Script to detect if laptop on Office Lan or External Network.

Hi, can you provide more detail about what 'external' means? Does this include or exclude VPN connections? Also, why do you need to do it? Bill.

This script will get you the networking information from any system (change the strComputer line to the name of the computer you querying).

' From the book "Windows XP Cookbook"
' ISBN: 0596007256
 
' ------ SCRIPT CONFIGURATION ------
strComputer = "."
' ------ END CONFIGURATION ---------
set objWMI = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
set colNAs = objWMI.InstancesOf("Win32_NetworkAdapter")
for each objNA in colNAs
 Wscript.Echo objNA.Name
 Wscript.Echo " Description: " & objNA.Description
 Wscript.Echo " Product Name: " & objNA.ProductName
 Wscript.Echo " Manufacturer: " & objNA.Manufacturer
 Wscript.Echo " Adapter Type: " & objNA.AdapterType
 Wscript.Echo " AutoSense: " & objNA.AutoSense
 Wscript.Echo " MAC Address: " & objNA.MACAddress
 Wscript.Echo " Maximum Speed:" & objNA.MaxSpeed
 Wscript.Echo " Conn Status: " & objNA.NetConnectionStatus
 Wscript.Echo " Service Name: " & objNA.ServiceName
 Wscript.Echo " Speed: " & objNA.Speed
 
 set colNACs = objWMI.ExecQuery(" select * from " & _
 " Win32_NetworkAdapterConfiguration " & _
 " where Index = " & objNA.Index)
 ' There should only be one item in colNACs
 for each objNAC in colNACs
 if IsArray(objNAC.IPAddress) then
 for each strAddress in objNAC.IPAddress
 Wscript.Echo " Network Addr: " & strAddress
 next
 end if
 Wscript.Echo " IP Metric: " & objNAC.IPConnectionMetric
 Wscript.Echo " IP Enabled: " & objNAC.IPEnabled
 Wscript.Echo " Filter: " & objNAC.IPFilterSecurityEnabled
 Wscript.Echo " Port Security:" & objNAC.IPPortSecurityEnabled
 if IsArray(objNAC.IPSubnet) then
 for each strAddress in objNAC.IPSubnet
 Wscript.Echo " Subnet Mask: " & strAddress
 next
 end if
 if IsArray(objNAC.DefaultIPGateway) then
 for each strAddress in objNAC.DefaultIPGateway
 Wscript.Echo " Gateway Addr: " & strAddress
 next
 end if
 Wscript.Echo " Database Path:" & objNAC.DatabasePath
 Wscript.Echo " DHCP Enabled: " & objNAC.DHCPEnabled
 Wscript.Echo " Lease Expires:" & objNAC.DHCPLeaseExpires
 Wscript.Echo " Lease Obtained: " & objNAC.DHCPLeaseObtained
 Wscript.Echo " DHCP Server: " & objNAC.DHCPServer
 Wscript.Echo " DNS Domain: " & objNAC.DNSDomain
 Wscript.Echo " DNS For WINS: " & objNAC.DNSEnabledForWINSResolution
 Wscript.Echo " DNS Host Name:" & objNAC.DNSHostName
 if IsArray(objNAC.DNSDomainSuffixSearchorder) then
 for each strName in objNAC.DNSDomainSuffixSearchOrder
 Wscript.Echo " DNS Suffix Search Order: " & strName
 next
 end if
 if IsArray(objNAC.DNSServerSearchOrder) then
 for each strName in objNAC.DNSServerSearchOrder
 Wscript.Echo " DNS Server Search Order: " & strName
 next
 end if
 Wscript.Echo " Domain DNS Reg Enabled: " & _
 objNAC.DomainDNSRegistrationEnabled
 Wscript.Echo " Full DNS Reg Enabled: " & _
 objNAC.FullDNSRegistrationEnabled
 Wscript.Echo " LMHosts Lookup: " & objNAC.WINSEnableLMHostsLookup
 Wscript.Echo " WINS Lookup File: " & objNAC.WINSHostLookupFile
 Wscript.Echo " WINS Scope ID: " & objNAC.WINSScopeID
 Wscript.Echo " WINS Primary Server: " & objNAC.WINSPrimaryServer
 Wscript.Echo " WINS Secondary: " & objNAC.WINSSecondaryServer
 next
 
 WScript.Echo
next

Select allOpen in new window

External is any network not our own LAN/WAN, so home network etc, this would be used before any user level activity i.e. as part of a machine level logon script. This is needed to apply different policy type configurations dependant on network conection e.g. on LAN/WAN use proxy configs, if not LAN/WAN remove proxy config.

Due to the nature of our WAn connections and the 4MB per policy we are looking at moving back to scripts.

Cheers Bill.

It is begining to look like I may have to resign myself to the chance of false positives. I was hoping that there may be some sort of flag/query I can make to see if the machine actually authenticated against our AD controllers or used it's cached account but I am struggling to see anything. Funnily enough the only difference I can see between loggin on on the LAN and logging on else where is under the user environment where the HOMEDRIVE is set to a share when on and the c: drive when off, but not sure how reliable this is.

Regarding your comment about "actually authenticated against a domain controller": This test won't work with remote VPN clients, so I don't think that's going to be a foolproof test. As I queried earlier, everything depends on what you mean by "external." This is a tricky task to script, to be sure. Bill.

Bill a better explaination of what I am trying to achieve would be:

Before the user logs in, as the machine processes its startup I want to test if the network is our corporate network or not so that I can tweak the script dymanically. (things like blocking network traffic until VPN connected etc and in some cases bringing the VPN tunnel up prior to user authentication). Pinging would work but having no control over these other networks I get false positives.

What I was hoping for is some sort of flag to say that the machine has authenticated with an AD controller or is utilising cached authority. Short of this I will have to look at some sort of service on a server that will respond to a query in a unique way.

Thanks for your help so far

Hi, I believe the code in the script I posted will work for you -- it can test if the local computer is in one of a list of network IDs. If the computer is in a particular network ID, it can then ping a host. The ping test should work if you use a corporate/internal DNS name that won't resolve outside of your corporate network (e.g., dc01.local). You can use the script as a part of the computer's startup sequence (gpedit.msc -> Computer Configuration/Windows Settings/Scripts/Startup) to determine the machine's connectivity. Bill.