RE: prevent DHCP server giving out leases to non-domain machines?


802.1x Port Base Network Access Control

http://www.ieee802.org/1/pages/802.1x.html
http://www.networkworld.com/research/2002/0506whatisit.html

They got the IP but can't go anywhere you didn't allow...


-----Message d'origine-----
De : Depp, Dennis M. [mailto:deppdm@xxxxxxxx]
Envoyé : 21 décembre 2005 09:45
À : Murad Talukdar; focus-ms@xxxxxxxxxxxxxxxxx
Objet : RE: prevent DHCP server giving out leases to non-domain machines?

There are DHCP products that require authentication prior to giving out a
DHCP address and these can be linked to AD. This can be setup to require a
user to authenticate before the first IP address is handed out. During the
renewals you might be able to use the Machine authentication to renew an IP
address.

Dennis

-----Original Message-----
From: Murad Talukdar [mailto:talukdar_m@xxxxxxxxxx]
Sent: Tuesday, December 20, 2005 9:00 PM
To: focus-ms@xxxxxxxxxxxxxxxxx
Subject: prevent DHCP server giving out leases to non-domain machines?

Hi,
Is there a way to stop a W2003 DHCP server from giving out leases for IP's
if a machine does not belong to the domain?
Or is this a fruitless question that someone simply needs to point out
something very simple to me.

A machine can't join the domain if it doesn't have an IP first(chicken and
egg type thing) I can see that but obviously I'm missing something
here-perhaps it's a question of layers-the domain is working at a 'higher'
layer?
Kind Regards
Murad Talukdar






------------------------------------------------------------------------
---
------------------------------------------------------------------------
---


---------------------------------------------------------------------------
---------------------------------------------------------------------------


---------------------------------------------------------------------------
---------------------------------------------------------------------------

Relevant Pages

  • RE: prevent DHCP server giving out leases to non-domain machines?
    ... prevent DHCP server giving out leases to non-domain machines? ... The second method would be to configure MAC ...
    (Focus-Microsoft)
  • Basic setup question..
    ... I currently have a win2000 DHCP server giving out IP addresses ... Can I keep this IP address range on my clients if I install ISA2004 on the ... Costs money to change them! ...
    (microsoft.public.isa.configuration)
  • Re: NS Record dynamically updates wrong?
    ... The main DC is a DNS and DHCP Server also. ... This is causing some authentication problems for an Exchange 2007 ... DNS from it or put the zone in a Replication partition that doesn't ...
    (microsoft.public.windows.server.dns)
  • Re: 802.1x authentication issue
    ... didn't see any errors indicating an authentication problem, ... I ended up switching the machine to a NON .1x port, ... violation on their switch ports. ... DHCP server, so apparently authentication is failing and the port is ...
    (microsoft.public.windows.server.networking)
  • Re: 802.1x authentication issue
    ... If the machine has an APIPA address it means it can't contact the DHCP ... authentication occurs before the switch opens the port ... Discover broadcast message can't reach the DHCP server for some other ...
    (microsoft.public.windows.server.networking)