Get Computer Name on local intranet

Question

We have written a code that shows the computer's name and IP in an php page for our local intranet so our User Services can ask the end users their computer name. It currently runs only in IE and only when the file is on the local computer.

<script type="text/javascript" language="javascript">           
    var cpu = new ActiveXObject("WScript.Network");
    document.write("<h1 style=\"color:#ffc533\"> Your Computer's name is: " + cpu.ComputerName + "</h1>")
</script>
<h1>Your IP Address is: <?php print $_SERVER[REMOTE_ADDR] ?></h1>

When we test it on the computer both show but when we upload it to the server it displays only the IP Address. Working only in IE is not a problem, however, the local issue is. So my question is two fold. How can I get the computer name to display on the page or is there a better way to get it to work without having reverse DNS enabled?

It's likely an issue of IE trusting locally-served HTML documents to read the name of the computer, but not remote hosts. No other server should be able to ask your computer its name over the Internet; you'll probably have to change some settings on each client's browser to circumvent this. — user229044, Mar 19 '13 at 14:58
you have tried `gethostbyaddr($_SERVER['REMOTE_ADDR'])` in `PHP` ? — bitWorking, Mar 19 '13 at 15:02
Looks like a duplicate of http://stackoverflow.com/questions/922476/how-can-i-read-the-clients-machine-computer-name-from-the-browser — Graham Walters, Mar 19 '13 at 15:10
I think gethostbyaddr will work if your web server's DNS server has entries for the local IP's. Likely, your server doesn't have an in-house DNS server. — Motomotes, Mar 19 '13 at 15:14
Without setting up your own DNS server, you could just create a list of all computer IPs and computer names on your network, and write a custom php function to search that list. — Motomotes, Mar 19 '13 at 15:17
in our intranet `gethostbyaddr` works with Windows PC's because it uses NetBIOS name — bitWorking, Mar 19 '13 at 15:33
We do have a local DNS. (Stupid question alert) Does the php server have to be a windows machine as well? I have a local instance running but it still displays the IP address. To verify I have print gethostbyaddr($_SERVER['REMOTE_ADDR']) ?> in my php. — Peter Blomgren, Mar 19 '13 at 15:50
yes..sadly it have to be Windows machine. One thing that might be possible is to install `nbtscan` for linux [http://www.unixwiz.net/tools/nbtscan.html](http://www.unixwiz.net/tools/nbtscan.html) — bitWorking, Mar 19 '13 at 16:05
or look at [nmblookup](http://www.manpagez.com/man/1/nmblookup/) — bitWorking, Mar 19 '13 at 16:09
OK put it on a Windows server and now I don't have anything after the "Your Computer name is:" I have tried print gethostbyaddr($_SERVER['REMOTE_ADDR']) ?> and print gethostbyaddr($_SERVER[REMOTE_ADDR]) ?> but nothing shows. Any more suggestions? — Peter Blomgren, Mar 19 '13 at 16:14
what output do you get if you do `nbtstat -A THE_IP_ADDRESS` from cmd line on windows? — bitWorking, Mar 19 '13 at 16:26
If you have a windows server you also can use `COM` with `PHP`. [http://www.php.net/manual/en/book.com.php](http://www.php.net/manual/en/book.com.php) So you are not restricted to IE. — bitWorking, Mar 19 '13 at 16:42
NetBIOS Remote machine name table [Name] <20> Unique Registered [Domain] <00> Group Registered — Peter Blomgren, Mar 19 '13 at 17:52
let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/26554/discussion-between-peter-blomgren-and-redreggae) — Peter Blomgren, Mar 20 '13 at 14:31

Motomotes · Answer 1 · 2013-03-19T15:47:04.860

EDIT BEGIN

Original answer is below, I added this as an alternative to opening security wholes.

You could write your own ActiveX DLL and register it on each client computer. Have it implement a class that returns the computer name, or you could even just wrap WScript.Network. Then, implement the IObjectSafety Interface in your class and mark it as safe for scripting. The WScript object is unsafe because it can also modify files on the computer, but if you only wrap the single function to retrieve the computer name, then your control won't be able to modify any files.

To make it safe for scripting in your implementation for IObjectSafety have SetInterfaceSafetyOptions return S_OK for IID_IActiveScript, IID_IDispatch, and IID_IPersist. See the provided links for implementation details.

This is more work, but removes the hazard of showing users how to run unsafe controls with the below options.

EDIT END

On each client machine:

Open the Internet Explorer and select the Tools->Internet Options menu:

Select the Security Tab and press the Custom level button:

Ensure that under the ActiveX controls and plug-ins section the two settings Download unsigned ActiveX controls and Initialize and script ActiveX controls not marked as safe for scripting are set to Prompt:

Press OK on both dialog boxes to close them.

Also, to ensure the Scripting Runtime (WScript) is registered, go to the Start Menu and press Run, type “cmd” and press enter:

A command prompt should open:

Ensure the drive is drive C, type “C:”

Copy and paste “regsvr32 C:\windows\system32\scrrun.dll” and press enter. Ensure a message box appears saying DllRegisterServer succeeded:

Setup complete.

I'm torn here. As an answer, this is well-written, but it's a terrible, terrible, **terrible** idea, as it'll put users a single "Allow" away from having their machines exploited by malicious web pages. — , Mar 19 '13 at 15:23
Well, it's the only way the current code will work. And at least there is still that single "Allow". They should be informed to only click "Yes" for this site and "No" for all others. In the end, there's no cure for stupidity. — Motomotes, Mar 19 '13 at 15:28
I agree with duskwuff. Well written suggestion but it opens a can of worms. So I probably need another solution. I'm testing redreggae's solution on a local server (Once I get one set up) So he may have the answer I'm looking for. It looks promising. — Peter Blomgren, Mar 19 '13 at 15:34

Get Computer Name on local intranet

1 Answers1