workstations not on the domain can access domain resources

workstations not on the domain can access domain resources

Post by Bob » Sun, 27 Apr 2003 03:54:10

I have an active directory (domain) in which several of
our subcontractors share the network link to access common
data on our server. Normally, I set up their workstations
and place them on the domain so they can access these
shared resources. Recently, one of the subs bought a new
pc from Dell and just plugged it into the network. They
signed in with their user name and password but never put
the w/s on the domain. Now, they have complete access to
all the shares because they are logged in as a valid user;
but they are not on the domain so I can't control policies
for them.

Q: is there any way to allow only workstations that are on
the domain access and to deny access to any "foreign"
workstations that are either on another domain or simply
in a workgroup?


workstations not on the domain can access domain resources

Post by Kirk Soluk [MSFT » Sun, 27 Apr 2003 15:50:08

When you create the shares on your server, you need to make sure that the
Everyone group does not have permissions.


1. Domain access by non-domain user

I have an active directory domain in place including user
and group policies and a special login script. Recently,
one of our users bought a new Dell PC and plugged it into
the network. This computer was not added to the domain,
but is on a workgroup with the same name as the domain so
it is not subject to the domain policies. The user
proceeded to log in with their regular domain user account
and now has access to the domain share. I thought they
couldn't log in unless their PC was joined to the domain???

I would like to restrict access to our domain shares
to "only" computers that have been "joined" to the domain.
Is there any way to do that?

2. about adaptive genetic algorithm

3. domain user cracking password for domain

4. Circuit Diagrams

5. NT4 Domain and NT4 & 5 Workstation Auditting


7. telnet shell access within domain & remote sftp but no remote ssh/telnet shell access!

8. Acad

9. Access Data on a Domain Server Using Workgroup Access - How?

10. NT Domain not seen from firewall

11. Non NT devices can not authenticate with Domain Controller.

12. Token does not contain builtin and local group entries of foreign domain

13. iptables & virtual interfaces/domains NOT WORKING ??