Client Isolation on Windows Server 2003

I dont think i understand yoru question. What are you trying to isolate this subscriber from?
 
What i am trying to figure is why you want to isolate them or how you wish to do it or what you are trying to accomplish by "isolating them". Are you trying to make sure they dont have network conectivity to others users or dont have access to the same shares or what. Your discription of what you want to do exatly is a bit vague. sorry if im not getting what you are trying to do here.


I guess if you mean that thee clinets have absolutly no conectivity to each other and share the same domain controller and resources couldnt you set up a VLAN with you router? I dont think an AD policy would limit their network conectivity if they share the same segment of network.
 
Good Luck. Dynamic RPC makes it difficult to isolate a client machines thats on a domain. You have to have every port above 1024 open and ICMP unless you perform a reg hack on all your DCs to specify a static RPC port.
 
The computers I'm talking about won't be apart of a domain, they will be a part of their own work group. I don't want each of them if on lets say "WORKGROUP" to be able to see each other. Is there a way to make them invisable to each other.

Meaning no file sharing, no access to each others drives and etc....
 
[BB] Rick James;1030610760 said:
The computers I'm talking about won't be apart of a domain, they will be a part of their own work group. I don't want each of them if on lets say "WORKGROUP" to be able to see each other. Is there a way to make them invisable to each other.

Meaning no file sharing, no access to each others drives and etc....
Click to expand...

Turn on the XP Firewall? lol
 
Enabling the firewall would work... Disabling the Server service on the XP clients would work too.......
 
[BB] Rick James;1030610760 said:
The computers I'm talking about won't be apart of a domain, they will be a part of their own work group. I don't want each of them if on lets say "WORKGROUP" to be able to see each other. Is there a way to make them invisable to each other.

Meaning no file sharing, no access to each others drives and etc....
Click to expand...

Very easily done using a managed switch and creating port based VLANs.
 
oakfan52 said:
Turn on the XP Firewall? lol
Click to expand...

You must have never dealt with users before. They'll find a way to turn that off and share files.


The network I'm talking about will have about a 1,000 users on it. So I'd need to create 1,000 VLAN's and keep that all up todate and current?.... Not sure i have the time to manage that.

All users will be wireless.
 
I think you just answered your own question. Managing 1000+ users without active directory will drive you absolutely insane very quickly. Hell, for me managing an office of 9 users would drive me crazy, that's what AD is for. What is this network setup being used for?

However... if your wifi AP supports client isolation, that may be all you need.
 
[BB] Rick James;1030613540 said:
You must have never dealt with users before. They'll find a way to turn that off and share files.


The network I'm talking about will have about a 1,000 users on it. So I'd need to create 1,000 VLAN's and keep that all up todate and current?.... Not sure i have the time to manage that.

All users will be wireless.
Click to expand...


:confused: WTF ?

They invented this thing about 10 years ago called directory services. aka Active Directory. you might want to look into it.
 
oakfan52 said:
:confused: WTF ?

They invented this thing about 10 years ago called directory services. aka Active Directory. you might want to look into it.
Click to expand...

Users won't be in AD. AD isn't robust enough for what I need. I'll be using Blue Socket at Site A which will have about 800 users. Site B will be a free wifi site that will support about 200 users, I was wondering if I could get away with having Windows Server assit with client isolation so that no file sharing could go on. Looks like Windows won't do this for or no one seems to know what I'm talking about so I'll just purchase another socket console to manage that site as well. Site A and B will both be running off fiber. Site B will be choked a bit, only 128down/up with web filters, P2P and etc blocked.

Thanks all,
 
[BB] Rick James;1030615417 said:
Users won't be in AD. AD isn't robust enough for what I need. I'll be using Blue Socket at Site A which will have about 800 users. Site B will be a free wifi site that will support about 200 users, I was wondering if I could get away with having Windows Server assit with client isolation so that no file sharing could go on. Looks like Windows won't do this for or no one seems to know what I'm talking about so I'll just purchase another socket console to manage that site as well. Site A and B will both be running off fiber. Site B will be choked a bit, only 128down/up with web filters, P2P and etc blocked.

Thanks all,
Click to expand...

You question was way out of context. maybe if you posted background information and what you are trying to do you would get more help. If you looking to put up a server just to block client communications then a Windows server alone will not do it. Its not what its designed to do.
 
If all of these clients will be wireless, aaronearles gave the answer that was glossed over.

Business class access points such as Proxim AP700 have the ability to restrict clients from communicating with one another natively.
 
You must log in or register to reply here.
Back
Top