0

I have a client with a bunch of children using about 30 machines on a regular basis.

All machines that the children user are set with Static IP Addresses.

The machines that the kids use, I would like to be able to run a script that will remove the default gateway so they cant get to the Internet.

Then I need another that will add the Default gateway, so Windows and software updates can be run.

Both scripts need to use the domain admin account for permissions

Any help would be greatly appreciated

Tom
  • 745
  • 3
  • 9
  • 1
    Are you sure this is the way you want to address this? There are myriad other possibilities that would be less hacky/error-prone. – jscott Mar 14 '11 at 22:31
  • I'm a computer consultant, not the domain admin of this paticular network. These machines are set to static per the domain admin\Company "IT" person's request, they are on a seperate subnet i.e. domain is 10.0.0.1 and these machines are on 192.168.1.1 with different subnet masks and gateways so as to provide complete seperation from the internal network. I'm sure there are other ways, but I am forced to limitations per the IT Person of the company. – Tom Mar 16 '11 at 07:41

1 Answers1

2

Is there any reason you are using static addressing? This complicates your network and is generally unnecessary - you could use DHCP and create reservations to accomplish the same thing and have better control.

I would also be using WSUS (free) to deploy updates - with the server on the same subnet, the workstations need never connect to the internet.

Otherwise, I wouldn't do this with vbscript - netsh should be able to handle this easily for you, running with PSEXEC and assuming these sysetms are all on the same domain.

psexec @File-WithComputerNames.txt netsh interface ip set address "Local Area Connection" gateway=192.168.111.222 gw=1 (Make sure all the network adapters have the same name, otherwise you need a text file indicating computer/adapter name and use a for loop. Or you could probably do something fancier with WMIC to obtain the adapter name. (sorry, not good enough with WMIC to give a sample of that).

Multiverse IT
  • 1,825
  • 9
  • 11
  • See my note above, I would love to do it as you stated with reservations, much easier, but, alas, my hands are tied. I dont know scripting so a more detailed explaination would be greatly appriciated. – Tom Mar 16 '11 at 07:42
  • psexec @File-WithComputerNames.txt netsh interface ip set address "Local Area Connection" gateway=192.168.111.222 gw=1 *************** Use the command preceeding the asterisks on a test computer (you should always test scripts and commands before trying to deploy them to a large number of machines. Create a text file with the one computer name in it - then download PSEXEC and use it to run the netsh command on a remote computer and see if it does the desired change. – Multiverse IT Mar 17 '11 at 06:37
  • Will this command take into account admin username and password? Kids are set to standard user by default and can not make changes! – Tom Mar 17 '11 at 21:30
  • OK, I've tried this on a few different computers and get the same error. The requested operation needs elevation How do I incorporate Admin rights? Thank you – Tom Mar 18 '11 at 19:21
  • I went ahead and marked it as answered, but, could someone help with admin rights? – Tom Mar 28 '11 at 18:46
  • PSEXEC allows you to enter admin credentials - run PSEXEC /? for specific usage. – Multiverse IT Mar 29 '11 at 23:14