#sysadmin
58 pages tagged sysadmin.
WSL Interoperability
Running Linux tools from Windows and vice versa, file system access, and networking between WSL and Windows.
wsl
Install, list, export, import, configure, and clone WSL distributions using the wsl.exe command on Windows 10 and 11.
wmic
Query and manage Windows system information — hardware, software, processes, services, and more — from the command prompt using WMI classes and WMIC's SQL-like syntax.
whoami
Display the current user name, SID, group memberships, and privileges from the Windows command prompt — essential for auditing security context in scripts and support scenarios.
wevtutil
Query, export, clear, and manage Windows Event Log channels from the command line — the primary CLI for event log automation, log archiving, and scripted log analysis on Windows.
tzutil & w32tm
Read and set the system timezone with tzutil, then query, configure, and force-sync the Windows Time service with w32tm — including NTP peer configuration and Kerberos-clock-drift recovery.
tmutil
Drive Time Machine backups, destinations, exclusions, local APFS snapshots, restores, and verification entirely from the terminal — without opening System Settings.
timeout
Pause a batch script for a specified number of seconds with an optional keypress bypass — a reliable replacement for the ping-delay idiom and a safer alternative to sleep in Windows CMD scripts.
tasklist
Display all running processes on a local or remote Windows machine with PID, memory usage, session, and optional service or module details — the cmd.exe equivalent of Task Manager for scripts.
taskkill
End one or more running Windows processes by PID or image name from the command prompt, with options for force termination, process tree killing, filtering, and remote targets.
takeown
Transfer ownership of files and directories to the current user or the Administrators group from an elevated command prompt — a prerequisite for modifying ACLs on system-protected paths.
systeminfo
Display detailed OS, hardware, and network configuration for the local or a remote Windows machine. Covers output formats, remote querying, filtering, and parsing in scripts.
system_profiler
Deep-dive on system_profiler(8) — macOS's built-in inventory tool. Covers data types, text/XML/JSON output, piping into jq and plutil, common SP* probes (hardware, displays, memory, storage, USB, network, software), detail levels, and fleet inventory recipes.
Sysinternals
Bootstrap and drive the headless Sysinternals utilities — PsExec, Handle, PsList, Autoruns, ProcMon, ListDLLs — for process spelunking, file-lock hunting, autostart auditing and scripted system tracing on Windows.
softwareupdate
Deep-dive on softwareupdate(8), Apple's CLI for macOS system updates — listing pending updates, installing recommended-only or specific items, scheduling, ignoring updates, installing Rosetta and Command Line Tools, and pairing with mas and brew for full system update automation.
shutdown
Initiate, schedule, abort, or force a shutdown, restart, logoff, hibernate, or sleep on a local or remote Windows machine from the command line — essential for scripted maintenance, patch automation, and remote administration.
schtasks
Create, query, run, end, and delete scheduled tasks on local or remote Windows machines from the command prompt — the scripting interface to Windows Task Scheduler.
sc
Query, create, configure, start, stop, and delete Windows services from the command line — the scripting interface to the Service Control Manager, equivalent to the Services MMC snap-in but fully automatable.
runas
Launch a program in the security context of a different user account — elevate to Administrator, switch to a service account, or test application behaviour under a restricted identity.
route
Display, add, delete, and modify entries in the Windows IP routing table — control how packets are forwarded between subnets, add persistent static routes, and diagnose routing failures.
reg
Query, add, modify, export, and import Windows registry keys and values with the built-in reg.exe — the scriptable, no-dependency tool for everything from one-off tweaks to full backup-and-restore.
PowerShell Remoting
Execute PowerShell against one or many remote hosts using WinRM or SSH transport, persistent sessions, credential management, and JEA.
powercfg
Manage Windows power plans, enable or disable hibernation, diagnose battery health and sleep failures, and generate energy efficiency reports from the command prompt.
pmset
Inspect and configure sleep, wake, hibernate, and battery behaviour on macOS. Covers per-source profiles, scheduled wake, sleep-prevention diagnostics, battery reports, and hibernate modes.
pathping
Trace the route to a destination and measure per-hop packet loss and latency over a sustained sampling period — more diagnostic than tracert and more thorough than ping for identifying intermittent network problems.
networksetup
Script every aspect of macOS network configuration — Wi-Fi joining, DNS servers, proxies, locations, and service order — from a single first-party command-line tool.
netsh
Configure network interfaces, firewall rules, wireless profiles, port proxies, and Winsock settings from an elevated command prompt — the comprehensive Windows network configuration CLI.
net user
Create, modify, delete, and list local Windows user accounts from the command prompt — set passwords, manage account expiry, lock/unlock accounts, and control logon hours.
net localgroup
Create, delete, and modify local security groups on a Windows machine — add or remove members, list group memberships, and manage built-in groups from the command prompt.
mountvol
List, create, and remove NTFS volume mount points and display the unique volume GUID path for any drive letter or directory junction from the command prompt.
logman
Create, start, stop, and manage Data Collector Sets for performance counters, event traces, and configuration data — the command-line interface to Windows Performance Monitor for scripted monitoring and automated log collection.
launchctl
Bootstrap, bootout, kickstart, print, and enable/disable services with launchctl on macOS: agents vs daemons, plist anatomy, user/system domains, RunAtLoad vs KeepAlive vs StartInterval vs StartCalendarInterval, and recipes for periodic scripts and on-demand workers.
icacls
Display and modify NTFS access control lists on files and directories — grant, deny, or remove permissions for users and groups, manage inheritance, and save or restore full ACL sets.
gpresult & gpupdate
Inspect the Resultant Set of Policy that applied to a user and computer with gpresult, then force a refresh with gpupdate — including HTML reports, scope filtering, and the classic 'why didn't my GPO take effect?' workflow.
getmac
Display the MAC (hardware) addresses and associated transport names for all network adapters on a local or remote Windows machine — useful for asset inventory, DHCP reservation setup, and network access control.
fsutil
Inspect and manage NTFS file system internals — query volume info, manage hard links, sparse files, reparse points, the USN journal, and the dirty bit — from an elevated command prompt.
driverquery
Display all installed device drivers on a local or remote Windows machine — module name, type, link date, and driver file path — for hardware audits and troubleshooting.
dism
Service Windows images and the running OS — enable/disable optional features, repair the component store, mount and edit WIM/ESD images, add drivers, and manage editions from an elevated command prompt.
diskutil
Command-line front-end to Disk Utility on macOS — list, partition, format, repair, encrypt, and snapshot APFS containers, plus build and tear down software RAID volumes.
diskpart
Create, delete, format, extend, shrink, and assign drive letters to disk partitions from the Windows command prompt using an interactive or scripted REPL interface.
defrag
Analyze, defragment, and optimize volumes from the command line — consolidate free space on HDDs, issue TRIM on SSDs, and schedule or review optimization tasks.
chkdsk
Scan a FAT or NTFS volume for file system errors and bad sectors, optionally repairing them — the built-in Windows disk health and integrity tool for drives and volumes.
bcdedit
View and modify the Windows Boot Configuration Data store — manage boot entries, set default OS, change timeouts, enable debugging, and configure boot options from an elevated command prompt.
arp
Display, add, and delete entries in the Windows ARP (Address Resolution Protocol) cache — map IP addresses to MAC addresses, detect IP conflicts, and diagnose Layer 2 connectivity issues.
systemd Unit Files
Writing, enabling, and managing systemd service, timer, and socket units.
Security Fundamentals
OS-level security primitives every operator should know: users and groups, file permissions, Linux capabilities, SUID/SGID, mandatory access control (SELinux, AppArmor), sandboxing concepts, least privilege, and encryption at rest vs in transit.
ps, ss & netstat
Inspect running processes (ps), list network connections and listening ports (ss / netstat). Covers output formats, filtering, process trees, and socket state analysis.
Processes
Process lifecycle on Unix: fork/exec/wait, PIDs, signals, zombies and orphans, parent/child trees, process groups, sessions, controlling terminals, and a tour of Linux cgroups.
permissions
POSIX file permissions on Linux. Covers symbolic and octal chmod, ownership with chown, the meaning of r/w/x for files vs. directories, setuid/setgid/sticky bits, umask, ACLs, capabilities, and immutable attributes.
Networking Stack
How packets actually move: the OSI and TCP/IP layer models, the BSD socket API, TCP vs UDP, the three-way handshake, MTU/MSS, NAT and port translation, basic IP routing, and the full DNS resolution flow.
Memory Management
How operating systems give every process its own address space: virtual memory and paging, swap, the OOM killer, mmap, copy-on-write, the page cache, allocator choices (glibc, jemalloc, mimalloc), and how to read memory counters in top, ps, and free.
lsof & ss
Diagnose what's holding a port, which files a process has open, and the state of every TCP/UDP socket using lsof and the modern iproute2 ss utility.
journalctl
Query and follow systemd's structured journal. Covers unit filters, time ranges, priority levels, boot logs, namespaces, invocations, output formats, persistence, configuration, and disk-vacuum.
ip
Modern replacement for ifconfig, route, and arp. Inspect and configure interfaces, addresses, routes, neighbour tables, and network namespaces with the iproute2 ip command.
htop
Interactive process and resource monitor for the terminal. Covers function keys, sorting, filtering, signal sending, tree view, threads, and how to read load averages and memory correctly. Compares with top, btop, and bottom.
cron
Time-based job scheduler on Unix. Covers crontab syntax, user vs. system crontabs, environment quirks, logging, anacron, and the modern systemd timer alternative.
apt-get Package Management
Debian and Ubuntu package management — update, install, remove, upgrade, and maintain packages with apt-get.
Linux
Command-line tools, shell scripting, networking, system administration, and data extraction for Linux.