+ Post New Thread
Results 1 to 10 of 10
Scripts Thread, Is box connected to (the right) LAN? in Coding and Web Development; Someone must have thought about this.. I've got a teensy logon script and I want it to quickly figure out ...
  1. #1

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    115

    Is box connected to (the right) LAN?

    Someone must have thought about this.. I've got a teensy logon script and I want it to quickly figure out whether the box has a hope in H. of talking to a DC e.g. it's:

    a) Not connected to a network.
    b) Is connected to a home/other network somewhere

    If possible I'd like it to be generic i.e. no comparing current IP address against some hard-coded value.

    Any ideas on what's the best thing to look at or test?

  2. #2

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,323
    Thank Post
    903
    Thanked 1,801 Times in 1,550 Posts
    Blog Entries
    12
    Rep Power
    467
    2 Questions,

    What type of script is it?

    Why do you need it to know if the DC is online?

    Z

  3. #3

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    115
    1) Any script (it will be JS but I can translate almost anything).

    2) So I can skip doing something that wants to talk to a DC and thus avoid timeouts and scary messages.

  4. #4

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,270
    Thank Post
    884
    Thanked 2,747 Times in 2,321 Posts
    Blog Entries
    11
    Rep Power
    785
    There are a few VBScripts floating about that can do this that you could convert:

    Ping Computers (VBScript)
    Check the status of your servers

  5. #5

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    115
    Mmm.. this is a GPO-attached logon script.. which runs when user logged on to domain normally or with cached credentials. The frustrating bit is that in the latter case the system already knows it can't talk to the domain, so I've been naively assuming you ought to be able just ask the system about that (somehow) rather than repeating one or more networky things the system has already done.

    If I have to talk to the network I suppose I have to, but that would be annoying on principle.

  6. #6

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,270
    Thank Post
    884
    Thanked 2,747 Times in 2,321 Posts
    Blog Entries
    11
    Rep Power
    785
    If it has an active network adapter during logon ie home wireless it will continue to attempt to contact the domain controller all the way through the logon process and even when it has logged in anyway. I don't know of any way to detect if the machine is using cached credentials and so the easiest way is to simply try the network as the machine is hitting the network around every 3-4 seconds anyway during logon to try and contact the DC.

    I guess that you could use WMI to return the DNS suffix of all active connections and check to see if any of them match but its probably overkill, the code from here could help:
    Retrieve Client-Side Networking Settings through VBScript

  7. #7

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    115
    I don't know of any way to detect if the machine is using cached credentials
    Once upon a time you'd just look at the LOGONSERVER environment variable (would be the local computers name when offline) but that's always set to the last DC that logged you on now.

    What I've done isn't much harder: Look for an occurence of the USERDNSDOMAIN environment variable in the stdout from an 'ipconfig /displaydns' command. When it's connected and you logon you get at least one DC FQDN in the DNS cache, otherwise I'm saying it's offline.

    There's probably a loophole or two e.g. depends on no name resolution for the internal domain name outside your network, but it seems OK so far.

  8. #8

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    115
    ..and then I accidently invoked a nice solution. Instead of setting a GPO to invoke a single logon script located on the PC which does this or that according to whether it thinks it's connected to the domain or not, I make two scripts based on this concept:

    1) Make a logon script e.g.
    HelloWorld.js, contents: WScript.Echo("Connected to domain");
    Throw that in the GPO's Scripts\Logon folder and add it as a logon script.

    b) Make another script with the same name but different contents e.g.
    HelloWorld.js, contents: WScript.Echo("Disconnected from domain");
    Push that out to %windir% on the target computers.

    Basically when it's connected to the domain it runs the GPO logon script from the DC, but when it's offline it runs the local one from %windir% (or presumably anywhere else you want to put it in the PATH).

    Dunno about everyone else and YMMV, but I didn't know you could do that.

    This isn't why I'm playing with it, but an example of a potentially useful thing you could do with this is to automatically take the tick out of the IE proxy box when it's not online to your domain i.e. in the local version of the script invoke reg.exe to set the HKCU "ProxyEnable" value to 0, [& if necessary put it back to 1 again in the 'partner' script on the DCs]
    Last edited by PiqueABoo; 9th October 2008 at 09:49 PM.

  9. Thanks to PiqueABoo from:

    maniac (9th October 2008)

  10. #9

    maniac's Avatar
    Join Date
    Feb 2007
    Location
    Kent
    Posts
    3,081
    Thank Post
    210
    Thanked 431 Times in 311 Posts
    Rep Power
    145
    Now that's a neat solution if it works, going to have a play tomorrow as that would solve a lot of problems I think!

  11. #10

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    115
    I've been trying to explain it, but nearest I can get is that (being User policy in this case) the GPO logon script [path]names end up in a "Script" value under this key:

    HKCU\Software\Policies\Microsoft\Windows\System\Sc ripts\Logon\n\m

    Where I think 'n' and 'm' are numbers dependant on how many GPOs have logon scripts, and how many scripts any given GPO has respectively. This key is one that SysInternal's "Autoruns" and similar utils report on (looks like it has occasionally been abused by malware).



SHARE:
+ Post New Thread

Similar Threads

  1. Imaging an AD-connected machine
    By Daleus in forum How do you do....it?
    Replies: 12
    Last Post: 23rd September 2008, 11:15 PM
  2. Which access point am i connected to software
    By Southwell in forum Hardware
    Replies: 7
    Last Post: 8th February 2008, 10:05 AM
  3. SMS software for PC connected to phone??
    By philtomo-25 in forum General Chat
    Replies: 0
    Last Post: 15th October 2007, 03:14 PM
  4. How are the rest of your schools connected?
    By Dos_Box in forum General Chat
    Replies: 24
    Last Post: 8th August 2005, 11:42 AM
  5. How are your mac's connected ?
    By daveyboy in forum Mac
    Replies: 11
    Last Post: 16th July 2005, 02:52 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •