Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight
 
PerlMonks  

How can I get which Windows domain an IP belongs to?

by Anonymous Monk
on Oct 13, 2003 at 20:10 UTC ( #298941=perlquestion: print w/ replies, xml ) Need Help??
Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

Hello

Does it exist some module to get the Windows domain a Windows host belongs to?.

From a Windows computer I can do:
nbtstat -A 192.168.1.1

And this will give me the Windows domain and other things that I dont want.

But I want to loop througt several hundreds IP-addresses and match these to the Windows domains the belong to and write the result to a file.

I have a txt file with several IP-addresses like
IP.TXT
192.168.1.1
192.168.1.2
192.168.1.3

The result file should be like this.
192.168.1.1 domain35
192.168.1.2 domain50
192.168.1.3 domain 55


//Anders Andersson

Comment on How can I get which Windows domain an IP belongs to?
Ask the Dark Gods
by dragonchild (Archbishop) on Oct 13, 2003 at 20:24 UTC
    You might have to consult the Dark Gods to get this answer. I don't know if Perl-fu is strong enough for this. (Though, of course, the White Knight will disagree with me.)

    In addition, this might require a stronger sacrifice than just a chicken. You might have to sacrifice a whole goat for this one. Though, personally, I'd start with a white dove and increase the sacrifice as needed.

    In case you don't remember the sacrificial hierarchy, it's:

    1. mice
    2. rats
    3. white doves
    4. cats
    5. black doves
    6. non-purple dogs
    7. non-red chickens
    8. purple dogs
    9. red chickens
    10. sheep
    11. white goats
    12. small children with birthmarks
    13. black goats
    14. small children without birthmarks

    (This response is meant completely in humor. I have no idea what nbstat does, let alone how to get Perl to play with it. The opportunity was too good not to take.)

    ------
    We are the carpenters and bricklayers of the Information Age.

    The idea is a little like C++ templates, except not quite so brain-meltingly complicated. -- TheDamian, Exegesis 6

    ... strings and arrays will suffice. As they are easily available as native data types in any sane language, ... - blokhead, speaking on evolutionary algorithms

    Please remember that I'm crufty and crochety. All opinions are purely mine and all code is untested, unless otherwise specified.

      I'm sorry but #12 is incorrect. You can't sacrifice small children with birthmarks because birthmarks count as a blemish and all sacrfices must be without blemish.

        I must most respectfully and humbly offer up my insignificant disagreement. It is apparent to all brethren that small children without blemish are the best form of sacrifice, reserved only for those greatest of supplications. However, small children are small children. As such, they are a useful sacrifice for such smaller requests as the painless smiting of an unworthy opponent, a minor hailstorm in Nebraska during the winter, etc. Let us not be blinded by those ultimate beseechments into forgetting the working-man's demands.

        ------
        We are the carpenters and bricklayers of the Information Age.

        The idea is a little like C++ templates, except not quite so brain-meltingly complicated. -- TheDamian, Exegesis 6

        ... strings and arrays will suffice. As they are easily available as native data types in any sane language, ... - blokhead, speaking on evolutionary algorithms

        Please remember that I'm crufty and crochety. All opinions are purely mine and all code is untested, unless otherwise specified.

      While I do mostly agree with Brother Dragonchild, he is in error in one important area. Black goats are reserved EXCLUSIVELY for placating the SCSI gods. Also the use of chickens for anything other than troubleshooting WANs is deprecated.
Re: How can I get which Windows domain an IP belongs to?
by BUU (Prior) on Oct 13, 2003 at 21:24 UTC
    Just off the top of my head and having no idea how to get the windowdomain out of the output of nbtstat, what about:
    use strict; open IP,"<IP.txt" or die "Couldn't open IP.txt, $!"; while(<IP>) { chomp; # does the while form of <> autochomp? I don't remember =[ my $out = `nbtstat -A $_`; if($out=~/WORKGROUP\s+<(\d+)>/) { my $domain = $1; #do something } }
    My version of nbtstat, when run on myself, gave me this output:
    C:\LiteStep>nbtstat -A 192.168.1.2 Local Area Connection: Node IpAddress: [192.168.1.2] Scope Id: [] NetBIOS Remote Machine Name Table Name Type Status --------------------------------------------- H4X0R-B0X <00> UNIQUE Registered WORKGROUP <00> GROUP Registered H4X0R-B0X <20> UNIQUE Registered MAC Address = 00-02-E3-14-A4-C5
    I have no real idea what those numbers in the pointy brackets are, but I decided to capture them in my regex anyways. My version above just searches through the entire output for anything that matches the regex /WORKGROUP\s+<(\d+)>/ and then sets the $domain variable. However you could also easily do something like for(split/\n/,$out){ #operate on each line }.

      i did try

      int old_step; { chomp; # = zelda is /underattack (by the evil forces) of ///ghetto +array/// switch (who-1) { <your face> } old_step = prev_step20; ///BLOCK_ON_THIS/// tracert <IP> # = die/ am going to ///gamelon/// to aid myself (fail_2.wav) return_value = BLOCK_ON_THIS;

      it's been know to work normally, but i got the following error

      +++ Out of cheese error! +++ +++ MELON MELON MELON +++ +++ please redo from start +++ +++ Please reboot universe and try again +++

      see if it does anything for you. NOTE: For the majority of this, I had no idea what i was talking about

Re: How can I get which Windows domain an IP belongs to?
by olivierp (Hermit) on Oct 13, 2003 at 21:34 UTC

    Maybe this can help.

    Or, as previously suggested, capture the output of nbtstat and keep only the <00> GROUP entry.


    --
    Olivier
Re: How can I get which Windows domain an IP belongs to?
by idsfa (Vicar) on Oct 13, 2003 at 21:36 UTC

    The easy way. (untested)

    use Net::NBName; my $nb = Net::NBName->new; while(my $addr=<>) { chomp $addr; my $ns = $nb->node_status($addr); if ($ns) { ($dom) = grep {$_->suffix == '\0' && $_->G eq "GROUP"} $ns->names(); print "$addr ".$dom->name()."$/"; } }

    The hard way (without CPAN). (tested)

    while(my $addr=<>) { my $domain = "(undetermined)"; chomp $addr; open(NMB,"nbtstat -A $addr |"); while(<NMB>) { ($domain) = m/(\w+)/ if (/GROUP/ && /<1E>/); } close NMB; print "$addr $domain$/"; }

    Remember, when you stare long into the abyss, you could have been home eating ice cream.
Re: How can I get which Windows domain an IP belongs to?
by BrowserUk (Pope) on Oct 13, 2003 at 22:18 UTC

    Take a look at Net::NBMame. This is an example directly from the pod.

    use Net::NBName; my $nb = Net::NBName->new; my $host = shift; if (defined($host) && $host =~ /\d+\.\d+\.\d+\.\d+/) { my $ns = $nb->node_status($host); if ($ns) { print $ns->as_string; } else { print "no response\n"; } } else { die "expected: <host>\n"; }

    It claims

    This example emulates the windows nbtstat -A command. By specifying the ip address of the remote host, you can check its NetBIOS Name Table. "nodestat.pl 192.168.0.10"

    Examine what is said, not who speaks.
    "Efficiency is intelligent laziness." -David Dunham
    "Think for yourself!" - Abigail
    Hooray!

Re: How can I get which Windows domain an IP belongs to?
by inman (Curate) on Oct 14, 2003 at 13:04 UTC
    I tried a variant of both the run nbtstat.exe and use Net::NBName methods but I used the regex /(\S+)\s*?&lt;00&gt;\s*?GROUP/i to capture the domain as $1. Appeared to do the trick.

    This page looked like a useful reference for the various entries in the table.

    inman

Re: How can I get which Windows domain an IP belongs to?
by NetWallah (Abbot) on Oct 14, 2003 at 16:10 UTC
    Using "nbtstat" and its module equivalents can be slow, and provide incomplete information, because you need rights on the target machine. In your situation with multiple Windows domains, this may not be possible.

    Assuming you have a Wins server in the environment, you can read it's entire database into memory, and match your IP's against it. The Win2K resource kit provides tools to dump database contents to STDOUT. In the old NT4 , I believe the name is "winsdump". In Win2k, (If you have a Win2k WINS server) you can use "netsh". Of course, you need admin rights on the wins server, which is a lot easier than a single account with admin rights over various domains.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://298941]
Approved by TStanley
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chanting in the Monastery: (11)
As of 2014-12-28 23:08 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (183 votes), past polls