executing "netsh exec" command from a script

[kpierick]

Hello All,

I'm trying to execute the following:

strShell.Run ("netsh exec range.netsh&quot

where range.netsh is the file I have that has all my commands to add exclusion ranges, add IP, etc...to my DHCP server. I can run this file from a command prompt just fine c:\>netsh exec range.netsh
All the commands in the file execute correctly. The problem is when I try to put this command in VBScript it does NOTHING...it runs thru the program...no errors, but does not make any changes to my DHCP server...is there some special syntax I need to be using in VBScript to get this to run????? Does range.netsh need to be a .txt file instead??? I'm all out of ideas to try...any help would be GREATLY APPRECIATED...

Thanks,
Kathi

 

[kpierick]

I tried the above with out the "-f" option...still the same error: The command needs a valid Scope IP Address.

????????

Thanks,
kpierick

 

[kpierick]

I found the following DHCP Audit Log file: DHCPSRVLOG.Tue
I opened up this file in Notepad and it contains the following:


Microsoft DHCP Service Activity Log

Event ID Meaning
00 The log was started.
01 The log was stopped.
02 The log was temporarily paused due to low disk space.
10 A new IP address was leased to a client.
11 A lease was renewed by a client.
12 A lease was released by a client.
13 An IP address was found to be in use on the network.
14 A lease request could not be satisfied because the scope's
address pool was exhausted.
15 A lease was denied.
16 A lease was deleted.
17 A lease was expired.
20 A BOOTP address was leased to a client.
21 A dynamic BOOTP address was leased to a client.
22 A BOOTP request could not be satisfied because the scope's
address pool for BOOTP was exhausted.
23 A BOOTP IP address was deleted after checking to see it was
not in use.
50+ Codes above 50 are used for Rogue Server Detection information.

ID Date,Time,Description,IP Address,Host Name,MAC Address
16,08/06/02,00:02:05,Deleted,10.10.10.1,,
63,08/06/02,00:52:58,Restarting rogue detection,,,
63,08/06/02,02:00:19,Restarting rogue detection,,,
63,08/06/02,03:07:39,Restarting rogue detection,,,
63,08/06/02,04:14:59,Restarting rogue detection,,,
63,08/06/02,05:22:19,Restarting rogue detection,,,
63,08/06/02,06:29:39,Restarting rogue detection,,,
15,08/06/02,06:52:01,NACK,192.168.111.46,KATHI_P.,0010A4A20010
10,08/06/02,06:52:02,Assign,10.10.10.1,KATHI_P.,0010A4A20010
12,08/06/02,06:52:17,Release,10.10.10.1,KATHI_P.,0010A4A20010
10,08/06/02,06:52:20,Assign,10.10.10.1,KATHI_P.,0010A4A20010
11,08/06/02,06:54:50,Renew,10.10.10.1,KATHI_P.,0010A4A20010
11,08/06/02,06:57:20,Renew,10.10.10.1,KATHI_P.,0010A4A20010
11,08/06/02,06:59:50,Renew,10.10.10.1,KATHI_P.,0010A4A20010
11,08/06/02,07:02:20,Renew,10.10.10.1,KATHI_P.,0010A4A20010
11,08/06/02,07:04:50,Renew,10.10.10.1,KATHI_P.,0010A4A20010
11,08/06/02,07:07:20,Renew,10.10.10.1,KATHI_P.,0010A4A20010
11,08/06/02,07:09:50,Renew,10.10.10.1,KATHI_P.,0010A4A20010
11,08/06/02,07:12:20,Renew,10.10.10.1,KATHI_P.,0010A4A20010
11,08/06/02,07:14:50,Renew,10.10.10.1,KATHI_P.,0010A4A20010
11,08/06/02,07:17:20,Renew,10.10.10.1,KATHI_P.,0010A4A20010
11,08/06/02,07:19:50,Renew,10.10.10.1,KATHI_P.,0010A4A20010
11,08/06/02,07:22:20,Renew,10.10.10.1,KATHI_P.,0010A4A20010
11,08/06/02,07:24:50,Renew,10.10.10.1,KATHI_P.,0010A4A20010

This is all it has, I was actually hoping for some ERRORS, but doesn't seem like there really is...

Thanks,
Kathi

 

[FengShui1998]

kpierick,

First of all, when you execute it from your command prompt, you are doing it from your workstation so I'm assuming you have full privileges to execute and ADD using netsh.

Since the web page is executing the instructions also, does it have fulll permissions to use ADD using netsh. Your account and the web server account obviously have two different permissions and ACL (Access Control Lists)

When you do add something from the command line interactively, what does the log show? Does it display your entry? Correctly? So can you run the same command from the web server (without using a file) and add an entry?


fengshui_1998

 

[kpierick]

When I "delete excluderange" using netsh (exclusion range for one of my scopes) it doesn't show anything in this log file...but yes it does actually do the delete of the exclusion range I specify in my DHCP server.

I would agree with your thoughts on the permissions. How would I go about altering the permissions so that the web page would have "full" permissions to my DHCP server???

Thanks,
kpierick

 

[FengShui1998]

kpierick,

INstead of giving your web account access to your DHCP server, try using this method.

What it does (assuming your DHCP server is Windows) From the web server, it will execute the netsh command on the DHCP server using the account and password you give it.

' ****************************************
Function Remote_Cmd(Server, accnt, pwd, strCmd)
' ****************************************
On Error Resume Next
Set Locator = CreateObject("WbemScripting.SWbemLocator&quot
user = server & "\" & accnt

Set Service = Locator.ConnectServer(Server, "root\cimv2", user, pwd)
Service.Security_.impersonationlevel = 3
Set Process = Service.Get("Win32_Process&quot
intStatus = Process.Create("cmd /C " & strCmd, null, null, intProcessId)
' response.write err.number & " " & err.description
If err.number <> 0 then
Remote_Cmd = err.number
else
Remote_Cmd = 0
End If
End Function


fengshui_1998

 

[kpierick]

k - I will try that, but a couple of questions???

Function Remote_Cmd(Server, accnt, pwd, strCmd)

server = the IP address of the scope I'm wanting to run my commands on? or the IP Address of the actual machine that my DHCP server (windows) and my Web Server are running on?

accnt & pwd = currently I don't sign on to my dhcp server...I sign on to the win2k box (which is running DHCP and IIS5.0) using an account name and a password. would this be what you are talking about?

strCmd = would this be the &quot;full&quot; command (netsh exec c:\range.txt > c:\output.txt,1,True) ???

what would I actually be using here...before I was using wscript.shell -
now the above code you listed is: WbemScripting.SWbemLocator

Sorry for all the questions, but would like to actually understand all this before just doing it...

I really appreciate all your time and effort...

Thanks!!!!

 

[FengShui1998]

kpierick,

&quot;server&quot; is the actual server that you would run your commands on that gives you good results. In this case I think it is your DHCP server that you log into. Use that account and password also.

As for the command, try using this

strCMD = &quot; netsh exec c:\range.txt&quot;

Assuming c:\range.txt is also on that DHCP server.

Good luck!

fengshui_1998

 

[kpierick]

Ok - I've put the above into my code.

I'm getting a variable undefined error.

Are Process, Locator, Service all reserved words for WMI or do they need to be declared first?

Also you have the following line:
intStatus = Process.Create(&quot;cmd /C &quot; & strCmd, null, null, intProcessId)


intStatus needs to be declared - correct? what about intProcessID??? Does this need to be defined and what is it for???

Thanks,
kpierick

 

[kpierick]

Ok - I've found out that all the above fields in my post need to be &quot;declared&quot;...once I do that, I get an error:
access is denied when it runs the following line

Set Service = Locator.ConnectServer(Server, &quot;root\cimv2&quot;, user, pwd)

where I have defined the following:
server 10.0.0.0
user &quot;10.0.0.0\test&quot;
pwd &quot;home&quot;

Again my machine is a Win2K box with IIS5.0 and DHCP running on it...Customers will be accessing the DHCP on this box from a webpage(the webpage will also be stored on this box)...

Thanks

 

[kpierick]

When I specify the user and pwd in the following:

Set Service = Locator.ConnectServer(Server, &quot;root\cimv2&quot;, user, pwd)

I get the following error now:
User credentials cannot be used for local connections


any ideas?

 

[FengShui1998]

kpierick,

There are several questions here.
When you log in on the DHCP server, are you logging in with a domain\username, not a local username on the machine? For instance, &quot;mydomain\kpierick&quot;.

Also, I would put quotes around &quot;10.0.0.0&quot;. This not an integer or decimal but an address.


fengshui_1998

 

[kpierick]

I got it running thanks...I really do appreciate all your help...

kpierick