Solved

how to change the remote computer gateway in local network

Posted on 2006-11-21
7
284 Views
Last Modified: 2012-06-27
Hi,

we are using the multiple internet connection in my office, some user change the default gateway using the restrcit website in office hours.

i required to change the local users system defalult gateway  from my system using regedit (connect network ragistry) or command line tool.

Regards,
Naresh
0
Comment
Question by:nareshver
7 Comments
 
LVL 5

Accepted Solution

by:
darrenakin earned 500 total points
ID: 17993486
Are you running a DC? If you are implement a group policy
0
 

Author Comment

by:nareshver
ID: 17993524
yes i am using the windows 2003 Domain Controller in my local office, but don't know how to create the group policy to block the user to change the default gateway only.

Any command line tool to change the remote computer gateway.
Naresh
0
 
LVL 4

Expert Comment

by:Drizzt420
ID: 17993532
Are you in a domain based environment or peer-to-peer?

If you have a domain based environment, it would be pretty easy to use group policy to deny users the ability to change their network settings. Then configure DHCP to hand out the gateway address that you want the users to use, and assign it a metric of 1, then (assuming that you would want internet fault tolerance) have it hand out the address of the second gateway with a metric of 2.

In a peer-to-peer based network, you could got to start, run, type "mmc" press enter, then go to file, add remove snap in, click "add", and then choose "Local Group Policy" or "Group Policy Object" (not sure what it is named but it is close to one of those) Highlight the group policy snap-in and click "add", you will then be asked if you want to use the snap-in locally, or on another computer. Choose to run it for the computer in question by using the browse feature. I am not positive that you will be able to assign network info this way in Windows 2000, but I know you can prevent them from being able to change the settings in the future.

0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 

Author Comment

by:nareshver
ID: 17993723
Hi,

We are not using the DHCP in in our office.

I have enable the security "Prohibit TCP/IP advanced configuration" and restart the user system, but user still able to change the network setting.
note:- when i configure the user system with domain , I have given the administrator rights to every users.


Any command line tool to change the remote computer gateway.



Regards,
Naresh.
0
 
LVL 31

Expert Comment

by:Toni Uranjek
ID: 17993858
You can change IP configuration of client with netsh:

netsh int ip set address L static 192.168.3.18 255.255.255.0 192.168.3.254

L = Local Area Conection <-- name of your NIC in control panel
1st IP is IP number of client
2nd is subnet mask
3rd is default gateway

If you need to execute this command remotely, you can use psexec from sysinternal.com

0
 
LVL 4

Expert Comment

by:Drizzt420
ID: 17994163
Even if you made everyone a domain administrator in the network you can still lock them out of the network settings by using group policy

Try looking under User Configuration, Administrative Templates, Network, Network Connections - The previous location came from a Windows XP machine but I am pretty sure 2000 has the same if not similiar settings, if this is not the case, there are alot of places out there where you can download additional administrative templates that will add tons of more functionality to the GP console.

This setting should do what you want:

Determines whether users can change the properties of a LAN connection.

This setting determines whether the Properties menu item is enabled, and thus, whether the Local Area Connection Properties dialog box is available to users.

If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Properties menu items are disabled for all users, and users cannot open the Local Area Connection Properties dialog box.

Important: If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting will not apply to administrators on post-Windows 2000 computers.

If you disable this setting or do not configure it, a Properties menu item appears when users right-click the icon representing a LAN connection. Also, when users select the connection, Properties is enabled on the File menu.

Note: This setting takes precedence over settings that manipulate the availability of features inside the Local Area Connection Properties dialog box. If this setting is enabled, nothing within the properties dialog box for a LAN connection is available to users.

Note: Nonadministrators have the right to view the properties dialog box for a connection but not to make changes, regardless of this setting.

0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 17999917
This is one of the MANY, MANY, MANY reasons NOT to give users Administrator rights.  Doing so grants them the ability to change many settings.  And Group Policy will work - to an extent.  Users may still be able to log on locally and add a persistant route or change the network settings that way.

The simple solution is to take away the admin rights - I know this will work - I just did it at one of my clients and was unable to add a route using the route command.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cursor typing problems 5 46
How to NTBackup if SQL Server running? 6 903
Windows 2000 undelete (free program?) 6 432
Windows 2000 Server Pagefile.sys Error 7 652
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Adding Computers to AD groups through an SCCM Task Sequence
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question