LogOn script to enable Network services

I'm working on a script, which may be used at logon, or as system process to enable the Network services (i.e. "Client for Microsoft Network" and "File and Print Sharing") if users notebooks are in office/home network. If users are in different network with static or dhcp-enabled IP (unknown IP addreses, but not from our networks) so these services must be in down-state (disabled). How to implement this?
LVL 3
veaceslavzAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

NopiusCommented:
Interesting question.
I see two problems:
1) Services are started _before_ user logs in.
2) Logon scripts are run with user priveleges, so user must be local administrator

So until user login every share will be open. Not very good.

If you insist on your question. There is onw easy way:
1) You will write 'check' program (VBS or whatsever language) that will return 1 if user is in LAN and 0 otherwise
2) In logon script you will run your 'check' program and analyse return code (IF .. THEN) on 1 you will run 'net start ...' on 0 you will run 'net stop ...' with appropriate service names. See 'net start' for list of services.

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
mackengaCommented:
Just in case this response still gets to the person who originally asked the question, I'll just add that you can avoid having the services run until login on foreign networks by having them down by default (manual startup would be a start).  Then they'd only be enabled on login.

The problem of NET START not working unless the users were local admin still stands, though, and it's very rarely a good idea to give users that much power over their machines.  I do have another suggestion.

If you start with your potentially insecure services / shares / etc disabled security is taken care of.  Then you can have the login script attempt to contact a service running on a server, like the DC, on your own network.  If this succeeds, that service, which could run with domain administrative priveleges, could start the relevant services on the user  machine remotely.  I think if you're thinking of looking into this more deeply, WMI might be useful to you - use:

Set objWMI = GetObject("winmgmts://<machine>/root/CIMV2")

to connect (I think that's right; I could be wrong.  The thing I'm not sure of is whether that should be "CreateObject" rather than "GetObject" but like I say I think the above is correct).  The various methods of the WMI object will be useful for controlling administrative things.  I won't bother going into more detail if this question seems to be abandoned anyway.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Programming

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.