Denied IP Change Permission to User
Hello Experts,
We have windows 7-64 bit systems in my office network with administrator user login, i need a batch file to install IP in systems (physically access) from a iplist.txt after install IP it should block IP change permission & protect with password.
We have windows 7-64 bit systems in my office network with administrator user login, i need a batch file to install IP in systems (physically access) from a iplist.txt after install IP it should block IP change permission & protect with password.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Sir,
We can't implement DHCP in my network because every system have a program which is mapped with IP address to communicate with my remote location (Data Center) servers, without IP address program can't run that's why we have to go with this scenario.
We can't implement DHCP in my network because every system have a program which is mapped with IP address to communicate with my remote location (Data Center) servers, without IP address program can't run that's why we have to go with this scenario.
I agree with Andy M. Use DHCP and setup reservations.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
@ Masnrock Sir,
My program does not work on DHCP scenario.
My program does not work on DHCP scenario.
Is the IP address in the program setup in the program itself or is it picking up the mode in which WIndows gets it's IP address?
If it's setup in the program itself (i.e. you specify that the machine is 192.168.0.50 and the application must be using 192.168.0.50) then in DHCP you just create a reservation for the MAC address of the PC with the IP 192.168.0.50 and the PC will always get that address at startup.
If the application starts on boot and having DHCP on the PC is going to cause an issue because the application is trying to run before the PC has it's IP address then the only option you really have is:
1. Statically set all PC's to their corresponding IP address (done manually on each machine).
2. Lock down standard user access to the network connections via GPO (assuming you're on a domain).
There are ways to set IP address via a batch file but you would need to update the batch file for every PC individually or they will all try to use the same IP address, it may be possible with some fancy VB scripting but each time the computer starts the script will need to run and check the spreadsheet to assign the IP address - which is pretty much what DHCP does anyway.
There may be third party applications that can do this but I haven't come across any.
If it's setup in the program itself (i.e. you specify that the machine is 192.168.0.50 and the application must be using 192.168.0.50) then in DHCP you just create a reservation for the MAC address of the PC with the IP 192.168.0.50 and the PC will always get that address at startup.
If the application starts on boot and having DHCP on the PC is going to cause an issue because the application is trying to run before the PC has it's IP address then the only option you really have is:
1. Statically set all PC's to their corresponding IP address (done manually on each machine).
2. Lock down standard user access to the network connections via GPO (assuming you're on a domain).
There are ways to set IP address via a batch file but you would need to update the batch file for every PC individually or they will all try to use the same IP address, it may be possible with some fancy VB scripting but each time the computer starts the script will need to run and check the spreadsheet to assign the IP address - which is pretty much what DHCP does anyway.
There may be third party applications that can do this but I haven't come across any.
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
I have recommended this question be closed as follows:
Split:
-- Andy M (https:#a42458095)
-- masnrock (https:#a42459424)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
seth2740
Experts-Exchange Cleanup Volunteer
I have recommended this question be closed as follows:
Split:
-- Andy M (https:#a42458095)
-- masnrock (https:#a42459424)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
seth2740
Experts-Exchange Cleanup Volunteer
Open in new window
Obviously, change "YOUR INTERFACE NAME", IP_ADDRESS, SUBNET_MASK, and GATEWAY to their appropriate values. That would be the command for changing the IP.But I would think DHCP reservations would be a better approach.
I would recommend using GPO to prevent users from changing the IP settings. But this of course assumes that you have a domain. Even local admins would be denied access.