Solved

Can we ristrict any computer not to get an IP from the DHCP server of windows 2003?

Posted on 2011-09-07
6
362 Views
Last Modified: 2012-06-27
Can we ristrict any computer not to get an IP from the DHCP server of windows 2003?
0
Comment
Question by:mahmood66
6 Comments
 
LVL 8

Expert Comment

by:bright12
ID: 36500927
Why would you do that? You need an IP address if your PC is connected to a network, otherwise you don't have any network drives, intranet, internet, mail, etc..

If your computers get an IP address from a different server than you can switch off the DHCP server in this windows 2003 server.
0
 
LVL 3

Expert Comment

by:vk3kjc
ID: 36500951
While I have not used it, a possible solution using DHCP classes can be found here:

http://www.techrepublic.com/article/use-dhcp-class-to-deny-internet-access-to-unauthorized-machines/5498436

which also refers to:

http://support.microsoft.com/kb/240247/EN-US/
0
 

Author Comment

by:mahmood66
ID: 36501008
dear,

I found some unknown names in the list. so I want to block those. may be some ristricted persons are gettting connected which should be stopped through MAC address. suggest me best solution
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 
LVL 9

Expert Comment

by:Chev_PCN
ID: 36501360
Hi Mahmoud.
If you are looking to block "rogue" computers from connecting onto your network, you are now entering the world of NAC (Network Access Control). You cannot use DHCP to manage this.
On a very small network, you can maybe look at manual port blocking on the switches. This is management-intensive and I would not recommend this for any infrastructure greater than 100 users.
For a larger enterprise, you need to look at a proper NAC solution. Unfortunately I only work with larger enterprises that use Juniper and Cisco solutions, which are brilliant, high-security, but also very costly.
I believe that Cisco and HP Procurve switches are also able to do dynamic port-blocking based on RADIUS authentication.
0
 
LVL 9

Accepted Solution

by:
Chev_PCN earned 250 total points
ID: 36501369
To clarify further, even if you find a way to stop rogue devices from getting a dynamic IP address, a user can still manually configure the IP address.  I would not recommend using DHCP as a NAC tool.
0
 

Author Closing Comment

by:mahmood66
ID: 36501750
I understand now. DHCP is not for blocking the computer to get connected
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to run the DNS query from the server? 5 68
setup share and NTFS permissions. 12 70
DNS Scavenging configuration 5 64
DNS Server Changes - 2003 to 2012 6 40
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now