Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How do I use Group Policy to block VMWare NAT service on my domain desktops?

Posted on 2008-10-07
4
Medium Priority
?
741 Views
Last Modified: 2010-04-21
My switches are capable of blocking VMware workstation using bridging, now unpatched vm's can still connect if they NAT. So i would like to disable the NAT service using a group policy.And before anyone says you need NAC, ACE etc i know i just want a quickish fix til i get budget for NAC and ACE
0
Comment
Question by:brianogorman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 8

Expert Comment

by:Point-In-Cyberspace
ID: 22662028
As far as i know there is no way to do it without the tools you mention.
You may try to build an administrative template to set the values you need.

For this try to look to:
http://support.microsoft.com/?scid=kb%3Ben-us%3B323639&x=2&y=16

and google around with words: write administrative template

0
 
LVL 7

Expert Comment

by:BogdanSUA
ID: 22663510
This is not a super elegant solution, but it will work just fine....Use the following GPO:
User Configuration, Administrative Templates, System, Don't run specified Windows applications

Enable the policy and add the following executable with no path...just like you see it below.

vmnat.exe
0
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 2000 total points
ID: 22663704
Is the VMWare NAT service an actual Windows service that shows up in the Services MMC?

If so, you can mandate the service be set to Disabled using GPO.

Create and link a GPO to the OU containing the workstation objects, and define the Startup type of the NAT service to "Disabled". Caveat - you need to create and edit the GPO from a machine that -has the relevant service installed-, otherwise it won't show up in the UI.
0
 

Author Closing Comment

by:brianogorman
ID: 31503930
excellent that worked a treat many thanks.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Teach the user how to join ESXi hosts to Active Directory domains Open vSphere Client: Join ESXi host to AD domain: Verify ESXi computer account in AD: Configure permissions for domain user in ESXi: Test domain user login to ESXi host:
This video shows you how easy it is to boot from ISO images for virtual machines with the ISO images stored on a local datastore on the ESXi host.

596 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question