example:
	xwizard ProcessXMLFile myconfig.xml
	xwizard ProcessXMLFile /m myconfig.xml
	xwizard RunWizard {7071ECA0-663B-4bc1-A1FA-B97F3B917C55}
	xwizard RunWizard /taero /c1 /f3 {7071ECA0-663B-4bc1-A1FA-B97F3B917C55}	
	 /z/myoption1/ /myoption2
	xwizard RunPropertySheet {7071ECA0-663B-4bc1-A1FA-B97F3B917C55}
	xwizard RunPropertySheet /c1 /f3 {7071ECA0-663B-4bc1-A1FA-B97F3B917C55}	
	 /z/myoption1/ /myoption2

©sideway

ID: 180100036 Last Updated: 2018/1/31 Revision:

IMAGE

Home (5)

Business

Management

HBR (3)

Information

Recreation

Hobbies (7)

Culture

Chinese (1097)

English (336)

Reference (66)

Computer

Hardware (149)

Software

Application (187)

Digitization (24)

Numeric (19)

Programming

Web (602)new

CSS (SC)

ASP.NET (SC)new

HTML

Knowledge Base

Common Color (SC)

Html Entity (Unicode) (SC)

Html 401 Special (SC)

OS (373)new

MS Windows

Windows10 (SC)

.NET Framework (SC)new

DeskTop (6)

Knowledge

Mathematics

Formulas (8)

Number Theory (206)

Algebra (20)

Trigonometry (18)

Geometry (18)

Calculus (67)

Complex Analysis (21)

Engineering

Tables (8)

Mechanical

Mechanics (1)

Rigid Bodies

Statics (92)

Dynamics (37)

Fluid (5)

Fluid Kinematics (5)

Control

Process Control (1)

Acoustics (19)

FiniteElement (2)

Biology (1)

Geography (1)

Latest Updated Links

Copyright © 2000-2019 Sideway . All rights reserved Disclaimers last modified on 10 Feb 2019