Disabling NICs Programmatically and Remotely
This procedure makes use of a new utility, DevCon.exe, an “alternative to Device Manager” which , Microsoft released in November, 2001. Information about DevCon can be found at:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q311272 and
http://download.microsoft.com/download/win2000ddk/Util/1.0/NT5XP/EN-US/DevCon.exe.
Using DevCon
1. The first step in using the tool is to find the ID of the type device you want to manage:
devcon -m:\\myComputer find pci*
This returns a list:
PCI\VEN_1002&DEV_4749&SUBSYS_00000000&REV_5C\3&13C0B0C5&0&20: ATI Technologies Inc. 3D RAGE PRO PCI
PCI\VEN_1011&DEV_0046&SUBSYS_13649005&REV_01\3&29E81982&0&18: Dell PERC 2 RAID Controller
PCI\VEN_8086&DEV_1229&SUBSYS_000C8086&REV_08\3&13C0B0C5&0&50: Intel(R) PRO/100+ Management Adapter
PCI\VEN_8086&DEV_1229&SUBSYS_100C8086&REV_08\3&13C0B0C5&0&30: Intel(R) PRO/100+ Server Adapter (PILA8470B)
PCI\VEN_8086&DEV_1229&SUBSYS_100C8086&REV_08\3&13C0B0C5&0&40: Intel(R) PRO/100+ Server Adapter (PILA8470B) #2
PCI\VEN_8086&DEV_7110&SUBSYS_00000000&REV_02\3&13C0B0C5&0&10: Intel 82371AB/EB PCI to ISA bridge (ISA mode)
PCI\VEN_8086&DEV_7111&SUBSYS_00000000&REV_01\3&13C0B0C5&0&11: Intel(r) 82371AB/EB PCI Bus Master IDE Controller
PCI\VEN_8086&DEV_7112&SUBSYS_00000000&REV_01\3&13C0B0C5&0&12: Intel 82371AB/EB PCI to USB Universal Host Controller
PCI\VEN_8086&DEV_84CA&SUBSYS_00000000&REV_03\3&13C0B0C5&0&80: PCI standard host CPU bridge
PCI\VEN_8086&DEV_84CB&SUBSYS_00000000&REV_04\3&13C0B0C5&0&90: PCI standard host CPU bridge
PCI\VEN_8086&DEV_84CB&SUBSYS_00000000&REV_04\3&13C0B0C5&0&98: PCI standard host CPU bridge
PCI\VEN_8086&DEV_84CB&SUBSYS_00000000&REV_04\3&13C0B0C5&0&A0: PCI standard host CPU bridge
PCI\VEN_9004&DEV_6078&SUBSYS_78609004&REV_03\3&1070020&0&40 : Adaptec AIC-786X PCI SCSI Controller
PCI\VEN_9005&DEV_001F&SUBSYS_007F1028&REV_00\3&1070020&0&20 : Adaptec AHA-2940U2/U2W PCI SCSI Controller
PCI\VEN_9005&DEV_001F&SUBSYS_007F1028&REV_00\3&1070020&0&30 : Adaptec AHA-2940U2/U2W PCI SCSI Controller
15 matching device(s) found on \\myComputer .
2. The next step is to isolate the particular device you are interested in. (There are 15 pci devices and three network adapters on WMCWEB02.) This step took me a while to figure out. The correct ID for the lab nic in WMCWEB02 is the string listed above in orange, but the trick is that you have to use “escape” characters in order to handle the ampersands.
The full command to disable the lab nic on WMCWEB02 is:
devcon disable =net @PCI\VEN_8086^&DEV_1229^&SUBSYS_000C8086^&REV_08\3^&13C0B0C5^&0^&50
Hint:
It’s a good idea to use the “restart” command, rather than “disable” until you find the device you want to manage.
3. Remote Execution
Remote execution of DevCon is possible by using the AT command (or “soon.exe”).
e.g.:
Listing 1 NICON.CMD (on the local, controller machine)
net time \\wmcweb02 /set /y
soon \\wmcweb02 60 /interactive cmd /c c:\bats\disablenic.cmd
Listing 2 DISABLENIC.CMD (on the remote machine)
devcon disable =net @PCI\VEN_8086^&DEV_1229^&SUBSYS_000C8086^&REV_08\3^&13C0B0C5^&0^&50
Due to a bug in the soon.exe program, 60 seconds is the quickest a command can be scheduled to execute on the remote machine.
Additionally, Scott’s program, Igor, might be used to remotely execute DevCon.
Notes:
a) Running under the same administrator accounts in the same workgroup with no connection to a domain – or –
b) Both running in the same domain, with an identical user account in the administrator’s group.
The AT command will not work if the computers are on the same domain, but running under the same local administrator account. This is because the local account does not have access to the domain directory, only it’s own, local credentials. If the machines are taken out of domain and put in a workgroup, they will then no longer attempt to use domain credentials to authenticate the AT command. They will use workgroup credentials.
In the future Remote Execution should be possible by passing a command through a remote desktop connection in Windows XP.