Announcement

Collapse
No announcement yet.

gpedit rules for Networking

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • gpedit rules for Networking

    Hi,

    This makes me sound really dumb, but I need to know which permissions to enable to allow users to change "Gateway & DNS values only".

    There are too many options in gpedit and I am a bit confused.

    Please advice.

    Thank you.

    Sandeep

  • #2
    Re: gpedit rules for Networking

    I've had a look and I cannot find one to allow users to do this. I may well be wrong. I think users need to be members of the local Administrators group on their PC to be able to change these settings.

    You probably do not want to make users members of the Administrators, so can you tell me why you want users to change these settings and then I can try and give you a more focused answer. What do you need to achieve, and what is your setup? I just need a bit more background to the problem.

    Best wishes,
    Best wishes,
    PaulH.
    MCP:Server 2003; MCITP:Server 2008; MCTS: SBS2008

    Comment


    • #3
      Re: gpedit rules for Networking

      These settings are part of the Advanced TCP/IP Configuration, for which you can find settings in the User Settings -> Administrative Templates -> Network -> Network Connections. There's nothing there specific for these two.
      But you should provide us with some more details, as PaulH said...

      Sorin Solomon


      In order to succeed, your desire for success should be greater than your fear of failure.
      -

      Comment


      • #4
        Re: gpedit rules for Networking

        Scenario:

        We have 2 ISPs in office.
        Sometimes one of them goes down and I need the users to switch to the other ISP.

        So I need the users to be able to modify the Gateway IP & DNS values only.
        So that they can continue operation.
        ISP-1: 192.168.1.1
        ISP-2: 192.168.1.2
        And the respective DNS values.

        I hope this helps in exploring a solution.

        The other option is to use netsh and write a script or apps and use CPAU.

        I was wondering it this can be simply achieved by using GP.

        Thx
        Sandeep

        Comment


        • #5
          Re: gpedit rules for Networking

          Hi, sandeep.
          This issue was already dealt with in this thread :http://forums.petri.com/showpost.php?p=58452 .
          I thought you got the answer. So, what's the problem now?

          Sorin Solomon


          In order to succeed, your desire for success should be greater than your fear of failure.
          -

          Comment


          • #6
            Re: gpedit rules for Networking

            Four little letters


            DHCP

            Comment


            • #7
              Re: gpedit rules for Networking

              Yes. You are right.

              I wrote a small BATCH script for netsh. Itw orks good.

              Then I hit the block that only Administrator has the right to modify the Network parameters.

              I realized that this could well be implemented by simply allowing G/w rights in the GP, then why to develop an application and then the overheads of maintaining etc etc.

              So now I have 2 routes. Use the batch script and then use it with CPAU or RUNAS.
              Or find the policy and modify it suitably.

              I looked around but could not locate the exact policy. Hence a call to the gurus.

              Thx.

              Sandeep

              Comment


              • #8
                Re: gpedit rules for Networking

                AFAIK, the only place in the GPO settings you can deal with permissions to the DNS and gateway is in the key I gave you in the reply above (#3).
                Hope this helps.

                Sorin Solomon


                In order to succeed, your desire for success should be greater than your fear of failure.
                -

                Comment


                • #9
                  Re: gpedit rules for Networking

                  I recommend you use netsh in a batch file with CPAU to enable it to run as Administrator. You would have 2 such processes - one for each of the ISPs and the users would run one of them for whichever ISP is "up".

                  RunAs is excellent for use by an Administrator who is sitting in front of a user's PC, but you cannot use this tool to automate processes that users would run, because of the security problem with /savecred.

                  I realise what I'm suggesting sounds complex, but I'm not sure how dhcp would help in this instance, because of lease durations, but you could automate an ipconfig /release then ipconfig /renew as long as your DHCP server can be configured to issue the correct gateway etc at the time the ISP goes down - it's up to you.
                  Last edited by PaulH; 16th February 2007, 16:18.
                  Best wishes,
                  PaulH.
                  MCP:Server 2003; MCITP:Server 2008; MCTS: SBS2008

                  Comment


                  • #10
                    Re: gpedit rules for Networking

                    You could use AutoIT to encase the bat file in a runas, so that when they need to, they could simply run it, no pw or anything needed, and viola!

                    Of course, the real solution would be to find out why the ISP drops your connection so often.
                    ** Remember to give credit where credit is due and leave reputation points where appropriate **

                    Comment


                    • #11
                      Re: gpedit rules for Networking

                      Originally posted by Wired View Post
                      Of course, the real solution would be to find out why the ISP drops your connection so often.
                      Agreed... At the risk of sounding like a parrot, (I've said this elsewhere often enough ) fix the problem not the symptom!
                      Best wishes,
                      PaulH.
                      MCP:Server 2003; MCITP:Server 2008; MCTS: SBS2008

                      Comment

                      Working...
                      X