Link to home
Create AccountLog in
Avatar of tata_soft
tata_soft

asked on

DHCP scope and disable manually configuration

hello,
please i've ISA server and 100 pc behind ISA the users in my network all time change the ip address and this make conflict in the network ip's so i'm configured DHCP and maked scope for pc's by  mac address
i mean assigned stable ip address for the user pc by his mac address
but i've big proplem
the user can make manually configuration for the network card and put the ip's
please i want any solution prevent the users from making manuall configureation for network card ip's and accept only the DHCP.
ASKER CERTIFIED SOLUTION
Avatar of pseudocyber
pseudocyber

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
SOLUTION
Avatar of jjmartineziii
jjmartineziii
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Avatar of pseudocyber
pseudocyber

My point is as long as they allowed/able to change NIC manually, nothing you can do to prevent the potential of duplicate IP addresses.
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
emce, that would be impractical for a network of over 100 clients. at least that's my opinion
I agree. That would mean DHCP reservations for every workstation, which sort of defeats the purpose of using DHCP in the first place.

I think Ian's got the best approach. Prevent them from mucking with the IP settings through Group Policy. The only thing is, I'm not sure where to find that in GP. I just looked.
Hi,

The Group policy settings that effect network connections can be found under Userc Configuration/Administrative Templates/Network/Network Connections.

There are a whole bunch of things in there you can configure all to do with the network properties and stuff. Take a look and you should be able to work out what suits your environment best,

Cheers
Avatar of tata_soft

ASKER

hi all,
1st thx for replay
may be u don't know wht i mean exactly   the proplem if i maked DHCP server and maked my clients under this DHCP server
for example: if i actived the DHCP and maked reservation scope for client number 2 and assigned ip 10.0.0.2 and detect it by mac address
this user can write the ip address manulally in the network tcp/ip  and may be change the ip to 10.0.0.3
and take the ip of client number 3 if client number 2 shutdown his pc
how i can prevent the user from make this fault.
>>how i can prevent the user from make this fault.

As I said, the only way to do it is to prevent them from changing their NIC config either by policy or rights.

There is nothing you can do with network equipment or a DHCP server - except invest in a substantial 802.1x port authentication infrastructure.
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.