If you have ever browsed through Windows Vista’s Network Center, you have undoubtedly noticed the wide assortment of new features that are new to this Windows version. Back during the Windows Vista beta program, one of the network related features that really caught my attention was the network map feature. Sadly, Microsoft chose to disable this feature in the final Vista release. In this article, I will show you how you can re-enable network mapping in Windows Vista.
Windows Vista’s network map uses the Link Layer Topology Discovery (LLTD) protocol to determine the network’s topology. The cool thing about it is that this is the same discovery topology used by XBOX 360. Microsoft automatically enables network mapping on home (private) networks, so if you happen to have an XBOX 360 on your home network, it should show up on the network map. Unfortunately, mapping is disabled on domain networks and public networks by default.
To access the network map, open the Control Panel and click the Network and Internet link, followed by the Network and Sharing Center link. When the Network and Sharing Center opens, Windows will display a partial network map, as shown in Figure A.
Figure A: The Network and Sharing Center contains a partial network map
If you look at the above figure, you will notice that the upper, left corner of the window contains a link that you can use to view the full network map. If you click this link, you will see a message telling you that network mapping is disabled by default on domain networks, as shown in Figure B. The message goes on to tell you that your network administrator can use group policy to enable mapping. The ironic thing about this message is that you will receive this message even if you are logged in as an administrator.
Figure B: When you attempt to view the network map, Windows informs you that network mapping is disabled by default on domain networks
The problem with having network mapping disabled at the group policy level is that the group policy settings used to enable or disable network mapping simply do not exist in Windows Server 2003. This means that you will not be able to create a domain, site, or OU level policy that addresses network mapping until you have domain controllers in place that are running Windows Server 2008. For now the only way to enable network mapping is to modify the workstation’s local security policy.
To modify the local security policy, you must perform the steps that I am about to show you using administrative credentials. With that said, begin the process by opening a Command Prompt window. You can find the Command Prompt option on the Start menu under All Programs | Accessories.
When the Command Prompt window opens, enter the MMC command. Upon doing so, Windows will open an empty Microsoft Management Console. Select the Add / Remove Snap-In command from the console’s File menu. You should now see a list of all of the available snap-ins. Select the Group Policy Object Editor option from the list of snap-ins and click the Add button. You will now see a prompt asking you which group policy object you want to edit. The Local Computer policy should be selected by default, as shown in Figure C. Verify that this is the case, and click Finish, followed by OK.
Figure C: You must edit the Local Computer policy
At this point, the Local Computer Policy should be loaded into the Group Policy Object Editor console. Now, navigate through the console tree to Local Computer Policy | Computer Configuration | Administrative Templates | Network | Link Layer Topology Discovery. As you can see in Figure D, there are two group policy settings that fall within the Link Layer Topology Discovery section.
Figure D: There are two group policy settings that fall within the Link Layer Topology Discovery section
The first group policy setting that is available to you is the Turn on Mapper I/O (LLTDIO) Driver setting. As I mentioned earlier, network mapping works by using the Link Layer Topology Discovery protocol, which is exactly what this group policy setting controls. If you right click on this setting and choose the Properties command shown in the resulting shortcut menu, you will see the properties sheet that is shown in Figure E.
Figure E: To enable network mapping, you must enable the Turn On Mapper I/O (LLTDIO) Driver setting
To enable network mapping, you must enable the Turn On Mapper I/O (LLTDIO) Driver setting. As you can see in the figure though, simply enabling this setting does not enable mapping. You must use the screen’s check boxes to determine in which situations you want to allow operation. By default, network mapping is enabled on private networks (home networks), so the screen contains an option to prohibit operation while on a private network, not to allow operation on a private network.
The other two options allow the mapper to operate in a domain environment and on a public network respectively. Go ahead and select the Allow Operation While in Domain check box, but you probably do not want to allow operations while in a public network for security reasons.
Technically speaking, enabling the Mapper I/O (LLTDIO) Driver is sufficient for enabling network mapping. As you will recall though, there is another group policy setting available to you. The Mapper I/O (LLTDIO) Driver allows you to map your network, but the Responder (RSPNDR) Driver (which is controlled by the second group policy setting) allows you to actually extract information from devices on your network. Some of the device details that you will be able to extract include the device’s manufacturer and model number.
The responder has two basic purposes. First, it allows you to right click on a device shown on the network map and get extra information about the device. This makes the network map useful for inventory purposes. The responder’s second purpose is to assist you in diagnosing network problems. Right now not every network device is responder aware, but eventually responder use will become more widespread.
To enable the responder, right click on the Turn on Responder (RSPNDR) Driver setting and choose the Properties command from the resulting shortcut menu. When you do, you will see a screen that is very similar to the one that is shown in Figure E. Again, you should enable operation while in a domain, but avoid allowing operation while in a public network.
If you go back to the Network and Sharing Center and click the View Full Map option, you will see a network map similar to the one that is shown in Figure F. The first thing that you will probably notice about the figure is that only two PCs actually appear on the network map. The reason is because these two machines are the only ones running Vista. The other machines are running Windows XP or Windows Server 2003, which do not provide the necessary topology information.
Figure F: We have enabled the network map
If you hover over the devices shown on the network map, Vista displays some basic information about the device. The information varies depending on the device’s type and capabilities. For example, if I hover over the switch, Windows simply gives me the opportunity to assign a name to the switch. If I hover over my gateway though, Windows provides information such as the gateway’s IP address and MAC address. Right clicking on the gateway and selecting the Properties command from the shortcut yields more information. I have blurred some of this information in Figure G for security reasons, but you should still be able to get an idea of the types of information that Vista provides thanks to the responder.
Figure G - Vista provides information about individual devices
Windows Vista’s network map uses the Link Layer Topology Discovery (LLTD) protocol to determine the network’s topology. The cool thing about it is that this is the same discovery topology used by XBOX 360. Microsoft automatically enables network mapping on home (private) networks, so if you happen to have an XBOX 360 on your home network, it should show up on the network map. Unfortunately, mapping is disabled on domain networks and public networks by default.
To access the network map, open the Control Panel and click the Network and Internet link, followed by the Network and Sharing Center link. When the Network and Sharing Center opens, Windows will display a partial network map, as shown in Figure A.
Figure A: The Network and Sharing Center contains a partial network map
If you look at the above figure, you will notice that the upper, left corner of the window contains a link that you can use to view the full network map. If you click this link, you will see a message telling you that network mapping is disabled by default on domain networks, as shown in Figure B. The message goes on to tell you that your network administrator can use group policy to enable mapping. The ironic thing about this message is that you will receive this message even if you are logged in as an administrator.
Figure B: When you attempt to view the network map, Windows informs you that network mapping is disabled by default on domain networks
The problem with having network mapping disabled at the group policy level is that the group policy settings used to enable or disable network mapping simply do not exist in Windows Server 2003. This means that you will not be able to create a domain, site, or OU level policy that addresses network mapping until you have domain controllers in place that are running Windows Server 2008. For now the only way to enable network mapping is to modify the workstation’s local security policy.
To modify the local security policy, you must perform the steps that I am about to show you using administrative credentials. With that said, begin the process by opening a Command Prompt window. You can find the Command Prompt option on the Start menu under All Programs | Accessories.
When the Command Prompt window opens, enter the MMC command. Upon doing so, Windows will open an empty Microsoft Management Console. Select the Add / Remove Snap-In command from the console’s File menu. You should now see a list of all of the available snap-ins. Select the Group Policy Object Editor option from the list of snap-ins and click the Add button. You will now see a prompt asking you which group policy object you want to edit. The Local Computer policy should be selected by default, as shown in Figure C. Verify that this is the case, and click Finish, followed by OK.
Figure C: You must edit the Local Computer policy
At this point, the Local Computer Policy should be loaded into the Group Policy Object Editor console. Now, navigate through the console tree to Local Computer Policy | Computer Configuration | Administrative Templates | Network | Link Layer Topology Discovery. As you can see in Figure D, there are two group policy settings that fall within the Link Layer Topology Discovery section.
Figure D: There are two group policy settings that fall within the Link Layer Topology Discovery section
The first group policy setting that is available to you is the Turn on Mapper I/O (LLTDIO) Driver setting. As I mentioned earlier, network mapping works by using the Link Layer Topology Discovery protocol, which is exactly what this group policy setting controls. If you right click on this setting and choose the Properties command shown in the resulting shortcut menu, you will see the properties sheet that is shown in Figure E.
Figure E: To enable network mapping, you must enable the Turn On Mapper I/O (LLTDIO) Driver setting
To enable network mapping, you must enable the Turn On Mapper I/O (LLTDIO) Driver setting. As you can see in the figure though, simply enabling this setting does not enable mapping. You must use the screen’s check boxes to determine in which situations you want to allow operation. By default, network mapping is enabled on private networks (home networks), so the screen contains an option to prohibit operation while on a private network, not to allow operation on a private network.
The other two options allow the mapper to operate in a domain environment and on a public network respectively. Go ahead and select the Allow Operation While in Domain check box, but you probably do not want to allow operations while in a public network for security reasons.
Technically speaking, enabling the Mapper I/O (LLTDIO) Driver is sufficient for enabling network mapping. As you will recall though, there is another group policy setting available to you. The Mapper I/O (LLTDIO) Driver allows you to map your network, but the Responder (RSPNDR) Driver (which is controlled by the second group policy setting) allows you to actually extract information from devices on your network. Some of the device details that you will be able to extract include the device’s manufacturer and model number.
The responder has two basic purposes. First, it allows you to right click on a device shown on the network map and get extra information about the device. This makes the network map useful for inventory purposes. The responder’s second purpose is to assist you in diagnosing network problems. Right now not every network device is responder aware, but eventually responder use will become more widespread.
To enable the responder, right click on the Turn on Responder (RSPNDR) Driver setting and choose the Properties command from the resulting shortcut menu. When you do, you will see a screen that is very similar to the one that is shown in Figure E. Again, you should enable operation while in a domain, but avoid allowing operation while in a public network.
If you go back to the Network and Sharing Center and click the View Full Map option, you will see a network map similar to the one that is shown in Figure F. The first thing that you will probably notice about the figure is that only two PCs actually appear on the network map. The reason is because these two machines are the only ones running Vista. The other machines are running Windows XP or Windows Server 2003, which do not provide the necessary topology information.
Figure F: We have enabled the network map
If you hover over the devices shown on the network map, Vista displays some basic information about the device. The information varies depending on the device’s type and capabilities. For example, if I hover over the switch, Windows simply gives me the opportunity to assign a name to the switch. If I hover over my gateway though, Windows provides information such as the gateway’s IP address and MAC address. Right clicking on the gateway and selecting the Properties command from the shortcut yields more information. I have blurred some of this information in Figure G for security reasons, but you should still be able to get an idea of the types of information that Vista provides thanks to the responder.
Figure G - Vista provides information about individual devices