DHCP only to authorized computers

  • Thread starter Thread starter Yoelb
  • Start date Start date
Y

Yoelb

We have a DHCP, I want to restrict that only authorized users should
be able to print to a network printer,

What happens it that there might be someone comes in with his laptop
and gets connected to our internal network and sets up a printer on
his computer by knowing the Printers ip and he can print with no
problem, how can I restrict this?

Your help is very much appreciated

Thanks
JoelB
 
The notebook user would need to setup your LAN IP stack.

Why are you allowing this if you won't allow him to print ? For security purposes you
shouldn't allow anybody to hook up unauthorized equip't. to the LAN in the first place.
Then you can use IP restrictions on the print server to restrict access to an IP range or
ranges.

I can't understand why unauthorized equip't. would be allowed on the LAN but not allows to
print. Seems rather backwards.
Please elaborate...

Dave

| We have a DHCP, I want to restrict that only authorized users should
| be able to print to a network printer,
|
| What happens it that there might be someone comes in with his laptop
| and gets connected to our internal network and sets up a printer on
| his computer by knowing the Printers ip and he can print with no
| problem, how can I restrict this?
|
| Your help is very much appreciated
|
| Thanks
| JoelB
 
Addendum:

You can use a Queue on a NT Server and all must print through the queue. The only IP
allowed to print or access the print server then would be the NT Server.

Dave

| The notebook user would need to setup your LAN IP stack.
|
| Why are you allowing this if you won't allow him to print ? For security purposes you
| shouldn't allow anybody to hook up unauthorized equip't. to the LAN in the first place.
| Then you can use IP restrictions on the print server to restrict access to an IP range or
| ranges.
|
| I can't understand why unauthorized equip't. would be allowed on the LAN but not allows to
| print. Seems rather backwards.
| Please elaborate...
|
| Dave
 
Hi,

DHCP does nto have this type of security functionality. You could create a
reservation for every "authorized" DHCP client and exclude the rest of the
IP addresses in your DHCP scope and prevent anyone else from getting an IP
address.

Thanks,
Marc Reynolds
Microsoft Technical Support

This posting is provided "AS IS" with no warranties, and confers no rights.
 
David H. Lipman said:
The notebook user would need to setup your LAN IP stack.

Why are you allowing this if you won't allow him to print ? For security purposes you
shouldn't allow anybody to hook up unauthorized equip't. to the LAN in the first place.
Then you can use IP restrictions on the print server to restrict access to an IP range or
ranges.

I can't understand why unauthorized equip't. would be allowed on the LAN but not allows to
print. Seems rather backwards.
Please elaborate...

Dave

| We have a DHCP, I want to restrict that only authorized users should
| be able to print to a network printer,
|
| What happens it that there might be someone comes in with his laptop
| and gets connected to our internal network and sets up a printer on
| his computer by knowing the Printers ip and he can print with no
| problem, how can I restrict this?
|
| Your help is very much appreciated
|
| Thanks
| JoelB
Click to expand...

Why are you allowing this if you won't allow him to print ?

 we are not allowing, but we have a building of 6 stories and
anything can happen, that someone could connect to a network.

Shouldn't allow anybody to hook up unauthorized equip't. to the LAN in
the first place.

 how can I do it Technically?

Then you can use IP restrictions on the print server to restrict
access to an IP range or
ranges.
restricting on the print server doesn't help, because he can access the printer by his IP Address and install his own driver and print, therefore I want to restrict him from having access on the LAN not to the network shares…
Click to expand...

Thanks to all of you for responding
JoelB
 
David H. Lipman said:
Addendum:

You can use a Queue on a NT Server and all must print through the queue. The only IP
allowed to print or access the print server then would be the NT Server.

Dave
Click to expand...

Can I restrict this on the printer itself or on the printer driver
that is on the print server? Because here we have to restrict on the
ip adderss of the printer device because he can install his own
printer driver on his computer…!
 
It depends on the print server. I profess HP JetDirect. The later models support IP
filtering such that you can limit the access to IP address or addresses.

Dave

| > Addendum:
| >
| > You can use a Queue on a NT Server and all must print through the queue. The only IP
| > allowed to print or access the print server then would be the NT Server.
| >
| > Dave
|
| Can I restrict this on the printer itself or on the printer driver
| that is on the print server? Because here we have to restrict on the
| ip adderss of the printer device because he can install his own
| printer driver on his computer.!
 
Would anyone know about a solution through a manageable Switch,
meaning is there some switches that you can restrict access to certain
IP adders only through authentication?

Thanks
JoelB
 
Look for switches that can do 802.1x authentication and you can use those
switches to autneticate the computer and/or user before allowing network
connectivity.
----
Thanks,
Rakesh Chanana [MSFT]

When replying, please post to GROUP so that everyone can benefit from the
knowledge.

This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm


--------------------
From: (e-mail address removed) (Yoelb)
Newsgroups:
Click to expand...
microsoft.public.win2000.networking,comp.os.ms-windows.networking.tcp-ip,com
p.os.ms-windows.nt.admin.networking
Subject: Re: DHCP only to authorized computers
Date: 29 Sep 2003 06:06:35 -0700
Organization: http://groups.google.com/

Would anyone know about a solution through a manageable Switch,
meaning is there some switches that you can restrict access to certain
IP adders only through authentication?

Thanks
JoelB




(e-mail address removed) (Marc Reynolds [MSFT]) wrote in message
Hi,

DHCP does nto have this type of security functionality. You could create a
reservation for every "authorized" DHCP client and exclude the rest of the
IP addresses in your DHCP scope and prevent anyone else from getting an IP
address.

Thanks,
Marc Reynolds
Microsoft Technical Support

This posting is provided "AS IS" with no warranties, and confers no
Click to expand...
rights.
Click to expand...
Click to expand...
 
Back
Top