MAC to IP addresses link

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hi,
I have a network of 10 PCs and a file server running Windows Server 2k3.
I need to bind the user to a his unique PC. That is, if any user tries to
logon to the system from any PC apart from his designated one, he won't be
allowed in.
One way to this is to activate BIOS password at startup. But this looks
very premitive. Any idea out there on how to do this on server, rather than
PC, lever?
Thanks
Yba
 
If you set your network up as a domain you can limit users to which PCs they
can log onto with Active Directory. Otherwise you'll need to create user
accounts on each PC and enforce logon for each PC.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm
 
Thanks Richard and pleasure to have a MVP attending my inquiry.
In fact, yse, my network is setup as a domain. Can u please elaborate on
the steps or any page where I can find detailed resources on the steps to do
so.
Thanks in advance.
yba

Richard G. Harper said:
If you set your network up as a domain you can limit users to which PCs they
can log onto with Active Directory. Otherwise you'll need to create user
accounts on each PC and enforce logon for each PC.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm


yba02 said:
Hi,
I have a network of 10 PCs and a file server running Windows Server 2k3.
I need to bind the user to a his unique PC. That is, if any user tries to
logon to the system from any PC apart from his designated one, he won't be
allowed in.
One way to this is to activate BIOS password at startup. But this looks
very premitive. Any idea out there on how to do this on server, rather
than
PC, lever?
Thanks
Yba
Click to expand...
Click to expand...
 
If you search either the TechNet (http://www.microsoft.com/technet) or MSDN
(http://msdn.microsoft.com) websites you'll find much detailed information
on setting up domains, domain controllers and Active Directory - but in a
nutshell:

When you have a "Peer-to-Peer" network (like yours currently is configured),
each PC stores its own security information. It has the list of who is
permitted to log onto it, who may access files and folders, and so on.
There is no central security database, so each PC must be configured
separately.

When you establish a domain, one or more servers (known as domain
controllers) hold a central security database. This database is accessed by
each domain member when a user logs on and it will determine who can log
onto each PC, what shared files and folders are accessible to users, and so
on.

You could conceivably configure each PC as you want without a domain but the
problem then would be that any PC user could change your
carefully-considered settings. In a domain the security is central to the
domain controller(s) so each user has only the rights you give them and no
others. Short of guessing or stealing the domain administrator password
they would be unable to alter your security settings.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm


yba02 said:
Thanks Richard and pleasure to have a MVP attending my inquiry.
In fact, yse, my network is setup as a domain. Can u please elaborate on
the steps or any page where I can find detailed resources on the steps to
do
so.
Thanks in advance.
yba

Richard G. Harper said:
If you set your network up as a domain you can limit users to which PCs
they
can log onto with Active Directory. Otherwise you'll need to create user
accounts on each PC and enforce logon for each PC.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm


yba02 said:
Hi,
I have a network of 10 PCs and a file server running Windows Server
2k3.
I need to bind the user to a his unique PC. That is, if any user tries
to
logon to the system from any PC apart from his designated one, he won't
be
allowed in.
One way to this is to activate BIOS password at startup. But this
looks
very premitive. Any idea out there on how to do this on server, rather
than
PC, lever?
Thanks
Yba
Click to expand...
Click to expand...
Click to expand...
 
Hi Richard,
Again, thanks a lot for your time and support. Please let me clarify the
situation.
Those 10 PCs are networked to a central server running 2k3 UNDER A DOMAIN
NAME and the server acting as the domain controller. The very purpose of
this network is to run a SQL DB application.
Currently, user A can use his credintials on any of the 10 PCs and still
logon to the network. That is exactly what I want to stop. I want user A to
be able to logon to the doamin ONLY through machine A.
In your first posting, you advised that it was possible to do SO through AD.
What I need to know now are the steps to do that.
I hope that my inquiry is clearer now and sorry for any inconvinience.

Regards
Yahya
 
Oh, sorry. Now I get it.

Go into Active Directory Users and Computers, expand the Users list, find
the user that you want to limit, then right-click his/her name and select
Properties, then finally the Account tab. Click the "Log On To" button and
you can limit the computers a user may log onto there.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm
 
1, 2, 3...
Seems to the point. Thanks Richard. How difficult might the world be
without people like you around.
I will try it and comeback to you and expect more to come.

Yahya
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Dumb IP address question 5
Unlock PCs 1
Configuring IP address 1
Auto vs Assigned IP address. 1
File sharing with a Mac... 1
Unable To Connect To Internet - IP Address Conflict 6
Two IP addresses or mysterious intruder? 4
XP to Mac direct connect via ethernet cable 0

Back
Top