Restrict UCS Authentication By MAC Address Or Computer Account

Greetings,

I hope you are well. I am still learning UCS, so please bear with me. Two questions:

One, is there a way to restrict computer accounts on a univention corporate server to access only a particular subnetwork? Example, only one particular computer should be able to access the 192.168.2.0 network and nothing else.

Two, is there a way to restrict authentication to a univention server by MAC address? Example, you can only authentication against our UCS if you have a particular MAC address.

Thanks for your time.

Regards,
David.

Hi,

I doubt it is possible. For the first question this is all based on IP stuff. And as soon as the computer has a default gateway it is possible to reach all other nets. You should have a look at your router to limit access there.
Second, nearly the same. I doubt it will be possible. You could perhaps create firewall rules, but this would not be a good solution!

In short: do not do this!

/KNEBB

1 Like
Mastodon