Solved

Small Business Server Locking down non domain joined  machines

Posted on 2012-03-14
3
357 Views
Last Modified: 2012-11-12
Hi All,

Is there a way to stop non domain attached machines from getting an IP address in the SBS 2011 domain?
For example: They bring in their own laptop (or or i-phone on open wireless)  and plug it in to the system. Currently they will be able to surf the web.
How can I lock this down please?
Only domain joined machines/ users allowed. No exceptions.
Any ideas would be appreciated.
Olaf
0
Comment
Question by:Olaf De Ceuster
3 Comments
 
LVL 5

Assisted Solution

by:piji
piji earned 167 total points
ID: 37718696
It depends on your environment, If you got manages switch you can setup vlan and setup different dhcp for example on the router or wireless access point and make separate network just only for internet use. Tell us more about your netowork
0
 
LVL 24

Assisted Solution

by:Sekar Chinnakannu
Sekar Chinnakannu earned 166 total points
ID: 37718711
You can try with reserving the IP for workstations or else u can configure DHCP scope to limit the workstations.
0
 
LVL 12

Accepted Solution

by:
DLeaver earned 167 total points
ID: 37719652
For wireless you could use

- MAC address filtering, bit cumbersome but would do the job
- As suggested above VLAN the network or create a seperate subnet for guest wireless access which is then locked down for internet access

Physical connections you could use

- Switch port security if you have a switch that supports it
- or seperate class id's in DHCP for your internal network so that the default class gives out IP's for a restricted subnet

I can't think of a way that wouldn't take a bit of setting up beforehand but I'm sure others may know.....
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Some time ago I faced the need to use a uniform folder structure that spanned across numerous sites of an enterprise to be used as a common repository for the Software packages of the Configuration Manager 2007 infrastructure. Because the procedu…
Ever notice how you can't use a new drive in Windows without having Windows assigning a Disk Signature?  Ever have a signature collision problem (especially with Virtual Machines?)  This article is intended to help you understand what's going on and…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now