Solved

Small Business Server Locking down non domain joined  machines

Posted on 2012-03-14
3
362 Views
Last Modified: 2012-11-12
Hi All,

Is there a way to stop non domain attached machines from getting an IP address in the SBS 2011 domain?
For example: They bring in their own laptop (or or i-phone on open wireless)  and plug it in to the system. Currently they will be able to surf the web.
How can I lock this down please?
Only domain joined machines/ users allowed. No exceptions.
Any ideas would be appreciated.
Olaf
0
Comment
Question by:Olaf De Ceuster
3 Comments
 
LVL 5

Assisted Solution

by:piji
piji earned 167 total points
ID: 37718696
It depends on your environment, If you got manages switch you can setup vlan and setup different dhcp for example on the router or wireless access point and make separate network just only for internet use. Tell us more about your netowork
0
 
LVL 25

Assisted Solution

by:Sekar Chinnakannu
Sekar Chinnakannu earned 166 total points
ID: 37718711
You can try with reserving the IP for workstations or else u can configure DHCP scope to limit the workstations.
0
 
LVL 12

Accepted Solution

by:
DLeaver earned 167 total points
ID: 37719652
For wireless you could use

- MAC address filtering, bit cumbersome but would do the job
- As suggested above VLAN the network or create a seperate subnet for guest wireless access which is then locked down for internet access

Physical connections you could use

- Switch port security if you have a switch that supports it
- or seperate class id's in DHCP for your internal network so that the default class gives out IP's for a restricted subnet

I can't think of a way that wouldn't take a bit of setting up beforehand but I'm sure others may know.....
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Alternative access for remote users 6 100
SBS 2011 - migration to Exchange 2016 5 217
Server HP DL380 G7 13 45
WSUS 3.0 SP2 Replicate to WSUS 2016 3 14
Many admins will agree: WSUS is is a nice invention but using it on the client side when updating a newly installed computer is still time consuming as you have to do several reboots and furthermore, the procedure of installing updates, rebooting an…
Ever notice how you can't use a new drive in Windows without having Windows assigning a Disk Signature?  Ever have a signature collision problem (especially with Virtual Machines?)  This article is intended to help you understand what's going on and…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question