基本命令

    2、查看所有域

    2. Domain
    4. -----------------------------------------------------------------------------
    5. CENTOSO
    6. The command completed successfully.

    3、从计算机名获取ipv4地址

    1. C:\Documents and Settings\Administrator\Desktop>ping -n 1 DC1 -4
    3. Pinging DC1.centoso.com [192.168.206.100] with 32 bytes of data:
    5. Reply from 192.168.206.100: bytes=32 time<1ms TTL=128
    7. Ping statistics for 192.168.206.100:
    8.     Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),
    9. Approximate round trip times in milli-seconds:
    10.     Minimum = 0ms, Maximum = 0ms, Average = 0ms

    Ps:如果计算机名很多的时候,可以利用bat批量ping获取ip

    1. @echo off
    2. setlocal ENABLEDELAYEDEXPANSION
    3. @FOR /F "usebackq eol=- skip=1 delims=\" %%j IN (`net view ^| find "命令成功完成" /v ^|find "The command completed successfully." /v`) DO (
    4. @FOR /F "usebackq delims=" %%i IN (`@ping -n 1 -4 %%j ^| findstr "Pinging"`) DO (
    5. @FOR /F "usebackq tokens=2 delims=[]" %%k IN (`echo %%i`) DO (echo %%k  %%j)
    6. )
    7. )

    4、查看域中的用户名

    1. dsquery user
    2. 或者:
    3. C:\Users\lemon\Desktop>net user /domain
    6. -------------------------------------------------------------------------------
    7. Administrator            Guest                    krbtgt
    8. lemon                    pentest
    9. The command completed successfully.

    5、查询域组名称

    1. C:\Users\lemon\Desktop>net group /domain
    3. Group Accounts for \\DC1
    5. ----------------------------------------------
    6. *DnsUpdateProxy
    7. *Domain Admins
    8. *Domain Computers
    9. *Domain Controllers
    10. *Domain Guests
    11. *Domain Users
    12. *Enterprise Admins
    13. *Enterprise Read-only Domain Controllers
    14. *Group Policy Creator Owners
    15. *Read-only Domain Controllers
    16. *Schema Admins
    17. The command completed successfully.

    6、查询域管理员

    1. C:\Users\lemon\Desktop>net group "Domain Admins" /domain
    2. Group name     Domain Admins
    3. Comment        Designated administrators of the domain
    6. -----------------------------------------------------------
    7. Administrator

    7、添加域管理员账号

    1. C:\Documents and Settings\Administrator\Desktop>net config Workstation
    2. Computer name                        \\DM_WIN03
    3. Full Computer name                   DM_win03.centoso.com
    4. User name                            Administrator
    6. Workstation active on
    7.         NetbiosSmb (000000000000)
    8.         NetBT_Tcpip_{6B2553C1-C741-4EE3-AFBF-CE3BA1C9DDF7} (000C2985F6E4)
    10. Software version                     Microsoft Windows Server 2003
    12. Workstation domain                   CENTOSO
    13. Workstation Domain DNS Name          centoso.com
    14. Logon domain                         DM_WIN03
    16. COM Open Timeout (sec)               0
    17. COM Send Count (byte)                16
    18. COM Send Timeout (msec)              250

    9、查看域控制器(多域控制器的时候,而且只能用在域控制器上)

    1. net group "Domain controllers"

    10、查询所有计算机名称

    1. dsquery computer
    2. 下面这条查询的时候,域控不会列出
    3. net group "Domain Computers" /domain

    11、net命令

    12、跟踪路由