RE: prevent DHCP server giving out leases to non-domain machines?



What are you really trying to do here?
Refusing a DHCP assigned address doesn't stop them from getting onto
your network with a static IP.
Should you be looking at 802.1x?

-----Original Message-----
From: Depp, Dennis M. [mailto:deppdm@xxxxxxxx]
Sent: Wednesday, December 21, 2005 8:45 AM
To: Murad Talukdar; focus-ms@xxxxxxxxxxxxxxxxx
Subject: RE: prevent DHCP server giving out leases to non-domain
machines?


There are DHCP products that require authentication prior to giving out
a DHCP address and these can be linked to AD. This can be setup to
require a user to authenticate before the first IP address is handed
out. During the renewals you might be able to use the Machine
authentication to renew an IP address.

Dennis

-----Original Message-----
From: Murad Talukdar [mailto:talukdar_m@xxxxxxxxxx]
Sent: Tuesday, December 20, 2005 9:00 PM
To: focus-ms@xxxxxxxxxxxxxxxxx
Subject: prevent DHCP server giving out leases to non-domain machines?

Hi,
Is there a way to stop a W2003 DHCP server from giving out leases for
IP's if a machine does not belong to the domain?
Or is this a fruitless question that someone simply needs to point out
something very simple to me.

A machine can't join the domain if it doesn't have an IP first(chicken
and egg type thing) I can see that but obviously I'm missing something
here-perhaps it's a question of layers-the domain is working at a
'higher' layer? Kind Regards Murad Talukdar






------------------------------------------------------------------------
---
------------------------------------------------------------------------
---


------------------------------------------------------------------------
---
------------------------------------------------------------------------
---


---------------------------------------------------------------------------
---------------------------------------------------------------------------



Relevant Pages

  • RE: prevent DHCP server giving out leases to non-domain machines?
    ... There are DHCP products that require authentication prior to giving out ... prevent DHCP server giving out leases to non-domain machines? ... Or is this a fruitless question that someone simply needs to point out ...
    (Focus-Microsoft)
  • Re: Blocking Access to web-based email
    ... > authentication page, authenticate, and then get full HTTP access without ... >> PCs on the network, ... you setup DHCP with reservations for their MAC and their IP is ... > But you don't want the NAT device assigning the IP, ...
    (comp.security.firewalls)
  • Re: unknown RAS leases in DHCP server
    ... who can rras server reserve leases in the dhcp server if i never ... You can delete the DHCP Entries if you want,..especially the questionable ...
    (microsoft.public.win2000.networking)
  • Re: DHCP request from nowhere
    ... Refreshing the view of active leases shows nothing; ... 31 = ascii 1 ... There is a RRAS server in the environment but IPs gathered by RAS show ... the client a DHCP address or relays its request to a DHCP server. ...
    (microsoft.public.windows.server.networking)
  • Re: IAS & DHCP
    ... This is not supported by IAS. ... IAS is an authentication piece of the puzzle, ... In the future IAS and DHCP will be integrated more together and this will ... This is part of the NAP (Network access protection) services in the future ...
    (microsoft.public.internet.radius)