Link to home
Start Free TrialLog in
Avatar of businesscomputerdesign
businesscomputerdesign

asked on

Block a computer with same domain name from rest of domain

I have an old windows XP client that was on an old domain years ago. We recently got a new server. When we set up the domain, it happens to have the same name as the very very old domain that this XP machine used to be on. We can log on to the machine as long as it is not in the same network as our new server, but when it is on the same network it attempts to connect up to the new domain and login is impossible. Is there any way to segregate this one machine from talking to the server WITHOUT putting it on a different subnet? I have already tried writing firewall rules on the server side blocking all ports and all programs in relation to that machine's IP, but this didn't help. My goal would be to have the XP machine and the server to absolutely never communicate with each other, but still allow the XP machine access to the internet, and to log in still without having to transfer data and programs to a new profile (which is impossible at this point, it's quite a mess in there). Any ideas?
Avatar of MISOperations
MISOperations
Flag of United States of America image

Why not change the name?
Avatar of businesscomputerdesign
businesscomputerdesign

ASKER

I mean the domain name. If i take it off its domain name I won't be able to log in to that particular account any more, correct?
ASKER CERTIFIED SOLUTION
Avatar of MISOperations
MISOperations
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Can i change the domain name once it is in place? We have workstations on the domain and the server is running Exchange, DNS, and DHCP. I would be willing to opt for that if there is really no other option for me and if it takes less time than subnetting out the XP machine. I was hoping to just stop the communication between the two, but the active directory domain service seems to be running at a deeper level.
Yeah, it would be faster to just do it that way, the other way your thinking of would be too tedious and time consuming, this would be much faster and have way less downtime.
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I tried playing around with both suggestions. Even though both answers worked, the owner of the machine just ended up moving to another subnet.