Hubbry Logo
Net (command)Net (command)Main
Open search
Net (command)
Community hub
Net (command)
logo
8 pages, 0 posts
0 subscribers
Be the first to start a discussion here.
Be the first to start a discussion here.
Contribute something
Net (command)
Net (command)
Net (command)
View on Wikipedia
from Wikipedia
net
DevelopersMicrosoft, IBM, ReactOS Contributors
Initial releaseApril 2, 1985; 40 years ago (1985-04-02)
Operating systemMS-Net, DOS, OS/2, Windows, ReactOS, eComStation, ArcaOS
PlatformCross-platform
TypeCommand
LicenseMS-Net, OS/2, Windows, eComStation, ArcaOS: Proprietary commercial software
ReactOS: GNU General Public License
Websitedocs.microsoft.com/en-gb/previous-versions/windows/it-pro/windows-xp/bb490948(v%3dtechnet.10)
The Windows CE 3.0 net command

In computing, net is a command in IBM OS/2 (including eComStation and ArcaOS), Microsoft Windows, and ReactOS used to manage and configure the operating system from the command-line. It is also part of the IBM PC Network Program for DOS.[1]

Overview

[edit]

The command is primarily used to manage network resources.[2] It is an external command implemented as net.exe.[3] When used in a batch file, the /Y or /N switches can be used to unconditionally answer Yes or No to questions returned by the command.[2] The net command has several sub-commands that can differ from one implementation or operating system version to another.

On Windows CE .NET 4.2,[4] Windows CE 5.0[5] and Windows Embedded CE 6.0,[6] it is available as an external command stored in \Windows\net.exe. This version only supports the use and view sub-commands.

net sub-commands
Name Description DOS support OS/2 support Windows support ReactOS support Remarks
access Manage access No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] No No
accounts Change Netlogon service role and manage maximum user logon time, password expiration time and other account settings No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10[8][3][9] ReactOS 0.4.8[10]
admin Run administrative command on a remote server No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] No No
alias Manage aliases currently defined in the domain No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] No No
app Manage information about application definitions No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] No No
appparm No OS/2 Warp 4.5[7] No No OS/2 Warp 4.5 and later only
audit List and clear contents of the network audit log of the server No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] No No
comm List information about queues for shared serial devices No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] No No
computer Add or delete computer from domain database No No Windows Server 2000, Windows Server 2003, Windows Server 2003 with SP1, Windows Server 2003 R2, Windows Server 2008, Windows Server 2012, Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10[8][3][9][11][12] ReactOS 0.4.8[13]
config Display NetBIOS configuration information No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10[8][3][9] ReactOS 0.4.8[14]
continue Continue paused services IBM PC Network Program[1] IBM OS/2 LAN Server, OS/2 Warp 4.5[7] Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10[8][3][9] ReactOS 0.4.8[15]
copy Copy and append files locally and remotely No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] No No
dasd Manage and display directory limits No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] No No
device List statuses of shared serial devices and stop current use of a device No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] No No
diag Run the Microsoft Network Diagnostic program No No Windows 95, Windows 98[8] No
error List and clear network error log IBM PC Network Program[1] IBM OS/2 LAN Server, OS/2 Warp 4.5[7] No No
file List files opened by remote computers IBM PC Network Program[1] IBM OS/2 LAN Server, OS/2 Warp 4.5[7] Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10[8][3][9] Unimplemented[16]
forward Route incoming messages and cancel forwarding IBM PC Network Program[1] IBM OS/2 LAN Server, OS/2 Warp 4.5[7] No No
group Add, display, or modify global groups in domains No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] Windows Server 2000, Windows Server 2003, Windows Server 2003 with SP1, Windows Server 2003 R2, Windows Server 2008, Windows Server 2012, Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10[8][3][9][17][18] ReactOS 0.4.8[19]
help Display syntax No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10[8][3][9] ReactOS 0.4.8[20]
helpmsg Display information on error messages No No Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10[8][3][9] ReactOS 0.4.8[21]
init No No Windows 95, Windows 98[8] No
localgroup Add, display, or modify local groups No No Windows Server 2008, Windows Server 2012, Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10[8][3][9][22][23] ReactOS 0.4.8[24]
log Start/stop saving messages to a file/printer and display information about forwarding the current message log IBM PC Network Program[1] IBM OS/2 LAN Server, OS/2 Warp 4.5[7] No No
logoff No No Windows 95, Windows 98[8] No
logon No No Windows 95, Windows 98[8] No
move Move files locally and remotely No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] No No
name List or manage NetBIOS names IBM PC Network Program[1] IBM OS/2 LAN Server, OS/2 Warp 4.5[7] Windows NT, Windows 2000, Windows XP[8][9] Unimplemented[16]
password Change passwords on a server or in a domain No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] Windows 95, Windows 98[8] No
pause Pause services IBM PC Network Program[1] IBM OS/2 LAN Server, OS/2 Warp 4.5[7] Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10[8][3][9] ReactOS 0.4.8[25]
print Display printer queue information or print job information, or control print jobs IBM PC Network Program[1] IBM OS/2 LAN Server, OS/2 Warp 4.5[7] Windows Server 2008, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server (Semi-Annual Channel), Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 8[8][9][26][27][28] Unimplemented[16] Deprecated in Windows 7 and Windows Server 2008 R2
riplmach No OS/2 Warp 4.5[7] No No OS/2 Warp 4.5 and later only
riplmclas No OS/2 Warp 4.5[7] No No OS/2 Warp 4.5 and later only
run No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] No No
send Send messages to other users or computers IBM PC Network Program[1] IBM OS/2 LAN Server, OS/2 Warp 4.5[7] Windows NT, Windows 2000, Windows XP[8][9] Unimplemented[16]
separator Control whether or not a separator page is printed at the beginning of a print file IBM PC Network Program[1] No No No
session Manage server computer connections No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] Windows Server 2003, Windows Server 2003 with SP1, Windows Server 2003 with SP2, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 R2 with SP1, Windows Server 2012, Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 7 with SP1, Windows 8, Windows 10[8][9][3][29][30] Unimplemented[16]
share Manage shared resources IBM PC Network Program[1] IBM OS/2 LAN Server, OS/2 Warp 4.5[7] Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10[8][3][9][31][32] ReactOS 0.4.8[33]
start Start services IBM PC Network Program[1] IBM OS/2 LAN Server, OS/2 Warp 4.5[7] Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10[8][3][9] ReactOS 0.4.8[34]
statistics Display and clear list of usage statistics for a workstation No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10[8][3][9] ReactOS 0.4.8[35]
status List information about current network shares and server definition settings No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] No No
stop Stop services No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10[8][3][9] ReactOS 0.4.8[36]
time Display remote computer's current time or sync time with remote computer No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10[8][3][9] Unimplemented[16]
use Connect/disconnect computer to/from shared resources, or display information about computer connections IBM PC Network Program[1] IBM OS/2 LAN Server, OS/2 Warp 4.5[7] Windows Server 2000, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10, Windows CE .NET 4.2, Windows CE 5.0, Windows Embedded CE 6.0[8][3][9][37][38][4][5][6] ReactOS 0.4.8[39]
user Add or modify user accounts, or display user account information No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] Windows Server 2000, Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2008, Windows Server 2012, Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10[8][3][9][40][41] ReactOS 0.4.8[42]
ver Display information about workgroup redirector No No Windows 95, Windows 98[8] No
view Display list of domains, computers, or resources shared by specified computers No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] Windows Server 2000, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10, Windows CE .NET 4.2, Windows CE 5.0, Windows Embedded CE 6.0[8][3][9][43][44][4][5][6] Unimplemented[16]
who List uses who are logged on current or remote domains, display user logon information, and list users with sessions to a specific server No IBM OS/2 LAN Server, OS/2 Warp 4.5[7] No No

Example

[edit]

The net use command has several network-related functions.

Connecting network drive and printer

[edit]

net use can control mounting ("mapping" in Microsoft terminology) drive shares and connecting shared printers in a network environment. This command makes use of the SMB (server message block) and the NetBIOS protocol on port 139 or 445. The basic Windows XP configuration enables this functionality by default. Thus users can connect to and disconnect from shared resources such as computers, printers and drives.

net use can display a list of network-connection information on shared resources.

Null session connections

[edit]

net use also connects to the IPC$ (interprocess communication share). This is the so-called null session connection, which allows unauthenticated users. The basic syntax for connecting anonymously is: 

net use \\IP address\IPC$ "" /u:""

For example, typing at the command prompt: 

net use \\192.168.1.101\IPC$ "" /u:""

attempts to connect to the share IPC$ of the network 192.168.1.101 as an anonymous user with blank password. If successfully connected to the target machine, a lot of information can be gathered such as shares, users, groups, registry keys and more. This would provide a hacker with a lot of information about a remote user. This has changed in Windows NT 4.0 SP6 already. In Windows 2000 "null session connections" could have been enabled after changes of the system-configuration.

Similar commands in other OSes

[edit]

See also

[edit]

References

[edit]

Further reading

[edit]
[edit]
Revisions and contributorsEdit on WikipediaRead on Wikipedia

Net (command)

View on Grokipedia
from Grokipedia
The net command is a collection of command-line utilities in Microsoft Windows operating systems designed for network and system administration, enabling tasks such as managing user accounts, groups, shared resources, services, and network connections directly from the Command Prompt or batch scripts. These commands operate on local computers or domain controllers, providing essential tools for IT administrators to configure and troubleshoot Windows environments without graphical interfaces. Key subcommands of the net command include:
  • net accounts: Displays or modifies user account policies, such as password age limits and lockout thresholds.
  • net user: Adds, deletes, or manages local or domain user accounts, including setting and account options.
  • net group: Creates, displays, or deletes global groups for domain user organization.
  • net localgroup: Manages local security groups on a computer or domain.
  • net share: Views, adds, or removes shared folders and printers on the network.
  • net start and net stop: Starts or stops Windows services and displays running service lists.
  • net use: Connects to or disconnects from shared network resources like drives or printers.
  • net view: Lists available computers or shared resources on a network.
These subcommands support parameters for domain-wide operations (e.g., /domain) and are particularly useful in server environments like for automating administrative routines. While powerful for scripting and remote management, net commands are limited on domain controllers where Objects often override local settings.

Introduction

Overview

The net command is a command-line utility in Windows NT-based operating systems designed for managing network resources, local users, groups, services, and sessions. It enables administrators to perform essential networking and system administration tasks directly from the command line, facilitating efficient control over shared resources and user interactions in a networked environment. Among its core capabilities, the net command supports viewing active network connections, mapping network drives to local letters, sharing folders and printers across the network, and executing administrative tasks such as adding or modifying user accounts and groups. These functions are accessed through various subcommands, allowing for scripted of routine operations. The utility is available in both the and environments, with net.exe serving as the underlying executable file typically located in the System32 directory. It integrates with and Common Internet File System (CIFS) protocols to handle interactions with remote resources, such as connecting to shared drives or managing file permissions over the network.

History

The net command, originating from LAN Manager, was introduced in in 1993 as a built-in command-line utility for managing network resources and replacing earlier MS-DOS-based tools like those in LAN Manager. Subsequent versions saw enhancements for evolving Windows features; in , the command gained integration with , enabling operations on domain users, groups, and shares within enterprise environments. A notable milestone in this era was the introduction of alongside , a more advanced scripting tool for network configuration that diminished the need for net in sophisticated networking scenarios. Further updates arrived in to ensure compatibility with (UAC), requiring elevated privileges for certain administrative functions while maintaining core functionality. In recent years, particularly after , has promoted modern alternatives, such as cmdlets including New-PSDrive for persistent drive mapping and resource management, alongside the continued use of legacy commands like net.

Syntax and Usage

General Syntax

The net command in Windows follows the basic syntax net [command] [options] [arguments], where [command] specifies the operation (such as use or view), [options] are switches like /domain to target a specific domain, and [arguments] provide additional parameters like resource paths. This structure allows the command to manage network resources, user accounts, and services from the command line. Common global options include /help to display detailed usage information for the command or a specific subcommand, /? for quick help summaries, and /domain:<domainname> to apply the operation to a instead of the local computer (defaulting to the local machine if omitted). Output can be redirected using standard operators like > filename to save results to a file for logging or analysis. The command returns exit codes to indicate success or failure, with 0 typically denoting successful completion and 2 signaling a or invalid parameters; other non-zero values correspond to specific errors, which can be decoded using net helpmsg <errorcode>. Environment variables such as %USERDOMAIN% influence behavior by providing the current user's domain context, which the command uses when no explicit domain is specified in options like /user.

Subcommands

The net command provides numerous subcommands for administering network resources, user accounts, shares, and services in Windows environments. These subcommands operate primarily in mode by default but can target domain controllers with the /domain switch where supported, allowing centralized management in setups. Key subcommands include those for mapping drives, viewing resources, managing shares and accounts, controlling services, and retrieving statistics, each with specific parameters to customize operations. net use connects a local computer to or disconnects it from a shared or controls persistent network connections; without parameters, it lists current connections. The syntax is net use [Device] [\\Computer\Share [Password]] [/user:[Domain\]User] [/persistent:{yes|no}] [/delete], where key parameters include /user for alternate credentials, /persistent:yes to maintain the connection across reboots (default based on last setting), and /delete to remove mappings (use * to delete all). For example, net use Z: \\server\share /user:domain\user /persistent:yes maps a drive persistently. This subcommand works in both local and domain contexts without a dedicated switch, relying on provided credentials. net view displays a list of computers in the current domain, available domains, or shared resources on a specified computer; without parameters, it shows domain computers. The syntax is net view [\\Computer [/cache] | [/all] | /domain[:DomainName]], with parameters like /all to include hidden administrative shares (e.g., C$), /cache for offline caching status, and /domain to list computers in a specific domain. It operates locally or remotely without domain-specific modes. net share manages shared resources on the local computer, such as creating, deleting, or modifying file and printer shares; without parameters, it lists all shares. The syntax for creation is net share ShareName=drive:path [/grant:User,Permission] [/users:N | /unlimited] [/remark:"text"] [/cache:Type], where parameters include /grant for permissions (read, change, full), /users to limit concurrent users, /remark for descriptions, and /cache for offline availability options like manual or BranchCache. Deletion uses /delete, e.g., net share ShareName /delete. It applies to local resources only. net user adds, deletes, modifies, or displays user accounts on a local computer or domain. The syntax is net user [Username {Password | *}] [/add] [/delete] [/domain] [Options], with options like /add to create accounts, /delete to remove them, /active:{yes|no} to enable/disable, /expires:{date|never} for expiration, and /domain to target the domain controller instead of local machine. For example, net user newuser password /add /domain adds a domain user. Local mode (no /domain) affects the standalone computer, while /domain enables centralized administration. net group adds, displays, or removes global groups in a domain or adds/removes users from groups, facilitating rights assignment for similar network access needs. Global groups are managed in domain environments, typically requiring /domain to target the . The syntax is net group [GroupName [/add [/comment:"text"]] | /delete] [User1 User2 ... {/add | /delete}] [/domain], where /add creates groups or adds users, /delete removes them, /comment adds descriptions. For instance, net group Sales /add /domain creates a . Local groups are managed using net localgroup. net localgroup adds, displays, or modifies local security groups on the computer or domain, used for local permissions without affecting domain globals. The syntax mirrors net group but targets local groups: net localgroup [GroupName {/add [/comment:"text"] | /delete}] [/domain] [User ... {/add | /delete}]. It supports /domain for domain-local groups on controllers; otherwise, it manages local machine groups. net session displays information about active sessions on the local server or disconnects them; without parameters, it lists all sessions with details like username, computer, and idle time. The syntax is net session [\\Computer] [/delete] [/list], where /delete ends a specific session (or all if unspecified, risking data loss), and /list formats output as a list. Aliases include net sessions. It operates on the local server in both local and domain environments. net config displays or modifies network configuration settings for the workstation or server service, such as autoshares or hidden settings. Syntax includes net config server or net config workstation, revealing parameters like maximum connections without direct modification switches in basic use. It applies locally. net time synchronizes the local computer's clock with a remote or displays the current time from one. Syntax is net time [\\Server [/set [/y]]] , where /set updates the local time and /y confirms without prompting. It functions in local or domain modes via server specification. net accounts manages account policies, including password and lockout settings, for local computers or domains (using /domain). It cannot be run on domain controllers themselves. Syntax is net accounts [/minpwlen:N] [/maxpwage:{days|unlimited}] [/minpwage:days] [/forceLogoff:{minutes|no}] [/uniquepw:N] [/domain], with parameters like /minpwlen for minimum length (0-14, default 6), /maxpwage for age (1-999 days, default 90), /uniquepw for password history (max 24, default not specified), and /domain for domain policies. Local mode shows or sets standalone policies; /domain manages domain policies from domain-joined non-DC machines. net file manages open files on a server, closing them or listing details like ID, path, and user. Syntax is net file [ID [/close]], where /close terminates a specific file by ID. It targets server sessions locally. net pause and net continue pause or resume a running service, such as the print spooler, for . Syntax is net pause Service or net continue Service. These apply to local services. net start and net stop start or stop a service, like the server service for . Syntax is net start Service or net stop Service. They control local or dependent services. net statistics displays performance statistics for a service, such as or server, including sessions and bytes transferred since . Syntax is net statistics [workstation | server]. It provides local usage data.

Practical Examples

Resource Mapping

The net use subcommand of the net utility is primarily employed to map network drives, enabling users to access shared folders on remote servers as if they were local drives. To map a drive, the basic syntax involves specifying a local drive letter followed by the Universal Naming Convention (UNC) path of the , such as net use X: \\server\share. This command establishes a connection using the current user's credentials by default; if authentication is required, credentials can be provided via the /user parameter, for example, net use X: \\server\share /user:domain\username password. Upon successful execution, the drive letter X: becomes accessible in or command-line operations, allowing seamless and management. For persistent mappings that reconnect automatically after reboots, the /persistent:yes option is used, as in net use X: \\server\share /persistent:yes, which stores the connection in the user's profile for future sessions. In contrast, temporary mappings, created without this flag or with /persistent:no, last only for the current session and must be re-established upon logging in again. To disconnect a mapped drive, the command net use X: /delete is applied, which removes the association and frees the drive letter; running net use without parameters lists all active connections for verification. These steps facilitate efficient resource access in networked environments without relying on graphical interfaces. Printer connections via net use target legacy parallel ports like LPT1, using a similar syntax: net use LPT1: \\server\printer. This redirects print jobs from the local machine to the shared printer on the remote server, though it requires the printer to be shared and accessible over the network. In modern Windows systems, such connections integrate with the Add Printer wizard in the Settings app, where the UNC path entered during setup leverages underlying net use functionality for authentication and mapping; for instance, adding \\server\printer as a network printer prompts for credentials if needed, establishing a persistent link. This method supports older applications that output to LPT ports while bridging to contemporary printing workflows. Common troubleshooting for net use involves addressing access denied errors, often resulting from insufficient permissions on the shared resource or mismatched credentials. To resolve, verify the UNC path format—ensuring it adheres to \\computername\sharename without trailing slashes or invalid characters—and specify explicit credentials with /user if operating in a workgroup without domain trust. Additionally, (UAC) may block like C$, requiring elevated privileges via "Run as administrator" on the command prompt; testing connectivity with net view \\server beforehand can isolate path or network issues. In a real-world workgroup environment, such as a small without , connecting to a shared folder might proceed as follows: first, identify the server via net view \\server to list available shares; then map the drive with net use Z: \\workstation\documents /user:localuser password /persistent:yes, granting access to collaborative files like reports or templates. This process ensures reliable, credential-secured access across networks, enhancing productivity for non-domain-joined systems.

Administrative Tasks

The net command facilitates key administrative tasks on Windows systems, enabling server operators to manage shared resources, monitor and control user sessions, start or stop services, and retrieve performance statistics. These functions are essential for maintaining network servers, particularly in domain environments where centralized control is required. By leveraging the underlying Server Message Block (SMB) protocol and Remote Procedure Call (RPC) mechanisms, administrators can perform these operations locally or remotely, ensuring efficient resource allocation and system stability. Resource sharing is a core administrative function handled by the net share subcommand, which allows creation, modification, and deletion of network shares for folders and printers. To create an unlimited share for a folder, the syntax is net share ShareName=drive:\path /unlimited, such as net share PublicShare=C:\Public /unlimited, granting access without user limits until permissions are adjusted via other tools. For removal, net share ShareName /delete unshares the resource, as in net share PublicShare /delete, which immediately revokes network access while preserving local files. These operations require administrative privileges and are logged in the event log for auditing. Session management uses the net session subcommand to view or terminate active connections to the server, helping administrators disconnect idle or unauthorized users to free resources. Running net session without parameters lists all current sessions, displaying client computer names, usernames, and connection times. To close all sessions, net session /delete forcibly ends them, potentially interrupting ongoing file transfers. For remote management, net session \\RemoteComputer /delete targets sessions on a specified machine, useful in multi-server setups. This subcommand operates on the local server by default but relies on RPC for remote execution. Service control is achieved through net start and net stop subcommands, which interact with the Windows Service Control Manager to manage background processes without graphical interfaces. For instance, net start spooler initiates the Print Spooler service, essential for printing functionality, while net stop spooler halts it for maintenance, such as clearing print queues. The general syntax is net start ServiceName to launch a service if it is not running, and net stop ServiceName to terminate it gracefully, allowing dependent services to complete tasks. These commands support scripting for automated server reboots or updates and require elevated privileges to prevent unauthorized changes. Viewing system statistics with net statistics provides insights into workstation or server performance, aiding in troubleshooting and capacity planning. The command net statistics workstation outputs metrics like bytes sent/received, files opened, and connection attempts since the last reboot, helping identify bottlenecks in file sharing or network usage. Similarly, net statistics server displays server-specific data, such as shares accessed and sessions established. These reports are text-based and can be redirected to files for analysis, offering a quick alternative to Performance Monitor for basic diagnostics.

Security Considerations

Vulnerabilities

The net command, particularly subcommands like net use, has historically enabled null sessions, allowing anonymous access to remote systems via commands such as net use \\server\IPC$ "" /user:"" without providing credentials, which facilitates enumeration of users, shares, and other resources over SMB. This vulnerability stems from default configurations in older Windows versions that permitted unauthenticated connections to the IPC$ administrative share, exposing sensitive network information to attackers. Microsoft introduced registry-based mitigations for null sessions in Windows 2000 via the RestrictAnonymous setting, though it required manual configuration for full restriction; stricter defaults were implemented in subsequent versions like Windows XP. Legacy and misconfigured systems remain susceptible if not hardened. Privilege escalation risks arise when users with sufficient local privileges employ net localgroup to add accounts to high-privilege groups, such as the Administrators group, via commands like net localgroup Administrators <username> /add, granting unauthorized elevated access. This technique is commonly abused by adversaries who have obtained initial low-level access, allowing them to maintain persistence or expand control within a Windows environment. In SMB relay attacks, the net use subcommand can inadvertently aid credential capture by establishing NTLM-authenticated sessions that attackers intercept and relay in man-in-the-middle scenarios, such as through LLMNR/NBT-NS , to authenticate to other systems without the user's knowledge. Tools like Responder exploit this by relaying captured hashes from net use connections to target servers, potentially compromising domain controllers or shares. The exploit (CVE-2017-0144) targets a in SMBv1, enabling remote code execution that interacts with net share operations by allowing attackers to enumerate, create, or access network shares post-compromise without authentication. This vulnerability, patched in MS17-010, was widely used in campaigns like WannaCry to propagate laterally via SMB shares managed or queried by net share. Post-2020 ransomware variants, such as Conti, leverage net stop to disrupt services by halting up to 146 Windows processes related to , backups, and —e.g., net stop WinDefend—preventing detection and recovery during . This tactic inhibits system recovery and amplifies impact, as seen in attacks on where service shutdowns preceded .

Best Practices

When using the net command for network operations, authentication should always incorporate the /user and /password options to specify credentials explicitly, ensuring secure connections to remote resources. Strong credentials, meeting complexity requirements such as a minimum of 14 characters without common patterns, must be employed to mitigate brute-force risks. To prevent null sessions, which allow unauthenticated access, enable the Group Policy 'Network access: Restrict anonymous access to Named Pipes and Shares', which sets RestrictNullSessAccess to 1 under HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters, restricting unauthenticated access to named pipes and shares except for specified exceptions. Adhering to the principle of least privilege is essential; execute net commands from non-administrative accounts whenever feasible to limit potential damage from misuse or compromise. Enforce account policies using net accounts /lockoutthreshold:10 to lock accounts after 10 failed attempts, balancing security against denial-of-service risks while aligning with Windows security baselines. For auditing, enable process creation auditing in Group Policy under Advanced Audit Policy Configuration > Detailed Tracking to log net command executions in (Event ID 4688), capturing command-line arguments for review. Regularly monitor active connections with net session to detect and terminate unauthorized access promptly. In scripting scenarios involving sensitive tasks like drive mapping, opt for cmdlets such as New-PSDrive with Get-Credential over net use, as the former stores passwords as secure strings rather than , reducing exposure risks.

Alternatives in Other Systems

Unix-like Equivalents

In systems such as and macOS, functionalities akin to the Windows net command's subcommands for network resource access and management are provided by tools from the suite, which implements the SMB/CIFS protocol, along with standard system utilities for user and group administration. For connecting to remote SMB shares, similar to net use, the smbclient command serves as a primary equivalent, offering an FTP-like interface to interact with SMB/CIFS servers. Users can connect to a share using syntax such as smbclient //server/share -U username, which authenticates and provides shell access for file transfer and directory navigation. To mount shares persistently, akin to mapping a drive, the mount.cifs utility is employed, for example: mount -t cifs //server/share /mnt/point -o username=user,password=pass. This allows integration into the local filesystem, supporting options for credentials, security levels, and vers= for SMB protocol versions. Resource discovery and listing, comparable to net view, rely on nmblookup for name resolution and smbclient -L for enumerating available shares on a server. The nmblookup tool queries names over TCP/IP to map hostnames to IP addresses, such as nmblookup -A ip.address to retrieve node status. Complementing this, smbclient -L //server -U user lists shares, workgroups, and printers exposed by the target server. User and group management in Unix-like systems diverges from net user and net group by using dedicated commands like useradd and usermod for accounts, and groupadd for groups, often integrated with tools like passwd for password handling. For instance, useradd -m -s /bin/bash newuser creates a user with a home directory and shell, while usermod -aG group user adds a user to a group; these operate on local or LDAP-backed databases rather than Windows domains. Similarly, groupadd newgroup establishes groups for access control. To configure file sharing, equivalent to net share, administrators edit the /etc/samba/smb.conf file to define shares, global settings, and authentication, then restart the smbd service; for example, a section like [myshare] path = /path/to/dir read only = no exposes a directory via SMB. This contrasts with Windows-centric net by emphasizing textual configuration over command-line immediacy. Key differences include the net command's tight integration with Windows SMB for domain-centric operations versus Unix-like systems' flexibility with both NFS and CIFS protocols through Samba, allowing broader interoperability. Additionally, no single command directly mirrors net statistics for workstation/server stats; instead, sar -n DEV from the sysstat package reports network interface activity, and iostat provides I/O metrics, offering historical and real-time system-wide insights.

Modern Windows Tools

In modern Windows environments, particularly and 2025, cmdlets provide robust, object-oriented alternatives to many net command functions, enabling more advanced scripting and automation. For instance, the New-PSDrive cmdlet serves as the primary equivalent to net use, allowing users to create temporary or persistent drives mapped to network locations, such as SMB shares, with support for credentials and persistence across sessions. Similarly, Get-SmbShare retrieves detailed information about SMB shares on local or remote systems, mirroring net share but returning structured .NET objects that facilitate piping to other cmdlets for further processing, such as filtering or exporting data. For service management, Get-Service lists services akin to net start or net stop, while Start-Service and Stop-Service initiate or halt them, offering granular control over status, dependencies, and remote execution without the limitations of text-based output in net commands. Graphical user interface (GUI) tools in Windows further complement or replace net command tasks, providing intuitive access for non-scripting users. File Explorer allows mapping network drives through its "Map network drive" option, which prompts for drive letters, folder paths, and credentials, effectively replicating net use in a visual workflow that supports reconnection at sign-in. The Services console, accessible via services.msc, enables starting, stopping, and configuring services interactively, serving as a direct GUI counterpart to net start and net stop with real-time status monitoring and dependency views. For local user and group administration, the Computer Management console (compmgmt.msc) offers a centralized interface under Local Users and Groups to add, modify, or delete accounts, paralleling net user and net localgroup while integrating with broader system management features. The netsh command-line utility extends beyond the net command's focus on user and share management, addressing advanced networking configurations that net lacks. It supports contexts like netsh interface for IP addressing, VLANs, and adapter settings, or netsh bridge for combining network segments, filling gaps in net's scope by enabling scripted network diagnostics and policy enforcement on Windows Server and client editions. Migrating to these tools from is recommended for enhanced automation, as PowerShell's pipeline model and .NET integration allow complex operations like querying shares and exporting results to CSV, unlike net's plain-text responses, while maintaining since the net command remains fully supported in for legacy scripts and applications. In and later, integration with (formerly Azure AD) further diminishes reliance on net for domain tasks, as hybrid or Entra-joined devices shift user and device to cloud-based tools like Intune, reducing on-premises domain queries via net commands in favor of API-driven authentication and policy application.

References

  1. https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/net-commands-on-operating-systems
  2. https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/net-user
  3. https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/windows-commands
  4. https://devblogs.microsoft.com/commandline/windows-command-line-the-evolution-of-the-windows-command-line/
  5. https://bitsavers.org/pdf/dec/decnet/pathworks_DOS/AA-PHH1A-TK_Pathworks_for_DOS_Microsoft_LAN_Manager_Users_Guide_for_MS-DOS_1990.pdf
  6. https://learn.microsoft.com/en-us/troubleshoot/windows-server/windows-security/user-account-control-and-remote-restriction
  7. https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.management/new-psdrive
  8. https://www.lifewire.com/net-command-2618094
  9. https://www.computerhope.com/nethlp.htm
  10. https://www.febooti.com/products/automation-workshop/online-help/actions/run-cmd-command/exit-codes/
  11. https://www.itprotoday.com/devops/environment-variables
  12. https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/gg651155(v=ws.11)
  13. https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh875576(v=ws.11)
  14. https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh750728(v=ws.11)
  15. https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/cc754051(v=ws.11)
  16. https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh750729(v=ws.11)
  17. https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/net-print
  18. https://learn.microsoft.com/en-us/troubleshoot/windows-client/networking/access-denied-access-smb-file-share
  19. https://learn.microsoft.com/en-us/troubleshoot/windows-client/networking/cannot-logon-access-administrative-share
  20. https://learn.microsoft.com/en-us/biztalk/core/how-to-start-stop-pause-resume-or-restart-biztalk-server-services
  21. https://techcommunity.microsoft.com/blog/filecab/smb-and-null-sessions-why-your-pen-test-is-probably-wrong/1185365
  22. https://www.utc.edu/document/71676
  23. https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc757156(v=ws.10)
  24. https://www.blumira.com/glossary/null-session
  25. https://attack.mitre.org/techniques/T1098/007/
  26. https://attack.mitre.org/techniques/T1557/001/
  27. https://tcm-sec.com/smb-relay-attacks-and-how-to-prevent-them/
  28. https://nvd.nist.gov/vuln/detail/CVE-2017-0144
  29. https://cloud.google.com/blog/topics/threat-intelligence/smb-exploited-wannacry-use-of-eternalblue/
  30. https://www.cisa.gov/news-events/alerts/2021/09/22/conti-ransomware
  31. https://attack.mitre.org/techniques/T1489/
  32. https://learn.microsoft.com/en-us/microsoft-365/admin/misc/password-policy-recommendations?view=o365-worldwide
  33. https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares
  34. https://learn.microsoft.com/en-us/entra/identity-platform/secure-least-privileged-access
  35. https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/account-lockout-threshold
  36. https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/component-updates/command-line-process-auditing
  37. https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.security/get-credential?view=powershell-7.4
  38. https://www.samba.org/samba/docs/current/man-html/smbclient.1.html
  39. https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server
  40. https://linux.die.net/man/8/mount.cifs
  41. https://www.samba.org/samba/docs/current/man-html/nmblookup.1.html
  42. https://man7.org/linux/man-pages/man8/useradd.8.html
  43. https://www.samba.org/samba/docs/current/man-html/smb.conf.5.html
  44. https://man7.org/linux/man-pages/man1/sar.1.html
  45. https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.management/new-psdrive?view=powershell-7.5
  46. https://learn.microsoft.com/en-us/powershell/module/smbshare/get-smbshare?view=windowsserver2025-ps
  47. https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.management/get-service?view=powershell-7.5
  48. https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.management/start-service?view=powershell-7.5
  49. https://learn.microsoft.com/en-us/answers/questions/3841961/mapping-network-drive-in-file-explorer
  50. https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/start-stop-pause-resume-restart-sql-server-services?view=sql-server-ver17
  51. https://learn.microsoft.com/en-us/windows/security/identity-protection/access-control/local-accounts
  52. https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/netsh
  53. https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/netsh-interface
  54. https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/netsh-bridge
  55. https://learn.microsoft.com/en-us/troubleshoot/windows-server/active-directory/net-add-not-support-names-exceeding-20-characters
  56. https://learn.microsoft.com/en-us/entra/identity/devices/how-to-hybrid-join
  57. https://learn.microsoft.com/en-us/windows/client-management/client-tools/connect-to-remote-aadj-pc
Add your contribution
Related Hubs
Contribute something
User Avatar
No comments yet.