Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Can we ristrict any computer not to get an IP from the DHCP server of windows 2003?

Posted on 2011-09-07
6
Medium Priority
?
372 Views
Last Modified: 2012-06-27
Can we ristrict any computer not to get an IP from the DHCP server of windows 2003?
0
Comment
Question by:mahmood66
6 Comments
 
LVL 8

Expert Comment

by:bright12
ID: 36500927
Why would you do that? You need an IP address if your PC is connected to a network, otherwise you don't have any network drives, intranet, internet, mail, etc..

If your computers get an IP address from a different server than you can switch off the DHCP server in this windows 2003 server.
0
 
LVL 3

Expert Comment

by:vk3kjc
ID: 36500951
While I have not used it, a possible solution using DHCP classes can be found here:

http://www.techrepublic.com/article/use-dhcp-class-to-deny-internet-access-to-unauthorized-machines/5498436

which also refers to:

http://support.microsoft.com/kb/240247/EN-US/
0
 

Author Comment

by:mahmood66
ID: 36501008
dear,

I found some unknown names in the list. so I want to block those. may be some ristricted persons are gettting connected which should be stopped through MAC address. suggest me best solution
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 9

Expert Comment

by:Chev_PCN
ID: 36501360
Hi Mahmoud.
If you are looking to block "rogue" computers from connecting onto your network, you are now entering the world of NAC (Network Access Control). You cannot use DHCP to manage this.
On a very small network, you can maybe look at manual port blocking on the switches. This is management-intensive and I would not recommend this for any infrastructure greater than 100 users.
For a larger enterprise, you need to look at a proper NAC solution. Unfortunately I only work with larger enterprises that use Juniper and Cisco solutions, which are brilliant, high-security, but also very costly.
I believe that Cisco and HP Procurve switches are also able to do dynamic port-blocking based on RADIUS authentication.
0
 
LVL 9

Accepted Solution

by:
Chev_PCN earned 750 total points
ID: 36501369
To clarify further, even if you find a way to stop rogue devices from getting a dynamic IP address, a user can still manually configure the IP address.  I would not recommend using DHCP as a NAC tool.
0
 

Author Closing Comment

by:mahmood66
ID: 36501750
I understand now. DHCP is not for blocking the computer to get connected
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question