Prevent administrative users from assigning duplicate static IPs to their workstations

switch local-area-network

  1. Have a separate subnet (and preferably a separate VLAN) for your servers. This pretty much eliminates the issue of "accidental" overlap.

  2. Use some kind of NAC or port-level authentication and have a DHCP-assigned address be a prerequisite of the health check.

  3. Don't let your users be admin on their local machines :)


You could run a script using group policy to set the network adapter to use DHCP.

For example: http://social.technet.microsoft.com/Forums/zh/winserverGP/thread/b1616b2f-6353-45fb-a258-8ea9e14b5e8f

It looks like there may also be group policy to disable the network settings: How to disable Tcp/Ip settings in windows 7 via GPO?

Related

Log analyzer for nginx [closed]
Which MySQL users are necessary?
E-mail lifecycle after it's been sent
Which method to use for granting sudo
Java String new line
Store a closure as a variable in Swift
Checking if array is multidimensional or not?
EntityType has no key defined error
Color theme for VS Code integrated terminal
Module not found: Error: Can't resolve 'core-js/es6'
Web Application Problems (web.config errors) HTTP 500.19 with IIS7.5 and ASP.NET v2
What is the equivalent to a JavaScript setInterval/setTimeout in Android/Java?