Forcing users & machines to authenticate

Search Close

Account Information

Reset password

An email has been sent to you with instructions on how to reset your password.

Back to TechRepublic

Welcome to TechRepublic!

By registering, you agree to the Terms of Use and acknowledge the data practices outlined in the Privacy Policy.

You will also receive a complimentary subscription to TechRepublic's News and Special Offers newsletter and the Top Story of the Day newsletter. You may unsubscribe from these newsletters at any time.

All fields are required. Username must be unique. Password must be a minimum of 6 characters and have any 3 of the 4 items: a number (0 through 9), a special character (such as !, $, #, %), an uppercase character (A through Z) or a lowercase (a through z) character (no spaces).

General discussion

Creator

Topic
September 20, 2004 at 4:05 am #2277632

Forcing users & machines to authenticate

Locked

by williamoshea · about 18 years ago

I have posted this question before but a lot of the answers showed that the question was misunderstood. I want to be able to stop laptops that are non-domain members from having access to resources on the domain. At the moment any user with a username and password can plug in a laptop, obtain an IP from DHCP server and access a resource by entering domain\username then password, even though the pc he/she is logging in from is not a memeber of the domain. In one word I want to force not just users to authenticate but also machines.
I work in a Windows 2000 environment with Win2k pro and xp clients OS. I have fully implemented Group Policies. However some of the users of laptops have decided not to have their laptops added to the domain. SO WHAT THEY DO IS FIND ANY PATCHED CAT5 PORT, PLUG THEIR LAPTOPS IN, OBTAIN AN IP ADDRESS AND OFF THEY GO. IS THERE A WAY I COULD DENY THEIR LAPTOPS IP ADDRESS OR BETTER STILL STOP THEM FROM ACCESSING NETWORK RESOURCES UNLESS THEY ARE PROPERLY LOGGED ON TO THE NETWORK.

This conversation is currently closed to new comments.
Creator

Topic

All Comments

Author

Replies
- September 20, 2004 at 4:27 am #2708206
  
  Reply To: Forcing users & machines to authenticate
  
  by p.j.hutchison · about 18 years ago
  
  In reply to Forcing users & machines to authenticate
  
  In DHCP, you can specify Mac Addresses of known laptops, to exclude them from getting a IP address and thus access to network. Of course, if they set a static ip address then that method cannot stop them, you could disable their account until all laptop users are updated to use the domain.
- September 20, 2004 at 5:48 am #2708191
  
  Reply To: Forcing users & machines to authenticate
  
  by ewgny · about 18 years ago
  
  In reply to Forcing users & machines to authenticate
  
  You can set up a certificate Authority and require that all Domain Computers authenticate with a “machine certificate” the Domain Workstations can receive their certificates through Group Policy Autoenrollment, wheras Non- Domain PC’s will have to request a certificate, which would have to be approved before access is allowed
- September 20, 2004 at 7:59 am #2708850
  
  Reply To: Forcing users & machines to authenticate
  
  by haileyan · about 18 years ago
  
  In reply to Forcing users & machines to authenticate
  
  The other thing I would do is make sure that all of your shared resources (printers and shared folders) are restricted to Domain Users. By default all of your shares have “everyone” which means anyone con that subnet can access the shares. I never leave “everyone” in security on any shared network resource.
  - September 23, 2004 at 3:04 am #2720948
    
    Reply To: Forcing users & machines to authenticate
    
    by williamoshea · about 18 years ago
    
    In reply to Reply To: Forcing users & machines to authenticate
    
    Poster rated this answer.
Author

Replies

Viewing 2 reply threads

Start or Search

Start New Discussion

This document helps make sure that you address data governance practices for an efficient, comprehensive approach to data management. This checklist from TechRepublic Premium includes: an introduction to data governance, a data governance checklist and how to manage a data governance checklist. From this checklist’s introduction: Data governance is the process by which an organization ...

Recruiting a Scrum Master with the right combination of technical expertise and experience will require a comprehensive screening process. This hiring kit provides a customizable framework your business can use to find, recruit and ultimately hire the right person for the job. This hiring kit from TechRepublic Premium includes a job description, sample interview questions ...

Knowing the terminology associated with Web 3.0 is going to be vital to every IT administrator, developer, network engineer, manager and decision maker in business. This quick glossary will introduce and explain concepts and terms vital to understanding Web 3.0 and the technology that drives and supports it.

Windows

General discussion

Forcing users & machines to authenticate

All Comments

Reply To: Forcing users & machines to authenticate

Reply To: Forcing users & machines to authenticate

Reply To: Forcing users & machines to authenticate

Reply To: Forcing users & machines to authenticate

Data governance checklist for your organization

How to recruit and hire a Scrum Master

Web 3.0 quick glossary

How to recruit and hire a User Experience Designer