Browse All Articles
> How-to set the subnet of a computer, to a system variable for use in logon scripts.
Often times network admins need to run domain logon scripts for seperate subnets, but also for a seperate set of computers within that subnet. In this circumstance, configuring Active Directory Sites and Services then linking a GPO to site/subnet might not be an option.
So now what ?
This is a real world example of this situation and my accepted solution: http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Q_22746765.html?sfQueryTermInfo=1+locat+login+script+vb
This is the solution you can employ so that your logon scripts can identify the subnet a computer exists on...in order to decide whether to run or terminate. Currently the script is only designed for class C network identification.
You need two things to make this work...
1) The attached vbscript (paste into notepad and save as *.vbs)
2) A program called setx.exe (Found in the MS Resource kit - http://www.microsoft.com/downloads/details.aspx?FamilyID=DC2D3339-8F36-4FBA-A406-2A2A2AD7208C&displaylang=en
Once you have successfully employed this method....you can use the conditional code in your logon scripts using the subnet as a system variable.
Example: The subnet is 192.168.6, which was set as a variable %IPNETID%, and I want a script to only run if that is the subnet the machine is presently on...
Therefore the first line on the logon batch script would be the following....
IF NOT %IPNETID% == 192.168.6 EXIT
or you could use this...
IF %IPNETID% == 192.168.6 net use m: "\\server\share"
This is my original solution which was published on Microsoft Script Center repository - Technet (http://www.microsoft.com/technet/scriptcenter/csc/scripts/desktop/settings/cscds060.mspx
Now when you move machines between subnets, the proper logon scripts will run automatically after the first reboot.
NOTE: One caveat i've found, is that this script when used as a startup script will sometimes set the system variable only after the second reboot/logon, on a newly domain-joined machine. I believe this is because of machine authentication reasons... not sure though. Make sure the setx file is accessible to all machines, and that this script is set to run prior to other scripts running because the variable needs to be set prior to being used as a condition in your other logon scripts.