Windows Server 2008 Server Core : Managing the Network with the Net Utility (part 5)

2.21. USE

The USE mode connects a computer to a shared resource, disconnects a computer from a shared resource, or lists the shared resources. When used by itself, this mode displays the status, local drive letter, remote UNC source, and the network type of any drives the local system uses. This mode uses the following syntax:

NET USE [devicename | *] [\\computername\sharename[\volume]
[password | *]] [/USER:[domainname\]username] [/USER:[dotted
domainname\]username] [/USER:[username@dotted domainname] [/SMARTCARD]
 [/SAVECRED] [[/DELETE] | [/PERSISTENT:{YES | NO}]]
NET USE {devicename | *} [password | *] /HOME
NET USE [/PERSISTENT:{YES | NO}]

The following list describes each of the command line arguments.

devicename

Specifies a name to connect to the resource or specifies the device that you want to connect. The two device types are disk drives (D: through Z:) and printers (LPT1: through LPT3:). (It's theoretically possible to create printer connections up to LPT9: even though Microsoft only documents connections up to LPT3:.) Type an asterisk (*) instead of a specific device name to assign the next available device name to a device.

\\computername

Specifies the name of the computer that controls the shared resource. Make sure you enclose the computer name, including the backslashes, in double quotes when the computer name has a space in it. You may use any computer name from 1 to 15 characters long.

\sharename

Specifies the sharename for the resource you want to use. This entry is the same as the name that appears in Network Neighborhood.

\volume

Specifies a NetWare volume on the server. You must have the correct software installed on your system to access the NetWare volume. In most cases, this means you'll have Client Services for NetWare or Gateway Services for NetWare installed to connect to the NetWare servers.

password

Defines the password used to access the shared resource, which isn't necessarily the same as the local password.

*Produces a prompt for the password. The system displays a dialog box that shows the password as a series of asterisks instead of using cleartext at the command line. Using this feature can help you maintain the security of passwords used on your system.

/USER

Specifies that the utility uses a different username than the current username to make the connection. The username can take a number of forms as shown by the command line syntax. In addition, you can provide alternative credentials, such as smart cards.

domainname

Defines the domain name to use for the logon. If you omit the domain name, then the utility uses the currently logged in domain. You may also use a dotted form of the domain name, which looks much like the domain names for the Internet, when working with Active Directory.

username

Specifies the username to use to log into the remote system.

/SMARTCARD

Specifies that the connection relies on the credentials stored on a smart card.

/SAVECRED

Specifies that the connection should save the username and password. The utility ignores this command line switch unless the connection requires a username and password for access.

/HOME

Connects the user to their home directory. This command line switch only works when the user account has a home directory specified.

/DELETE

Deletes the connection from the list of persistent connections. The connection becomes unusual as soon as the command completes.

/PERSISTENT:{YES | NO}

Sets the state of the persistent network connection. When set to YES, the utility saves all connections as you make them and restores them at the next logon. When set to NO, the utility doesn't save any new connections. However, the utility still restores any existing connections during the next logon even if you set this command line switch to NO. Use the /DELETE command line switch to remove any persistent connections you no longer need.

2.22. USER

The USER mode works with user accounts on the network. You can change local user accounts or specify that you want to change the user information on the domain. The utility displays a list of current users when you use the USER mode alone. The names appear in three columns and the output doesn't include any additional information. The USER mode only works on servers (machines that have the Server service running). This mode uses the following syntax:

NET USER [username [password | *] [options]] [/DOMAIN]
NET USER username {password | *} /ADD [options] [/DOMAIN]
NET USER username [/DELETE] [/DOMAIN]
NET USER username [/TIMES:{times | ALL}]

The following list describes each of the command line arguments.

username

Specifies the name of the user account that you want to add, delete, modify, or view. The user account name can contain up to 20 characters.

password

Specifies the password used to access the user account. A password must satisfy all logon requirements for the machine, including the minimum and maximum length requirements set with the Net Accounts command. A password can contain up to 14 characters.

* Produces a prompt for the password. The system displays a dialog box that shows the password as a series of asterisks instead of using cleartext at the command line. Using this feature can help you maintain the security of passwords used on your system.

/DOMAIN

Performs the requested task on the domain controller of the current domain instead of the local machine. You must have the rights required to make user account changes on the domain controller to use this command line switch.

/ADD

Adds the user account to the user accounts database.

/DELETE

Removes the user account from the user accounts database.

/TIMES:{times | ALL}

Specifies the times that the user can log into the system. The option requires specific intervals or the keyword ALL, which means that the user has no time restriction.

options

Specifies one or more specialized options that the mode uses when working with a particular user.

The options require a little more explanation. You use the options to change the way that the USER mode handles specific users. The following list describes each of the options.

/ACTIVE:{YES | NO}

Activates or deactivates the account. The user can't access the server when the account is inactive. The default setting is YES.

/COMMENT:

"text"

Provides a comment for the user's account. You can use a maximum of 48 characters to describe the user or the user's role. Always enclose the comment in quotes.

/COUNTRYCODE:

nnn

Defines a three-digit country code for the user. The country code tells applications how to implement language support for the user. In addition, the country code affects how Windows displays help and error messages. Use a value of 0 to signify the default country code.

/EXPIRES:{date | NEVER}

Defines an expiration date for the user account. The default setting of NEVER keeps the account active forever. The form of the date depends on the country code; it's usually mm/dd/yy or dd/mm/yy. You can use a number for months, abbreviate them with three letter codes, or spell them out. The year can appear as a two- or four-digit number. Always use slashes and not spaces to separate the date elements.

/FULLNAME:

"name"

Specifies the user's full name for the account. The full name is the user's given name, rather than the account name used for logging into the system. Enclose the name in quotes.

/HOMEDIR:

pathname

Defines a home directory for the user. The path must exist. You must supply an absolute path and it's always a good idea to include the drive letter.

/PASSWORDCHG:{YES | NO}

Specifies whether the user can change their own password. The default setting is YES.

/PASSWORDREQ:{YES | NO}

Specifies whether the user account must have a password associated with it. The default setting is YES. Creating a user account without a password, even on a stand-alone machine, is an invitation to invasion by a cracker. In fact, you should change your password relatively often to ensure that crackers have short-term use of your machine even if they do guess your password.

/PROFILEPATH[:

path]

Sets the path for the user's logon profile. You can learn more about user logon profiles at http://www.kellys-korner-xp.com/win_xp_logon.htm.

/SCRIPTPATH:

pathname

Defines the location of the user's logon script. The logon script controls actions the machine takes as part of setting up Windows for the user after the user logs into the system.

/TIMES:{times| ALL}

Defines the user's logon hours. A user can't log onto the system outside of these hours. You express the times as starting day, ending day, starting time, and ending time. The system limits you to using one-hour increments for the time. You can spell days out or abbreviate them. The times can appear in 12- or 24-hour format. Supplying a value of ALL as input means that the user can always log into the system. Likewise, a blank value means the user can never log into the system. Separate the day and time values using commas. Create multiple entries by separating the day and time groups with semicolons.

/USERCOMMENT:

"text"

Defines a user comment for the user account. The comment should describe the user or the user's role within the organization. Create useful comments that describe the user in such a way that it's easier to identify the user in a large organization.

/WORKSTATIONS:{computername[...] | *}

Defines up to eight computers that the user can use for login purposes. If this command line switch doesn't include a list, or the list is an asterisk (*), then the user can log in from any computer.

2.23. VIEW

The VIEW mode displays a list of shared resources on a computer. When you use this mode without any command line switches, it displays all of the machines on a network or domain. This mode uses the following syntax:

NET VIEW [\\computername [/CACHE] | /DOMAIN[:domainname]]
NET VIEW /NETWORK:NW [\\computername]

The following list describes each of the command line arguments.

\\computername

Specifies the computer whose resources you want to view. The default output includes the sharename, resource type, used as information, and comment.

/DOMAIN:

domainname

Specifies the domain for which you want to view the available computers. The utility displays the current domain or local network when you omit this command line switch.

/NETWORK:NW

Displays the list of available servers on a NetWare network. The utility displays the resources available on a particular computer when you include the computername argument.

/CACHE

Displays the offline client caching settings for the resources on the specified computer. The output includes the sharename, resource type, used as information, and the caching setting.

Sharing Folders Using the SHRPubW Utility

Your hard drive is probably loaded with a wealth of undocumented utilities. In many cases, these undocumented utilities are gold for anyone working at the command line. The SHRPubW is one of those undocumented Microsoft utilities that can make a difference in many cases. The command line interface for this utility is SHRPubW /s ComputerName, where ComputerName is the name of a computer on the network. You must always include the /s command line switch, which causes the utility to share a folder on the target computer. In all cases, this utility starts the Create a Shared Folder Wizard. Follow the prompts and you'll end up with a shared folder on your machine or any other machine you designate.

This utility has a number of interesting uses. One of the most interesting uses is sharing a folder on Windows XP Home machines. The graphical interface doesn't provide any means of performing this task. However, Windows XP Home does include this utility, so you can still share folder with this operating system.

Another interesting use for this utility is to share folders on other machines. For example, if you're a network administrator and want to share a folder on your server without walking over to it, you can start this utility with that server's name. The utility helps you set basic share security and the user sees the new share immediately.