Re: Network Infrastructure

Hello news.microsoft.com,

See inline

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Hi Guys,

Hope Im in the right group.

Im in a stage of fixing my network. This is my current setup.

1. I have an active directory server, which is mydomain.com,
wherein
also my DNS and DHCP is located.
2. My subnet is 255.255.255.0
This is my idea.

1. Have these servers: (Need suggestions on these)

a. AD Server with DNS Server - is this a good practice?

Yes, but also think about redundancy for DNS/DC/Global Catalog with a second server. Also i would place DHCP server on the DC

b. DHCP Server with ISA Server - is this a good practice?

No, an ISA server should always do it's basic work and nothing else. Also it should be running on a dedicated machine

Other concern:

I want my network to have access limitations. Here is a scenario.

1. In our network, only managers can use their laptop to access
our network and internet. It can be wired or wireless. Unauthorized
laptop should or must not access our network. But from the way the
network was setup, they can access it through wire. I can filter the
wireless using MAC Address filter from the routers. But if they
connect through wire and know how to config TCP/IP they can easily
access our network. Can this be avoided through ISA? Is there a way
to filter MAC Address through Active Directory?

You can see if your switches allow port configuration and specify MAC addresses for allowed connections.

You can not filter MAC address with GPo under 2000/2003.
In DHCP you can try Vendor classes:
http://technet2.microsoft.com/windowsserver/en/library/111527dc-1e28-4c25-ba20-67daeffa5d1b1033.mspx?mfr=true

In Windows Server 2008, you can configure your DHCP servers to call out to a Network Policy Server (NPS) to authorize the DHCP leases. In NPS, you can set policy to deny leases based on MAC address. One limitation is that this doesn't scale well to a large number of MAC filters.


Hope you can help me on this.

Thanks in advance.

Allan



.

Relevant Pages

  • Re: March 29, 2006 total eclipse - IT admins WORST NIGHTMARE
    ... and NewsProxy is the answer for that. ... > Comcast news server. ... simply filters out what I dont want on the network. ... NewsProxy - Network level killfile and content filter for Usenet. ...
    (comp.security.firewalls)
  • RE: Poor XP network performance 2003 LAN
    ... We have 3 meg bonded T1 in Corp office and the network is as follows, ... when I remote VPN into the LAN I can ... pull data from shared drive on the server or shared folders on PC's. ... However if I setup a Linux or Mac OSX ...
    (microsoft.public.windows.server.general)
  • Re: Multiple bitrates not working in WMP for OS X
    ... >> specific network type. ... >> machine and it certainly won't work from a web server. ... I can confirm your results on Mac OSX10.4 Tiger using WMP9.0.0.3077 vs ... is the one used by the media server to determine the stream bitrate ...
    (microsoft.public.windowsmedia.player.web)
  • Re: Word 2004 only pulling up read-only from server; cannot save
    ... I have no answers for you but I have escalated this to Microsoft. ... Mac Word FAQ: ... > the same problem when running Server 10.3.9. ... >>> open files from the network and save them on the network. ...
    (microsoft.public.mac.office.word)
  • Re: Cant access secure Web pages
    ... server. ... This is a description of how you may, in the future, configure a DHCP ... network, and which need to be contacted via the Default Gateway. ... with it's hardware Ethernet MAC address in. ...
    (uk.comp.sys.mac)