• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 209
  • Last Modified:

How can i use an app that changes IP or grant a user rights to change their IP when the user has no admin rights?

Hi there
I'm currently looking for a way to give users the capability to change their IP address when their PC is locked down and the user has no administration rights. I either want an application they can use that can change their IP to what ever they specify it as or some how grant them rights to change their IP in network connection properties. Does anyone have suggestions of the best way to do this? I've tried some methods but neither of these work in lock down..
Your help would be much appreciated.
Many thanks
Adam
0
AD_83
Asked:
AD_83
  • 5
  • 5
  • 2
1 Solution
 
agriesserCommented:
Does this app need to have a GUI where the user can enter the desired IP address or is a configuration file or the like good enough?
0
 
oBdACommented:
You need to add the user(s) in question to the local group "Network Configuration Operators" on the machine in question; this will give them the permissions to change the IP address.
The command
rundll32 shell32.dll,Control_RunDLL ncpa.cpl
will open the network properties.
0
 
AD_83Author Commented:
agriesser - It's not essential that its a GUI but i think it'd make things easier for the user. But a config file like you mention may be good because it doesnt breech any licensing laws. Also, it needs to be fairly flexible because they may need change it to certain static IPs. Can you explain a further about the configuration file you mention?

oBdA - Would the "Network Configuration Operators" group and command 'rundll32 shell32.dll,Control_RunDLL ncpa.cpl' Work in a locked down machine? I tried adding the user to Network Configuration Operators group within Active Directory and this unfortunately didn't work.
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
oBdACommented:
That depends on what exactly is locked down; I can't tell what you did to your clients ...
And as I said: he users need to be added to the *local* "Network Configuration Operators" group on "their" machines.
0
 
AD_83Author Commented:
The earliest i can try adding a user to the "Network Configuration Operators" group is Monday. I'll let you know how i get on.
Thanks oBdA
0
 
agriesserCommented:
Did adding the user to this local group work?
0
 
AD_83Author Commented:
Hi Agriesser

Unfortunatly no this doesnt work when the PC is in lockdown. The Properties of Local Area Connection is not available to the user,
0
 
agriesserCommented:
You need to do this as administrator.
No matter what solution you gonna choose: You need to prepare this system prior to letting users change the IP address.

And now I think this is your real question. You have a computer where you don't have administrative access and need to chamge the IP address, is that right?
0
 
AD_83Author Commented:
i am a domain administrator.

I logged in as local admin, added the user in the network configuration operators group as suggested then logged in as the user but unfortunatly the lock down policy over rights this access. If i remove the PC out of the lockdown OU and then login as the user it works but the PC needs to remain in lockdown.  
0
 
agriesserCommented:
I assume that there's a GPO attached to the lockdown OU, right?
If so, you need to create a new OU and apply a different policy object to it which puts the desired users in the local group as mentioned above.

Local changes will always get overwritten by the domain policy.
0
 
AD_83Author Commented:
That makes sense agrisser. To get another OU created with a new GPO allowing the Network Config group is going to be a long process here. It requires a number of different processing, approvers etc quite annoying really. I'm going to put this forward but as i said its long process so dont expect a update reagrding this for a while.
The idea you suggested makes sense and the most logical solution.
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

  • 5
  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now