RE: prevent DHCP server giving out leases to non-domain machines?



There are DHCP products that require authentication prior to giving out
a DHCP address and these can be linked to AD. This can be setup to
require a user to authenticate before the first IP address is handed
out. During the renewals you might be able to use the Machine
authentication to renew an IP address.

Dennis

-----Original Message-----
From: Murad Talukdar [mailto:talukdar_m@xxxxxxxxxx]
Sent: Tuesday, December 20, 2005 9:00 PM
To: focus-ms@xxxxxxxxxxxxxxxxx
Subject: prevent DHCP server giving out leases to non-domain machines?

Hi,
Is there a way to stop a W2003 DHCP server from giving out leases for
IP's
if a machine does not belong to the domain?
Or is this a fruitless question that someone simply needs to point out
something very simple to me.

A machine can't join the domain if it doesn't have an IP first(chicken
and
egg type thing) I can see that but obviously I'm missing something
here-perhaps it's a question of layers-the domain is working at a
'higher'
layer?
Kind Regards
Murad Talukdar






------------------------------------------------------------------------
---
------------------------------------------------------------------------
---


---------------------------------------------------------------------------
---------------------------------------------------------------------------



Relevant Pages

  • Re: Blocking Access to web-based email
    ... > authentication page, authenticate, and then get full HTTP access without ... >> PCs on the network, ... you setup DHCP with reservations for their MAC and their IP is ... > But you don't want the NAT device assigning the IP, ...
    (comp.security.firewalls)
  • Re: IAS & DHCP
    ... This is not supported by IAS. ... IAS is an authentication piece of the puzzle, ... In the future IAS and DHCP will be integrated more together and this will ... This is part of the NAP (Network access protection) services in the future ...
    (microsoft.public.internet.radius)
  • Re: MPLS network - split into sites or have flat.
    ... 'sites', and that DNS, dhcp and authentication can be done over the WAN ... I also use an IT support company, and they tell me using WAN link for dns, ...
    (microsoft.public.windows.server.networking)
  • Re: security of IP address
    ... >grossly simplifying assumption that all of my legitimate DHCP clients ... >address presenting a given bit of authentication information, ... >perhaps choose an appropriate local network for that address, ...
    (comp.os.linux.networking)
  • Re: Question on Aironet 1400 with Visitor and Employee VLANs
    ... -ip helper-address to allow dhcp request ... -username guest password blabla encrypted privilege 2 ... So when the guests connects to the AP, they gets an IP from the DHCP. ... Once authentication is done they have full access. ...
    (comp.dcom.sys.cisco)