> -----Original Message-----
> From: Murad Talukdar [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, December 20, 2005 6:00 PM
> To: [email protected]
> Subject: prevent DHCP server giving out leases to non-domain machines?
>
> Hi,
> Is there a way to stop a W2003 DHCP server from giving out leases for
IP's
> if a machine does not belong to the domain?
> Or is this a fruitless question that someone simply needs to point out
> something very simple to me.
>
> A machine can't join the domain if it doesn't have an IP first(chicken
and
> egg type thing) I can see that but obviously I'm missing something
> here-perhaps it's a question of layers-the domain is working at a
'higher'
> layer?
> Kind Regards
> Murad Talukdar
You might take a look at using 802.1x authentication on your
switches. This would not only prevent DHCP leases from being given out
but it would also prevent any machine from connecting to your network
unless it was approved. The second method would be to configure MAC
address security on your switches. This could be a nightmare to
maintain if you really locked down a port to a specific MAC address but
it could work.
Here is a rough overview to give you an idea if this will do
what you would like.
http://support.microsoft.com/kb/842439/en-us
Sean
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
---------------------------------------------------------------------------
---------------------------------------------------------------------------
