General discussion
-
Topic
-
Forcing users & machines to authenticate
LockedI have posted this question before but a lot of the answers showed that the question was misunderstood. I want to be able to stop laptops that are non-domain members from having access to resources on the domain. At the moment any user with a username and password can plug in a laptop, obtain an IP from DHCP server and access a resource by entering domain\username then password, even though the pc he/she is logging in from is not a memeber of the domain. In one word I want to force not just users to authenticate but also machines.
I work in a Windows 2000 environment with Win2k pro and xp clients OS. I have fully implemented Group Policies. However some of the users of laptops have decided not to have their laptops added to the domain. SO WHAT THEY DO IS FIND ANY PATCHED CAT5 PORT, PLUG THEIR LAPTOPS IN, OBTAIN AN IP ADDRESS AND OFF THEY GO. IS THERE A WAY I COULD DENY THEIR LAPTOPS IP ADDRESS OR BETTER STILL STOP THEM FROM ACCESSING NETWORK RESOURCES UNLESS THEY ARE PROPERLY LOGGED ON TO THE NETWORK.