Announcement

Collapse
No announcement yet.

Blocking non-domain PCs from using domain resources

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • JParr
    started a topic Blocking non-domain PCs from using domain resources

    Blocking non-domain PCs from using domain resources

    I would like to prevent PCs on my LAN that are not members of the domain from authenticating with my servers to access resources. Ideally, even with valid domain credentials, users would be unable to authenticate with the server unless the PC they were connecting from was a member of the domain. Is this doable?

  • joeqwerty
    replied
    Re: Blocking non-domain PCs from using domain resources

    This is what you need:

    http://technet.microsoft.com/en-us/n.../bb545879.aspx

    Leave a comment:


  • Akila
    replied
    Re: Blocking non-domain PCs from using domain resources

    Originally posted by JParr View Post
    I have many PCs that come in to the building without antivirus, or proper updates. The owners of these machines plug them in to the LAN, and authenticate with the server to access files and print. I don't want them to have that ability unless the machine is a domain member so that I can be sure they have all of their updates and functional antivirus.
    we pretty much have the same situation in our environment, what we do is just block them getting an IP all together by having a MAC address filter list on the DHCP service, but I guess it's not what you want.

    Leave a comment:


  • guyt
    replied
    Re: Blocking non-domain PCs from using domain resources

    Google for "IPSec Domain Isolation" - this could be a solution for you.

    Leave a comment:


  • JParr
    replied
    Re: Blocking non-domain PCs from using domain resources

    I have many PCs that come in to the building without antivirus, or proper updates. The owners of these machines plug them in to the LAN, and authenticate with the server to access files and print. I don't want them to have that ability unless the machine is a domain member so that I can be sure they have all of their updates and functional antivirus.

    Leave a comment:


  • Akila
    replied
    Re: Blocking non-domain PCs from using domain resources

    access to resources as far as i know are based on a User not a PC (unless configured otherwise).
    if you have set permissions on Shares/file for authenticated users or any other domain group you got , that should clear the problem.
    You do need to remove the "Everyone" which is equivalent to "Public" , meaning from any environment or OS platform.
    does that answer your question?
    Last edited by Akila; 31st July 2008, 17:36.

    Leave a comment:

Working...
X