DHCP Restriction

  • Thread starter Thread starter Tad Gralewski
  • Start date Start date
T

Tad Gralewski

Quick question - is it possible to configure a Windows2000
based DHCP server that is a member of an Active Directory
domain so that it will only provide DHCP leases for
machines that are members of the Active Directory tree?

Thanks for your help.

Tad
 
This could be done by using IPSec in the network and configuring it in that
way, that only domain clients can use the network thus getting IP's from
DHCP server. But this is not an easy setup and people who had done this said
that it is not an easy thing to configure.
One more simple approach would be to create reservations for all computers
in DHCP server in your network and put the rest of leases in exclusion
range. This way systems w/o prior DHCP reservation won't be able to obtain
leases.

--
Regards

Matjaz Ladava, MCSE, MCSA, MCT, MVP
Microsoft MVP - Active Directory
(e-mail address removed), (e-mail address removed)
http://ladava.com
 
Matjaz Ladava said:
This could be done by using IPSec in the network and configuring it in that
way, that only domain clients can use the network thus getting IP's from
DHCP server. But this is not an easy setup and people who had done this said
that it is not an easy thing to configure.
One more simple approach would be to create reservations for all computers
in DHCP server in your network and put the rest of leases in exclusion
range. This way systems w/o prior DHCP reservation won't be able to obtain
leases.

--
Regards

Matjaz Ladava, MCSE, MCSA, MCT, MVP
Microsoft MVP - Active Directory
(e-mail address removed), (e-mail address removed)
http://ladava.com
Click to expand...

Matjaz,

That is really "thinking outside the box"! I am going to remember this!
IPSec would be interesting as well. Probably a whole lot harder than the
other "outside the box" solution, though ( as you said ).

Cary
 
"thinking outside the box" always reminds me of Don Box :-)) (a great
speaker and now an MS employee).

--
Regards

Matjaz Ladava, MCSE, MCSA, MCT, MVP
Microsoft MVP - Active Directory
(e-mail address removed), (e-mail address removed)
http://ladava.com
 
Back
Top