Write batch files and schedule NET commands to help with remote administration

In his November 1997 article, "NET Commands," Michael D. Reilly introduced some of the functionality of the NET command. This month, I'll delve more deeply into commands such as NET TIME, NET USER, NET SEND, and NET COMPUTER, and show you how to write batch files to aid with remote administration.

I'll show you how to print a list of files in use on a server and who is using them, synchronize the clock on all the workstations and NT servers in your organization without leaving your desk, and set your computer clocks to National Institute of Standards and Technology (NIST) time (i.e., really accurate time). You can accomplish these tasks with built-in Windows NT functionality, using the NET commands' hidden features.

NET commands are command-line utilities that are a staple of the original LAN Manager network environment. For information about NET commands, go to the command prompt and type

net help

For information about a specific function, type

net help

Table 1 summarizes the features of this helpful utility that I'll discuss in this article. Read on to learn how to schedule these commands to enhance your options for remote systems administration.

Getting File Information
Suppose you need to produce a list of open files and the responsible users for a given server. You might instinctively think of the Server Manager program to handle this task. From Server Manager, you can click In Use under the properties of a server to see the information.

I thought this approach was useful until I managed an NT server with 700 users and 5000 open files. Fortunately, NT has an alternative solution. If you're sitting in front of the server in question, you can use the NET FILE command. The NET FILE command provides a tabular view of the same information as the Server Manager screen, but it increases your viewing options. To prevent the information for hundreds of users from scrolling off the screen, use the MORE command, as follows:

c:\>net file | more

You can redirect the output to a file so that you can save the information to disk. Or, you can print or search the information. To redirect the output, type

c:\>net file > openfiles.txt

FIGURE 1: Output from the NET FILE Command
ID Path User name #Locks
1 E:\SMS\...\00000409\_INVWN32.DLL Administrator 0
86 D:\Data\Kelly 28 cribbage hand.bmp JOEUSER 0
87 D:\Data\KELLY\_to_do.txt JOEUSER 0
88 D:\Data\KELLY\Current order.xls JOEUSER 0
89 D:\Data\...rices to Build Computers.xls JOEUSER 0
90 D:\Data\...y-five Days in September.doc JOEUSER 0
The command completed successfully.
Figure 1 shows the file this command produces. Entries in the Path column, the file directory paths, are limited to 40 characters. If you are logged on to the server in question, you'll have all the information you need. However, most NT-based LANs feature servers that share files and administrators who manage the servers remotely from NT workstations. As a result, this command is most useful if you run it from a workstation, returning information about a remote server. Server Manager gives you this capability, but NET FILE does not have a remote option. However, you can produce output about the remote server that you can access from your administrative workstation by following this procedure.
  1. Make a batch file for the desired output. The batch file must contain the NET FILE command and the path and filename for the redirected output. I recommend that you redirect the information to a shared folder on the server so that the output is easily accessible. Listing 1 is an example batch file. For this example, I've named the batch file netfiles.bat and placed it in a shared folder named C:\Utils.

  2. Schedule the batch file to run on the server. You can use the AT command to run the application on a remote NT server or workstation. You must schedule this job so that the NET FILE command runs on the remote computer instead of the one you're using. The Schedule service must be running on the remote computer. The Schedule service is not started on NT servers or workstations by default. To start the service, use Server Manager, select the desired server, and choose Computer, Services. Scroll down to the Schedule service and double-click it. Click Start to start the service. You can change the startup characteristics to Automatic so that you won't have to repeat these steps when you reboot the server. The syntax of the AT command is

    at <\\server>
    For this example, let's assume you want to check the open files at 2:00 p.m. on the server called CSMITH-001. The command (you can also use 2:00 p.m. in the syntax) is
    at \\csmith-001 14:00 c:\utils\netfiles.bat
  3. In my example, the file openfiles .txt will appear in the Utils folder at 2:00 pm. You can double-click the file from Network Neighborhood or Explorer to view it.

You might be wondering why I scheduled netfiles.bat instead of using "net file >..." for the command. Basically, the redirection symbol (>) confuses the command interpreter. If you try to schedule the command without the quotes, the command interpreter tries to redirect the response for the job submission to your local hard disk. Scheduling the batch file is a workaround for this problem.

You can also use the command

at \\csmith-001

to make sure that your job has been properly scheduled. This command will display all scheduled jobs on the server.

If your organization has many servers, you might want to send all the output from all the servers to the same place. For this task, I changed the batch file to use a Uniform Naming Convention (UNC) connection to the shared folder Utils on the 001 server as follows:

net file > "\\csmith-001\utils\open files on %computername%.txt"

Notice that I've changed the filename so that the server it came from will be part of the filename. The ComputerName (not case sensitive) variable is a default environment variable in NT. When this batch file runs, it replaces the ComputerName variable with the name of the server. You use quotes in the redirection name in this command. You need the quotes for the examples with spaces in the filenames.

You need to know a simple trick to make these utilities work as I've described. If you start the Schedule service using the default System Account option, UNC connections will not be available to you. However, if you start the Schedule service from a user account, network redirections will work. Screen 1 shows the Schedule service being started from the UtilAccount that I created and added to the Domain Admins group. Remember, if you've set the security policies for your domain so that passwords expire, you'll need to update the service and restart it when the password expires. You also have the option to override the default by selecting the Password Never Expires option on the properties for this account.

To make this concept more universal, you can schedule any server by pointing to the netfiles.bat file you've made on the 001 server. You can execute the NET FILE command from server 002 by typing

at \\csmith-002 14:00\\csmith-001\utils\netfiles.bat

The 002 server will read the batch file from the 001 server and send the output to the 001 server. The filename will contain the name of the 002 server so that you know where it came from. To easily check the result of running these utilities, you can make a shortcut on your desktop to the Utils folder of the output server.

Many NET commands are designed to run on the computer you want information about. However, you can use this scheduling example as a model to retrieve information from remote computers.

Checking Session Statistics
NET SESSION is the younger sibling of the NET FILE command, and it also works on only NT servers. NET SESSION shows which user is using files from what computer, how many files are open (in use), and how much time the user has been idle. When you specify a computer name, you're asking to view the connections between the server and the client you specify in the computer name. You can also use NET SESSION to disconnect sessions with the specified server by using the /DELETE option. If you want information about a remote server, you must schedule the job to run on the remote server. In the example in Figure 2, you see all the users (one) connected to a server, the username at that workstation, the number of open files, and how long the user has been idle.

You can also get this information from Server Manager when you choose Computer, Properties and click Users. But with NET SESSION, you can direct your output to a file for increased flexibility. Unlike NET FILE, the NET SESSION command doesn't tell you what files are open. Also, notice that the Windows 95 client shows up as Windows 4.0 in the example.

Sync Your Servers
Now let's look at a way to synchronize servers from a central location. First, you need to set one server to NIST time. Visit http://www.bldrdoc.gov/timefreq/service/nts.htm to download the Network Time Service program. The Time and Frequency Division of the Physics Laboratory of NIST operates this page. Install and run the Nistim32.exe program interactively.

Select Query Server, Now to initiate the server query. The program will return the offset for your computer from NIST time. Screen 2 shows the response; my server was almost 23 seconds off. Now you can set your server to the correct time. If you can't make an Internet connection from the server in question, you can download an Automated Computer Time Service (ACTS) program (http://www.bldrdoc.gov/timefreq/service/acts.htm) to use a direct modem connection to set the time, or you can call 303-494-4774 to hear a tone that will help you set the clock manually.

Now you need to synchronize the rest of the servers to that time. Make a NET TIME batch file, nettime.bat, with the command

net time \\csmith-001 /set /y

In this example, the time is synchronized to the 001 server from the other servers. Copy the script into the Utils folder.

Now you must schedule the job for 002 or any other servers you want to synchronize. Don't worry about what time to schedule the job, just pick a time in the future for the remote server. As in the NET FILE example, this job will execute the batch file in the Utils folder on the 001 server:

at \\csmith-002 14:00\\csmith-001\utils\nettime.bat

The time on your servers is now synchronized to the second. You now have the infrastructure to synchronize your servers from a central location.

If you have many servers in your organization, you can create a batch file to do the job submission for you. You can run my example batch file, SetServerTime.Bat, shown in Listing 2, from any server or workstation.

To run this batch file, type its name followed by a time for synchronization. Because the time is required, the first item in the batch file checks to see if you typed in the time. The DEFINED command is not documented very well and doesn't know about the parameters (i.e., the time) on the command line. So, I created a separate variable (timevar) in the batch file that the DEFINED command knows about. If you supply the time, the batch file jumps to the label SCHEDULE_UPDATE. If not, the batch file ends.

Instead of many individual lines each using the AT command, I've used the FOR...DO combination to initiate a loop through the server names listed within the parentheses. For each computer name, a job will be scheduled at the time you typed on the command line.

The batch file in Listing 2 will work for any NT computer in your organization, as long as you've started the Schedule service and placed the batch file on the system drive. (Unfortunately, you cannot use the NET START command to start the Schedule service in a batch file, because you cannot pass a server name to the command.) If you're deciding on a standard configuration for NT workstations in your organization, I recommend starting the Schedule service automatically. Because I don't use network drive connections in this example, I don't have to start the Schedule service with a certain account to use this technique. (You can use the same technique to schedule the NET FILE job I explained earlier.)

Michael D. Reilly's November article showed another way to synchronize the time between an NT workstation and a server. From the command prompt, execute the command

:\>net time \\csmith-001 /set /y

The system will return a message, such as

current time at \\csmith-001 is 8/2/97 2:00 pm

The command completed successfully.

The user logged on to this workstation must have permission to change the system time. Users in the Power Users group have permission to change the time by default. To give particular users or groups this permission, change the User Rights for the workstation using the Policies menu of the User Manager program.

The NET TIME command is easy to implement when the command is part of a logon script, and automatically executes each time a user logs on to the workstation. The logon script is an optional part of the user account information. You'll find scripts listed in User Manager, under the Profiles button accessible from user properties, as Screen 3 shows.

You can create a logon script that maps a network drive to the workstation and synchronizes the workstation time with the server called CSMITH-001 with the commands

net use k: \\csmith-001\commondata
net time \\csmith-001 /set /y

Logon scripts must exist on all the Domain controllers for the logon domain. They belong in the %SystemRoot%\System32\Repl\Import\Scripts folder, also known as the Netlogon share.

When you schedule the job, it runs (by default) as a System application. The system has the permissions to change the time, and you need to have administrative permissions on workstations to schedule the jobs. Scheduling is a better option in organizations where workstation security is a concern.

The NET USER Command
Account names are available in text form using the NET USER command. This command works on only computers running NT Server. To direct account information to a text file, type

net user /domain >"\\csmith-001\utils\userson%userdomain%.txt"

This command provides information about the domain you are logged on to. This example uses another environment variable to make the output filename more readable.

This solution is not perfect. The output you receive is not customizable, and the names are placed three to a line, instead of one on each line. However, you can then import the information into a spreadsheet and manipulate the data. Remember, this file is space delimited.

The NET GROUP Command
The NET GROUP command also provides information about the users in a group. Include the name of the group to receive information about the members. Otherwise, you'll receive only a list of the group names. (I used quotes in the example because the group name contains a space.) Type

net group "domain admins" > "\\csmith-001\utils\domain admins of %userdomain%.txt"

The NET LOCALGROUP command is similar to the NET GROUP command, but it lists users in the local groups for the domain. You can type

net localgroup "those crazy hackers" > "\\csmith-001\utils\members of the hackers group in %userdomain%.txt"

to get the list of users for the group those crazy hackers. You must run the NET GROUP and NET LOCALGROUP commands from the server, unless you've scheduled the commands on a remote server.

More Commands
Let's look at a few other useful NET commands. Of the remaining commands, NET SEND is probably the most useful. You can send a message to all computers in your domain with the command

net send /domain the csmith-001 server will be unavailable from 7:00 pm until 8:00 pm.

You can specify a particular domain with /domain: or workgroups (if a domain has not been constructed) with an asterisk, as in the following example:

net send * the csmith-001 server will be unavailable from 7:00 pm until 8:00 pm.

You can also send messages to computers or users of a certain name with commands such as

net send administrator please call me before you leave.ornet send csmith-002 please shut down and power off this station before you leave for the day.

Note that the backslashes (\\) are not required in front of the computer name. In all likelihood, only one person is using any account. Also, only one server or workstation will use a certain name. Unless you have a message to direct to one individual, this feature doesn't seem useful. If you need to direct a message to several users, the NET NAME command is helpful.

The NET NAME command lets you add a name for messaging to an NT server or workstation. If I want to add a certain name to a group of workstations that will later identify that name for certain types of NET SEND messages, I can type

net name "bean counters" /add

Fortunately, anyone can add names using the NET NAME command. You can use it interactively from a workstation, you can add it to a logon script, or you can schedule it for a remote machine.

In the example, I've used quotes because of the space in the name I chose. Once this name is added to one or more workstations, you can use the NET SEND command to send a message to a group of users. The same messaging alias can be available for administrative alerts configured using Server Manager, if appropriate. You must add names once per boot.

NET VIEW is a useful command that works with NT servers, NT workstations, and even Windows 95 computers. Because NET VIEW lets you specify a remote computer, you don't have to schedule the NET VIEW command. Enter

net view

to display all the resources shared on the remote computer, and type

net view

to display all the computers on your LAN. To display the computers in a domain, type

net view /domain:

To display domains, enter

net view /domain

Although these commands show the same information available in Network Neighborhood, you can use the redirection techniques I described previously to produce printed output from the NET VIEW commands.

NET VIEW is the only command that helps you with NetWare compatibility.

net view /network:nw

displays your NetWare servers. If you specify the computer name, the resources shared on that server are displayed.

The command

net print \\computername\sharename

displays the jobs for the print queue specified. You can get the same information by double-clicking the resource under the Printers folder in My Computer. As with the NET VIEW command, you can specify a remote computer, so you don't have to schedule the job. You can redirect the output to a file if you need a hard copy.

NET SHARE lets you share resources interactively on a computer, or you can schedule NET SHARE jobs for a remote computer. Explorer doesn't let you share folders on a remote computer. But, you can share folders from Server Manager. You can also share folders from File Manager (WinFile).

You run the NET COMPUTER command from a domain controller to add or delete workstations in a domain. This command performs the same function as selecting Computer, Add in Server Manager. Because you run NET commands from the command prompt, you can add many workstations in a batch mode with this command. You can make a batch file with a FOR...DO loop, as follows:

for %%s in (\\csmith-002 \\csmith-003 \\csmith-004) do net computer %%s /add

You'll need to run this batch job on a server or schedule it to run on a server.

You use NET CONTINUE in conjunction with NET PAUSE. NET CONTINUE lets you restart a service that has been paused. The syntax is

net continue

Because the computer name is not an option for NET START, NET STOP, NET PAUSE, or NET CONTINUE, you must schedule these commands if you need to control a remote server.

NET STATISTICS displays useful information about the Server service (data you've shared) or the Workstation service (data you've used). This command will run on workstations or servers, and you must schedule it to display information about remote computers. Using NET STATISTICS SERVER displays information such as Mean Response Time, Permission Violations, and Kilobytes Sent. NET STATISTICS WORKSTATION displays information such as Bytes Received and Hung Sessions. The second line in a NET STATISTICS output shows the time that the service was started, which is the same date and time your computer was booted.

The Power of NET Commands
The NET commands are challenging to use because their syntax differs in many cases. Some of the commands, such as NET VIEW and NET PRINT, let you specify a remote computer to view information about. But a specified computer name means something completely different in other NET commands. In NET SEND, it means the name the message is sent to. In NET TIME, it refers to the computer the time comes from. You'll need to study the syntax carefully to find the right combination.

Some NET commands, such as NET FILE, NET SESSION, and NET COMPUTER, work on only a server. If the server is remote, you can use the scheduling option. Remember that if your output is coming from or going to a UNC name, you must start the Schedule service with a valid account name. Some NET commands, such as NET STATISTICS, NET SHARE, and NET VIEW, show information about servers and other stations pretending to be servers.

I've described several powerful options of the NET command. With these features, you can access useful information about open files on your servers and users or groups, and you can synchronize times. NET commands provide many features that you thought you had to purchase other products to get.