Solved

Small Business Server Locking down non domain joined  machines

Posted on 2012-03-14
3
365 Views
Last Modified: 2012-11-12
Hi All,

Is there a way to stop non domain attached machines from getting an IP address in the SBS 2011 domain?
For example: They bring in their own laptop (or or i-phone on open wireless)  and plug it in to the system. Currently they will be able to surf the web.
How can I lock this down please?
Only domain joined machines/ users allowed. No exceptions.
Any ideas would be appreciated.
Olaf
0
Comment
Question by:Olaf De Ceuster
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 5

Assisted Solution

by:piji
piji earned 167 total points
ID: 37718696
It depends on your environment, If you got manages switch you can setup vlan and setup different dhcp for example on the router or wireless access point and make separate network just only for internet use. Tell us more about your netowork
0
 
LVL 25

Assisted Solution

by:Sekar Chinnakannu
Sekar Chinnakannu earned 166 total points
ID: 37718711
You can try with reserving the IP for workstations or else u can configure DHCP scope to limit the workstations.
0
 
LVL 12

Accepted Solution

by:
DLeaver earned 167 total points
ID: 37719652
For wireless you could use

- MAC address filtering, bit cumbersome but would do the job
- As suggested above VLAN the network or create a seperate subnet for guest wireless access which is then locked down for internet access

Physical connections you could use

- Switch port security if you have a switch that supports it
- or seperate class id's in DHCP for your internal network so that the default class gives out IP's for a restricted subnet

I can't think of a way that wouldn't take a bit of setting up beforehand but I'm sure others may know.....
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is a little timesaver I have been using for setting up Microsoft Small Business Server (SBS) in the simplest possible way. It may not be appropriate for every customer. However, when you get a situation where the person who owns the server is i…
The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question