RELEASE NOTES ============= NT Command Line Tools v 1.0 CONTENT 1. Description of all Commands 1.1 BEEP 1.2 DUMPEVT 1.3 KILL 1.4 PIDLIST 1.5 PRIORITY 1.6 WAIT 1.7 SHUTDOWN 2. Known Bugs and Limitations 2.1 Bugs 2.1.1 DUMPEVT 2.2 Limitations 2.2.1 General Limitations 2.2.2 PRIORITY 1. Description of all Commands ============================== 1.1 BEEP ======== BEEP is handy little tool that can be used for logon scripts. It generates a simple tone of a cetain frequecy and duration. The syntax is BEEP where specifies the frequency in Hertz with a range from 37 to 32767 Hertz and specifies in seconds how long the tone should last. The value for duartion has a range from 0 to 86400 seconds. Example BEEP 2000 1 generates a tone of 2000 Hertz that lasts 1 second. 1.2 DUMPEVT =========== DUMPEVT can be used to manage the NT event log from a command line. With DUMPEVT you can do such things as dump the content of the NT event logs to the screen or a text file, archive the event logs in their native format and clear the log files on a regular basis. Thus you can archive your event logs on a regular basis without having to do it manually. DUMPEVT permits you to schedule Event Log archiving and deletion of old data. You don't loose precious information any more that you might need for troubleshooting a system. The syntax is DUMPEVT /D | /C DUMPEVT /A where /D dumps the event log indicated by , /C clears event log indicated by , /A archives event log indicated by to file , is A for Application , S for System or Y for Security. Example DUMPEVT /C A clears the Application log file. 1.3 KILL ======== KILL terminates a process and all of its threads. CAUTION: This command should be used with extreme caution as it might compromise the state of global data maintained by dynamic-link libraries (DLLs). The syntax of KILL is KILL where is the process identifier of a process. You can either use the NT Task Manager to dtermine the PID of a process or the tool PIDLIST described later in this chapter. Example KILL 261 terminates process with PID 261. 1.4 PIDLIST =========== PIDLIST shows a list of active processes. This command doesn't have any parameters. Example PIDLIST might return a list similar to the following: 0 System Idle Process 2 System.exe 25 smss.exe 33 csrss.exe 39 winlogon.exe 47 services.exe 50 lsass.exe 74 spoolss.exe 82 awhost32.exe 92 llssrv.exe 75 tcpsvcs.exe 95 mgasc.exe 107 mgactrl.exe 109 RpcSs.exe 142 nddeagnt.exe 153 Explorer.exe 53 SysTray.exe 154 MGAQDESK.exe 145 MGAHOOK.exe 90 loadwc.exe 157 OSA.exe 159 FINDFAST.exe 163 popmenu.exe 173 OUTLOOK.exe 183 MAPISP32.exe 216 SQLSERVR.exe 256 ddhelp.exe 228 taskmgr.exe 161 ntvdm.exe 270 iexplore.exe 276 NOTEPAD.exe 261 CMD.exe 213 pidlist.exe 1.5 PRIORITY ============ PRIORITY shows or modifies the priority class of a process. Each process can be a member of one out of four priority classes. These classes are: idle normal high realtime CAUTION: Changing the priority class of a process may cause undesired results including system instabilty. The Syntax is PRIORITY modifies the priority class of a process. PRIORITY shows the priority class of a process. where is the Process Identifier. = 1 | 2 | 3 | 4 and 1 = idle priority 2 = normal priority 3 = high priority 4 = realtime priority Example PRIORITY 276 might return something like: Priority normal PRIORITY 276 1 sets the priority of the process with PID 276 to idle. 1.6 WAIT ======== WAIT pauses batch execution until a specified time is over. The syntax is WAIT where is the time to wait in seconds. The range is 0 thru 86400 seconds. Example WAIT 10 pauses batch execution for 10 seconds. 1.7 SHUTDOWN ============ SHUTDOWN initiates a system shutdown on a local or remote machine and displays a warning message. Also a timeout can be specified after which the shutdown is supposed to be initiated. If there are applications running on the system they can be forced to be closed even if files are open. If desired the system can be rebooted after the shutdown. The syntax is SHUTDOWN /S /M /T /F /R where /S specifies the system to be shutdown. /M specifies a user message that pops up when the shutdown was accepted by NT. /T specifies how long the system should wait before the shutdown is initiated. /F forces all applications to be closed even if files are open. /R indicates that the system should be rebooted. In general all parameters are optional. However at least one parameter has to be supplied to prevent a system from being shutdown accidentially by just typing the command. The defaults for the parameters are: : local computer : Shutdown initiated : 10 /F not set, i.e. applications are not forced to be closed /R not set, i.e. system does not rebboot after shutdown Example SHUTDOWN /F /R shuts down the local computer, forces all applications to close and reboots the system after a succesfull shutdown. SHUTDOWN /S ntserver1 /M "This system will be down in 60 seconds" /T 60 /F /R shuts down the remote computer ntserver1, display a message (This system will be down in 60 seconds), sets the timeout to 60 seconds, forces all applications to close and reboots the system after the shutdwon. 2. Known Bugs and Limitations ============================= 2.1 Bugs ======== 2.1.1 DUMPEVT ============= There is a known bug in DUMPEVT causing problems dumping the content of an Event log to the screen or a file with non English versions of Windows NT. Due to this bug most or all of the information in the message filed remains empty or conatins . All functions other than dumping an Event log should work fine. 2.2 Limitations =============== 2.2.2 General Limitations ========================= All tools were developed for Windows NT 4.0. All of them should work also with previous and later versions of Windows NT. Some of them might run on Windows 9x as well, although this has not been tested. 2.2.2 PRIORITY ============== A known limitation of PRIORITY is that it is unable to return the priority class of process which cannot be modified. E.g. when trying to determine the priority of the System Process (PID 2) you get the following error message: Error getting priority class of process 2. Error code: 5. Access is denied.