Re: DHCP Restrictions
- From: "Al Dunbar" <AlanDrub@xxxxxxxxxxxxxxxxxxx>
- Date: Thu, 14 Jun 2007 22:51:39 -0600
"Matt Setters" <mattsetters@xxxxxxxxxxxxxxxx> wrote in message
Is it at all possible to get windows server 2003 to actively refuse a
machine that isnt connected to the DC
What do you mean by "connected to the DC"? We don't have any machines
connected to our DC, they are all connected to our LAN - as is the DC. If
you mean that you want to prevent computers connecting with wireless NICs,
you will have to replace any wireless components with wired equivalents.
Or perhaps, do you mean that you want only domain member computers to be
able to get DHCP addresses? I'm not sure how you would do that, as even the
domain members will need to acquire an IP address before they can be
recognized as domain members.
for example we have a sbs 2003 server
with dhcp so we have 8 computers on the domain and have usergate proxy
server installed also. the issue is what can be done with either the
existing os or 3rd party software to stop people plugging in a laptop that
registers with dhcp and allows them internet access. I must find a way to
sort this as i have so many non domain listed laptops within the DHCP list
that shouldnt be there so i guess what im getting at is, is there a way
DHCP to disallow either certain ip's or non domain computers?
DHCP couldn't disallow devices with certain IP addresses because its job is
to give out IP addresses to devices it differentiates by their mac
addresses. I would think that perhaps you need a firewall that can filter by
MAC address, refusing all but those devices that you have registered.