Solved

How can i use an app that changes IP or grant a user rights to change their IP when the user has no admin rights?

Posted on 2008-06-20
12
202 Views
Last Modified: 2010-04-02
Hi there
I'm currently looking for a way to give users the capability to change their IP address when their PC is locked down and the user has no administration rights. I either want an application they can use that can change their IP to what ever they specify it as or some how grant them rights to change their IP in network connection properties. Does anyone have suggestions of the best way to do this? I've tried some methods but neither of these work in lock down..
Your help would be much appreciated.
Many thanks
Adam
0
Comment
Question by:AD_83
  • 5
  • 5
  • 2
12 Comments
 
LVL 14

Expert Comment

by:agriesser
ID: 21832502
Does this app need to have a GUI where the user can enter the desired IP address or is a configuration file or the like good enough?
0
 
LVL 83

Expert Comment

by:oBdA
ID: 21833436
You need to add the user(s) in question to the local group "Network Configuration Operators" on the machine in question; this will give them the permissions to change the IP address.
The command
rundll32 shell32.dll,Control_RunDLL ncpa.cpl
will open the network properties.
0
 

Author Comment

by:AD_83
ID: 21833900
agriesser - It's not essential that its a GUI but i think it'd make things easier for the user. But a config file like you mention may be good because it doesnt breech any licensing laws. Also, it needs to be fairly flexible because they may need change it to certain static IPs. Can you explain a further about the configuration file you mention?

oBdA - Would the "Network Configuration Operators" group and command 'rundll32 shell32.dll,Control_RunDLL ncpa.cpl' Work in a locked down machine? I tried adding the user to Network Configuration Operators group within Active Directory and this unfortunately didn't work.
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 83

Expert Comment

by:oBdA
ID: 21833931
That depends on what exactly is locked down; I can't tell what you did to your clients ...
And as I said: he users need to be added to the *local* "Network Configuration Operators" group on "their" machines.
0
 

Author Comment

by:AD_83
ID: 21834002
The earliest i can try adding a user to the "Network Configuration Operators" group is Monday. I'll let you know how i get on.
Thanks oBdA
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21865181
Did adding the user to this local group work?
0
 

Author Comment

by:AD_83
ID: 21875312
Hi Agriesser

Unfortunatly no this doesnt work when the PC is in lockdown. The Properties of Local Area Connection is not available to the user,
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21875627
You need to do this as administrator.
No matter what solution you gonna choose: You need to prepare this system prior to letting users change the IP address.

And now I think this is your real question. You have a computer where you don't have administrative access and need to chamge the IP address, is that right?
0
 

Author Comment

by:AD_83
ID: 21876243
i am a domain administrator.

I logged in as local admin, added the user in the network configuration operators group as suggested then logged in as the user but unfortunatly the lock down policy over rights this access. If i remove the PC out of the lockdown OU and then login as the user it works but the PC needs to remain in lockdown.  
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21876436
I assume that there's a GPO attached to the lockdown OU, right?
If so, you need to create a new OU and apply a different policy object to it which puts the desired users in the local group as mentioned above.

Local changes will always get overwritten by the domain policy.
0
 
LVL 14

Accepted Solution

by:
agriesser earned 250 total points
ID: 21876467
0
 

Author Comment

by:AD_83
ID: 21883093
That makes sense agrisser. To get another OU created with a new GPO allowing the Network Config group is going to be a long process here. It requires a number of different processing, approvers etc quite annoying really. I'm going to put this forward but as i said its long process so dont expect a update reagrding this for a while.
The idea you suggested makes sense and the most logical solution.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: rfc1180
The Maximum Segment size (MSS) is an important consideration when troubleshooting connectivity via the Internet/Intranet. As the packets are routed via the Internet/Intranet, the packets must traverse through multiple routers in the path between two…
The password reset disk is often mentioned as the best solution to deal with the lost Windows password problem. In Windows 2008, 7, Vista and XP, a password reset disk can be easily created. But besides Windows 7/Vista/XP, Windows Server 2008 and ot…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question