- Method 1
If you have NT's Resource Kit, it includes getmac.exe which will query NT boxes for this information. I don't know if getmac works when querying Win9x. If you enter getmac without parameters, it looks at the local nics. For example:
C:\>getmac Transport Address Transport Name ----------------- -------------- 00-50-DA-BD-0F-BC \Device\NwlnkNb 00-50-DA-BD-0F-BC \Device\Nbf_El90x1 00-50-DA-BD-0F-BC \Device\NetBT_El90x1The obvious limitation is that its a Microsoft-centric utility. Will it successfully query nics used by linux or other OSs? No. To see available commandline options, type getmac /? which will display:
Displays Network Transports and Address Information GETMAC [\\computername] or [computername.domain.com]
You can use the following batch files as starting points for grabbing mac addresses from NT boxes.
date /t > allmacs.txt time /t >> allmacs.txt net view | find "\\" > maclist.txt for /f %%a in ('type maclist.txt') do call getmacadr %%aA little explanation:
date /t > allmacs.txt create file allmacs.txt and write current date to file
time /t >> allmacs.txt add line with current time to file allmacs.txt
net view | find "\\" > maclist.txt get lists of domain members the PC is a member of and write results to file maclist.txt
for /f %%a in ('type maclist.txt') do call getmacadr %%a reads maclist.txt and sends each line(hostname) to be processed by batch file getmacadr sending it hostname as parm %%a
getmacadr.bat is a oneline batch file:
getmac %1 >> allmacs.txt
which calls the reskit utility getmac with parm of hostfrom_maclist.txt and writes the results out to allmacs.txt.
This is fairly primitive DOS style scripting resulting is an unprocessed raw listing. Its a starting point. If you need to move the information into access or sql, consider using a powerful scripting language like perl. Additional comments:
net view takes the /domain: parm, so getmaclist.bat can be extended to get list of active hosts in a domain as in:
net view /domain:workgroup | find "\\" > maclist.txt net view /domain:your_acct_domain | find "\\" >> maclist.txt net view /domain:resourcedom1 | find "\\" >> maclist.txt et cetera
- Method 2
ping broadcast mask
The Windows NT FAQ site documents a way to use this approach which gets around the limited functionality of NT's ping. Search their site using keyword arp to find the specific article. Arp has the advantage that it works if the nic has ip loaded.
- Method 3
nbtstat -a machinename
nbtstat -A ipadress nbtstat is a Microsoft targeted utility working against NT, W2K, and Win9x hosts. If your site uses, DHCP:
- Method 4
dhcpcmd <DHCP server> enumclients <sub-net address> -h dhcpcmd is a Windows NT Resource Kit utility. -h specifies detailed hardware info (i.e. MAC address)
- Method 5
Probably the best method is to pull the mac data from your routers using an snmp utility or from a network sniffer (assuming the sniffer is on a backbone segment where it can sniff packets from most devices).
If your issue is to control the MAC address of your own NT workstation:
For most NICs, navigate to:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\<NICDriver<X>>\NetworkAddress where <NICDriver<X>> is the name of the driver for your NIC plus a number (usually 1). From there you would set the value of NetworkAddress to whatever you want your MAC address to be. Deleting the key or setting the value to an empty string will cause the MAC address to default to the Hardware address.
For Compaq network adapters:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Class\Net\000<x>\ NetworkAddress where <x> is the number of the network adapter.
For Windows 2000, Microsoft used a variant of Compaq's approach:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Class\<One Big number>\<One Little Number>\NetworkAddress where <One Big number> is some kind of driver ID and <One Little Number> is the NIC's sequential number within the system.