Tom's Guide > Forum > Windows 2000/NT > Windows 2000/NT General Discussion > client authentication

client authentication

Forum Windows 2000/NT : Windows 2000/NT General Discussion - client authentication

TomsGuide.com: Over 800,000 questions and answers to address all your high-tech questions. Sign up now! Its free!
Ask the community Add a reply
Word :    Username :           
 
Anonymous   08-18-2005 at 12:51:01 AM

Archived from groups: microsoft.public.win2000.security (More info?)

 

How to block a user from accessing the Windows 2000 Server by the MAC
address? Is there a way not to offer IP address from the DHCP server??

Add a reply
Sponsored Links
Register or log in to remove.
Anonymous   08-18-2005 at 01:56:42 AM
- 0 +

Archived from groups: microsoft.public.win2000.security (More info?)

 

First you need to be aware the many nic card drivers do
allow one to set the MAC address that will be used.

You first ask about controlling access to a W2k server,
and next about controlling leasing of IPs from DHCP.
Are these two different concerns or a reexpression of
one? If one, then DHCP will offer an IP to any machine
that asks, if it has available IPs. You can reserve IPs
that are then available each only for a specific MAC,
and if all IPs in the scope are so reserved then there
are none available to MAC addresses which have not
been so provided for. This is sort of a tedious way to
get at what you are after, except in reverse.

--
Roger Abell
Microsoft MVP (Windows Security)
MCSE (W2k3,W2k,Nt4) MCDBA
"siumama" <siumama@discussions.microsoft.com> wrote in message
news:E3B4ED05-84AA-4AA9-8E68-25292BC1AEC7@microsoft.com...
> How to block a user from accessing the Windows 2000 Server by the MAC
> address? Is there a way not to offer IP address from the DHCP server??

Reply to Anonymous
Anonymous   08-18-2005 at 06:35:24 AM
- 0 +

Archived from groups: microsoft.public.win2000.security (More info?)

 

Not directly but your options could be to use mac filtering with a switch
that is capable of such, an ipsec filtering policy on the server, or better
yet an ipsec negotiation policy that requires computer authentication before
access is allowed to the server. Ipsec negotiation however can not be used
if the server is a domain controller. All of that would be controlling
access of the computer and not the user directly. To control user access you
can also use user rights such as access or deny access this computer from
the network or restrictive share/ntfs permissions. That would restrict the
user no matter what computer he was on while restricting computer access
would restrict all users on the computer. --- Steve



"siumama" <siumama@discussions.microsoft.com> wrote in message
news:E3B4ED05-84AA-4AA9-8E68-25292BC1AEC7@microsoft.com...
> How to block a user from accessing the Windows 2000 Server by the MAC
> address? Is there a way not to offer IP address from the DHCP server??

Reply to Anonymous
Ask the community Add a reply
Tom's Guide > Forum > Windows 2000/NT > Windows 2000/NT General Discussion > client authentication
Go to:

There are 12 identified and unidentified users. To see the list of identified users, Click here.

Forum map
Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 0.245 seconds
Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel
Google ads