Re: Requiring specific computer to log on

Yes - that's a simple and easily applied added hurdle for him to overcome -
thanks for that -

Alex

"MDBJ" <me@xxxxxx> wrote in message
news:unJ2RZV7FHA.3684@xxxxxxxxxxxxxxxxxxxxxxx
> sorry, I was suggesting a mostly social, not exactly technological
> solution.
>
> get whomever is required to agree-presumably the person who wants the
> 'company machines only' policy enforced
>
> announce a new policy, that requires all VPN passwords to be set by IT
> dept
> (presumably you) for complexity & security,
> this requires all machines authorized to be brought in, where you change
> the server password
> and then enter the password into the authorized machine, checking the
> 'remember password' box.
>
> the password will be stored on the authorized machine, and prevent an
> unauthorized machine from getting in.
>
>
> "Alex H" <aph@xxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:Owhr9SV7FHA.3976@xxxxxxxxxxxxxxxxxxxxxxx
>> This is where my ignorance shows itself, but I didn't knbow that was
>> possible?
>>
>> Alex
>>
>> "MDBJ" <me@xxxxxx> wrote in message
>> news:exE71rT7FHA.2152@xxxxxxxxxxxxxxxxxxxxxxx
>>>a new "policy", company wide.. requiring complex passwords,
>>> entered by IT department, and stored on the machines.
>>>
>>> then no one but IT would have the ability to add a machine to the vpn
>>>
>>>
>>>
>>> "kj" <kj@xxxxxxxxxxx> wrote in message
>>> news:Ox6ABvS7FHA.1020@xxxxxxxxxxxxxxxxxxxxxxx
>>>> Sorry, I don't have a solution to "simply" block VPN access from a
>>>> specific machine. Methods exist but the only ones I know of aren't
>>>> simple.
>>>>
>>>> Monitoring through the RRAS VPN log files is simple though.
>>>>
>>>> Open Routing and Remote Access from the Admin tools. Select the Remote
>>>> Access logging. Double click the logfile. On the logfile properties
>>>> window, select the logfile tab, select IAS format and your preferences
>>>> for logfile maintnenace. On the "settings" tab, select all three check
>>>> boxes.
>>>>
>>>> You'll find the resultant csv log files in
>>>> %SYSTEMROOT%\system32\logfiles named INxxxxx.log, by default
>>>> C:\windows\system32\logfiles.
>>>>
>>>> Confronted by 'evidence' that the tutor is violating policy and your
>>>> ability to monitor compliance may be enough to have everyone play by
>>>> the rules.
>>>>
>>>> --
>>>> /kj
>>>> "Alex H" <aph@xxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>>>> news:%23nJvlUS7FHA.1944@xxxxxxxxxxxxxxxxxxxxxxx
>>>>> Hi we do have a company policy that stops any other computer than
>>>>> those authorised bgy the company, and this particular user has been
>>>>> formally re-advised of the position. However we are a small companhy
>>>>> ( 10 people) and this user is one of our tutors who works from his
>>>>> home, and we dont really want to lose him.
>>>>>
>>>>> if I can simply block his own machine from logging on - that does
>>>>> resolve the issue. However I do need also to cover the legal side and
>>>>> need to be able to monitor his logging on.
>>>>>
>>>>> Exactly which log files should I be looking at,and do I need to open
>>>>> them thru SBS2003, or are they simply text files that I can informt
>>>>> into Excel.
>>>>>
>>>>> Many thanks for your continued help on this matter.
>>>>>
>>>>> Alex
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> "Alex H" <somone@xxxxxxxxxxxxx> wrote in message
>>>>> news:%23vTXDxF7FHA.3544@xxxxxxxxxxxxxxxxxxxxxxx
>>>>>>I assume that he has copied the settings from the company laptop to
>>>>>>his personal machine and is loggin on from that. He VPN'S on, and uses
>>>>>>his normal login name and password. Somehow i need to restrick his
>>>>>>account to the official machine. Its never been a problem before,
>>>>>>
>>>>>> I can see the Mac address of his personal machine in the DHCP
>>>>>> reservations.
>>>>>> Is it possible to read the DHCP logs to see how many instances there
>>>>>> have been - how do I open them?
>>>>>>
>>>>>> Thanks for help
>>>>>>
>>>>>> Alex
>>>>>>
>>>>>>
>>>>>>
>>>>>> "Lanwench [MVP - Exchange]"
>>>>>> <lanwench@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
>>>>>> message news:O97$peF7FHA.1276@xxxxxxxxxxxxxxxxxxxxxxx
>>>>>>>
>>>>>>>
>>>>>>> In news:ulxLaCE7FHA.1032@xxxxxxxxxxxxxxxxxxxx,
>>>>>>> Alex H <somone@xxxxxxxxxxxxx> typed:
>>>>>>>> Hi, one of our remote users has two computers, the company laptop
>>>>>>>> and his own personal desktop. Its a long story, but we believe
>>>>>>>> that
>>>>>>>> he is logging onto our SBS2003 using his own computer rather than
>>>>>>>> the
>>>>>>>> company one.
>>>>>>>> Is there any way we can set the the server so that he does have to
>>>>>>>> use the company computer
>>>>>>>>
>>>>>>>> thanks
>>>>>>>>
>>>>>>>> Alex
>>>>>>>
>>>>>>> How would he log onto the domain from a home computer unless it had
>>>>>>> been set up/joined to the domain?
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>


.

Loading