Thanks for the info!
I actually figured that out last night and was going to post here about my discovery and what it can be used for.
There doesn't seem to be a specific event for each network location (home/work/public), however as you mentioned, there is an event for "connect to new network" (10000) and "disconnect from network" (10001). Thankfully, the task scheduler has an option for "only run task if this network is available" and has a list of networks you're configured to connect to automatically. Here's what I was attempting (and succeeded) to do:
With windows 7 you have the option to change how restrictive UAC should be. It can essentially either ask you for any system changes or installers, or it can be various levels of less-restrictiveness. There is also a group policy setting to require administrators to enter credentials on a UAC prompt even if they would normally just click "Yes" or "No". Obviously, it's more secure to require a password even for administrators, so that if your laptop is in an environment where someone could potentially access it and make changes, they would need your password. Of course, locking the computer is always better, but sometimes if you're running a powerpoint and someone might sneak in, or if you're letting a friend hop on to check their email, etc, then it could be useful. On the other hand, authenticating for every little system modification is annoying.
Here's my solution. I determined the registry key which controls the UAC action.
The value for Prompt with Credentials is 00000001. The value for the 2nd highest UAC level (Default - notify me only when programs try to make changes to my computer. Don't notify me when I make changes to Windows settings.) is 00000005. I created 2 registry files - prompt_credentials.reg and prompt_consent.reg, containing the respective registry entries for the 2 options. I then set a scheduled task to run on the event 10001 as mentioned above - so any time the computer is removed from a network, and this task merges the registry file to require credentials. I then set a second task to run on the event ID 10000, which is connect to a network. However, under the "conditions" tab, I set it to only run when connected to my home network.
The result is that when I connect to my home network, UAC is set to a non-annoying mode, but when my computer is not on a network or is on a foreign network, it makes it more secure. (As there's no way to know where it is when it's offline, I have it do that automatically... you can manually set UAC to be non-annoying if you're just using it without the network but aren't somewhere it could get compromised, or just have it retain its previous settings and only detect new networks. This could be implemented several ways depending on your preferences.)
So far it seems to be working well - I don't get bothered with things at home, which is where I do most of the things that could trigger UAC, and when I'm at school, it conveniently keeps people from messing stuff up. Anyone else think they might find this handy?