Windows Server

Where is the File: Using Where.exe

There used to be a time where you ran commands on your computer without any fancy GUIs or icons. You typed a command and it ran. In order to simplify your life, you didn’t even have to specify the full path to the program. The operating system would search in predefined set of directories and run the first matching command. These directories were stored in an environmental variable called %PATH%.

Today, most IT Pros don’t think too much about this, nor do they when using Windows. But for those of you who run commands from a command prompt, sometimes you can run into problems. This is a two-part article: Today I’ll discuss using the command line utility Where.exe. In part two, I’ll go further and discuss using Get-FileItem to help you find the files you want.

Using Where.exe

For example, if you want to run foo.exe but there are two different versions in two different folders in %PATH%, you might end up running the wrong version. If you open a command prompt in Windows 7, you have at your disposal a nifty command line utility called Where.exe. To see how to use it, run where /? at a prompt. You can see the results in Figure 1.

Where.exe Help
Figure 1 Where.exe help
The easy way to use this utility is to specify a pattern for a filename. You can even use wildcards.

Sponsored Content

What is “Inside Microsoft Teams”?

“Inside Microsoft Teams” is a webcast series, now in Season 4 for IT pros hosted by Microsoft Product Manager, Stephen Rose. Stephen & his guests comprised of customers, partners, and real-world experts share best practices of planning, deploying, adopting, managing, and securing Teams. You can watch any episode at your convenience, find resources, blogs, reviews of accessories certified for Teams, bonus clips, and information regarding upcoming live broadcasts. Our next episode, “Polaris Inc., and Microsoft Teams- Reinventing how we work and play” will be airing on Oct. 28th from 10-11am PST.

C:\>where notepad.*
C:\Windows\System32\notepad.exe
C:\Windows\notepad.exe

The default behavior is to display the full file name for every match. Remember, by default, Where.exe is only searching folders in %PATH%. But you can specify one or more directories.

C:\>where "c:\scripts;c:\work:note*"
c:\scripts\notepad.exe
c:\work\note1.xml
c:\work\noteeverything.txt

In this command, I searched for anything that started with ‘Note’ in C:\Scripts and C:\Work. If I also wanted to search %PATH%, all I need to do is include it in my directory definition.

C:\>where "%path%;c:\scripts;c:\work:note*"
C:\Windows\System32\notepad.exe
C:\Windows\notepad.exe
c:\scripts\notepad.exe
c:\work\note1.xml
c:\work\noteeverything.txt

Using /T & /R Parameters

Where you might have duplicates, it can be helpful to check size and/or a time stamp. You can accomplish that with the /T parameter.

C:\>where "%path%;c:\scripts;c:\work:notepad*" /t
    193536   7/13/2009    9:39:25 PM  C:\Windows\System32\notepad.exe
    193536   7/13/2009    9:39:25 PM  C:\Windows\notepad.exe
      2938   6/25/2012    2:23:57 PM  c:\scripts\notepad.exe

It looks like the first two versions are identical, but clearly the last one is different.

By default, WHERE.EXE only searches in the root of the current directory, but you can do a recursive search, albeit only for a single directory with /R.

C:\>where /R c:\windows notepad*
c:\Windows\notepad.exe
c:\Windows\en-US\notepad.exe.mui
c:\Windows\System32\notepad.exe
c:\Windows\System32\en-US\notepad.exe.mui
c:\Windows\SysWOW64\notepad.exe
c:\Windows\SysWOW64\en-US\notepad.exe.mui
…

I’ve truncated the output, but I think you get the idea. Of course, you can combine parameters as well.

C:\>where /R c:\windows notepad* /t
    193536   7/13/2009    9:39:25 PM  c:\Windows\notepad.exe
     12288   7/13/2009   10:30:22 PM  c:\Windows\en-US\notepad.exe.mui
    193536   7/13/2009    9:39:25 PM  c:\Windows\System32\notepad.exe
     12288   7/13/2009   10:30:22 PM  c:\Windows\System32\en-US\notepad.exe.mui
…

One caveat is that you must put the parameters in the same order that you see them in help.

Errorlevel 0

Finally, you may also want to use WHERE.EXE to determine if a file exists somewhere either in the path or a specified computer. You don’t really need the file name. If a match is made, the command will return Errorlevel 0.

C:\>where calc.exe /q

C:\>echo %errorlevel%
0

This comes in handy if you are writing a batch file script.

@echo off

where %1 /q
if %errorlevel% EQU 0 (
 echo OK ) else (
    echo NOTOK
)

Here’s what it looks like in action.

C:\>c:\work\testfile.bat calc.exe
OK

C:\>c:\work\testfile.bat foo.exe
NOTOK

Running Files with Where.exe

Lastly, if you wanted to use this command to actually run the files WHERE.EXE finds, you’ll need to be creative. The technique I have works best if you know you’ll only get a single result. First, save the result to a temporary text file.

C:\>where calc.exe > %temp%\mycmd.txt

Next, create a variable from the text file contents.

C:\>set /p mycmd= < %temp%\mycmd.txt

Finally, invoke the variable, which should launch the program.

C:\>%mycmd%

If your command has spaces in it, you’ll need to have WHERE.EXE include double quotes with the /F parameter.

C:\>where /r "c:\program files" winword.exe /f > %temp%\mycmd.txt
C:\>set /p mycmd= < %temp%\mycmd.txt
C:\>%mycmd%

That’s a lot of work. For a quick file search, WHERE.EXE is terrific. But if you want to do anything else with it, you run into shortcomings of the command shell.

In Part 2, I’ll show you a command line alternative to help you find the files you’re looking for.

Related Topics:

External Sharing and Guest User Access in Microsoft 365 and Teams

This eBook will dive into policy considerations you need to make when creating and managing guest user access to your Teams network, as well as the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure.

You will learn:

  • Who should be allowed to be invited as a guest?
  • What type of guests should be able to access files in SharePoint and OneDrive?
  • How should guests be offboarded?
  • How should you determine who has access to sensitive information in your environment?

Sponsored by: