Solved

Block a computer with same domain name from rest of domain

Posted on 2010-09-08
7
312 Views
Last Modified: 2012-05-10
I have an old windows XP client that was on an old domain years ago. We recently got a new server. When we set up the domain, it happens to have the same name as the very very old domain that this XP machine used to be on. We can log on to the machine as long as it is not in the same network as our new server, but when it is on the same network it attempts to connect up to the new domain and login is impossible. Is there any way to segregate this one machine from talking to the server WITHOUT putting it on a different subnet? I have already tried writing firewall rules on the server side blocking all ports and all programs in relation to that machine's IP, but this didn't help. My goal would be to have the XP machine and the server to absolutely never communicate with each other, but still allow the XP machine access to the internet, and to log in still without having to transfer data and programs to a new profile (which is impossible at this point, it's quite a mess in there). Any ideas?
0
Comment
  • 3
  • 3
7 Comments
 
LVL 6

Expert Comment

by:MISOperations
ID: 33630797
Why not change the name?
0
 

Author Comment

by:businesscomputerdesign
ID: 33630826
I mean the domain name. If i take it off its domain name I won't be able to log in to that particular account any more, correct?
0
 
LVL 6

Accepted Solution

by:
MISOperations earned 250 total points
ID: 33630839
Why not change the newer one so they don't conflict?
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:businesscomputerdesign
ID: 33630946
Can i change the domain name once it is in place? We have workstations on the domain and the server is running Exchange, DNS, and DHCP. I would be willing to opt for that if there is really no other option for me and if it takes less time than subnetting out the XP machine. I was hoping to just stop the communication between the two, but the active directory domain service seems to be running at a deeper level.
0
 
LVL 6

Expert Comment

by:MISOperations
ID: 33631006
Yeah, it would be faster to just do it that way, the other way your thinking of would be too tedious and time consuming, this would be much faster and have way less downtime.
0
 
LVL 1

Assisted Solution

by:ted_sin
ted_sin earned 250 total points
ID: 33631393
I would try to set another dns address on the xp machine say external google dns, 8.8.8.8 so it doesn't query your current dns servers that points to your DC. If this doesn't work then try also disabling netbios on the XP machine.

try it and see how it works.
0
 

Author Closing Comment

by:businesscomputerdesign
ID: 33632023
I tried playing around with both suggestions. Even though both answers worked, the owner of the machine just ended up moving to another subnet.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now