802.1x is your friend here. Certificates can be assigned by your domain CA and authenticated against it. You can also configure your CA to set the certificates as non-exportable to prevent "sharing". If you restrict network access at L2, L3+ is a moot point.
Jim Harrison I absolutely hate "the customer can stand on their left foot, hold one hand over their head and chant "booga-wonka-whee!" while pressing CTRL-ALT-WIN-PrtScn-SrlLk twice in rapid succession three times" answers to technical issues... -----Original Message----- From: Davy Davidson [mailto:[EMAIL PROTECTED] Sent: Friday, August 25, 2006 12:53 AM To: [email protected] Subject: IP address assignment problem Hi, I have a little problem and seek for ur thoughts, let's assume I'm in a very open environment where everyone can very easily try to get his/her laptop on the network and IP addresses are assigned by a DHCP server and we are in a domain environment, how do I prevent machines that are not part of our domain to be assigned an IP address? Thanks _________________________________________________________________ Don't just search. Find. Check out the new MSN Search! http://search.msn.com/ --------------------------------------------------------------------------- --------------------------------------------------------------------------- --------------------------------------------------------------------------- ---------------------------------------------------------------------------
