gg2.20.joep@spamgourmet.com (JP) wrote in message news:<1b6225e5.0407061138.12e549fa@posting.google.com>...
> I have DHCP, Active Directory, DNS, etc servers. I need a way to have
> the DHCP server give IP addresses out to authorized computers that are
> allowed to use the network. I would like to keep the option of
> entering each and every MAC address as a last resort.
>
> So far, I have not found too much information to point me in the right
> direction. Any help would be appreciated.
>
> Thanks.

Would this work:

Export a list of MAC addresses from the internal DNS server. Find out
how/where Windows saves the DHCP configuration file that holds IP
reservations, etc. Modify the file from the DNS server to match the
one from the DHCP server and then overwrite the DHCP config file so
that it now has the modified DNS file.

Hopefully this would be the easiest way to restrict the DHCP server to
give out IPs to authorized computers only.

Thoughts? Comments?

"JP" wrote in message
news:1b6225e5.0407081538.78c5d7c1@posting.google.c om...
> gg2.20.joep@spamgourmet.com (JP) wrote in message
news:<1b6225e5.0407061138.12e549fa@posting.google.com>...
> > I have DHCP, Active Directory, DNS, etc servers. I need a way to have
> > the DHCP server give IP addresses out to authorized computers that are
> > allowed to use the network. I would like to keep the option of
> > entering each and every MAC address as a last resort.
> >
> > So far, I have not found too much information to point me in the right
> > direction. Any help would be appreciated.
> >
> > Thanks.
>
> Would this work:
>
> Export a list of MAC addresses from the internal DNS server. Find out
> how/where Windows saves the DHCP configuration file that holds IP
> reservations, etc. Modify the file from the DNS server to match the
> one from the DHCP server and then overwrite the DHCP config file so
> that it now has the modified DNS file.
>
> Hopefully this would be the easiest way to restrict the DHCP server to
> give out IPs to authorized computers only.
>
> Thoughts? Comments?

The DNS files and cache are secured and not as easy to do as what you want
for obvious security reasons. I take it your wanting to do this is because
you have a lot of users?

"Hades" wrote in message news:<40f03867$0$18066$afc38c87@news.easynet.co.uk>...
> "JP" wrote in message
> news:1b6225e5.0407081538.78c5d7c1@posting.google.c om...
> > gg2.20.joep@spamgourmet.com (JP) wrote in message
> news:<1b6225e5.0407061138.12e549fa@posting.google.com>...
> > > I have DHCP, Active Directory, DNS, etc servers. I need a way to have
> > > the DHCP server give IP addresses out to authorized computers that are
> > > allowed to use the network. I would like to keep the option of
> > > entering each and every MAC address as a last resort.
> > >
> > > So far, I have not found too much information to point me in the right
> > > direction. Any help would be appreciated.
> > >
> > > Thanks.
> >
> > Would this work:
> >
> > Export a list of MAC addresses from the internal DNS server. Find out
> > how/where Windows saves the DHCP configuration file that holds IP
> > reservations, etc. Modify the file from the DNS server to match the
> > one from the DHCP server and then overwrite the DHCP config file so
> > that it now has the modified DNS file.
> >
> > Hopefully this would be the easiest way to restrict the DHCP server to
> > give out IPs to authorized computers only.
> >
> > Thoughts? Comments?
>
> The DNS files and cache are secured and not as easy to do as what you want
> for obvious security reasons. I take it your wanting to do this is because
> you have a lot of users?

Right, too many comps to enter in one by one. Another idea I had was
to put a firewall before the DHCP server and then add a rule(s) to
allow outbound traffice and only allow inbound traffic for certain
computers in an allow list.

I've seen a couple firewalls where you can specify a comp name instead
of an IP, but I haven't found any yet that have an easily configurable
config file so that I could just dump the comp names from the server
and modify the file so it looks like the firewalls.