Restrict UCS Authentication By MAC Address Or Computer Account




I hope you are well. I am still learning UCS, so please bear with me. Two questions:

One, is there a way to restrict computer accounts on a univention corporate server to access only a particular subnetwork? Example, only one particular computer should be able to access the network and nothing else.

Two, is there a way to restrict authentication to a univention server by MAC address? Example, you can only authentication against our UCS if you have a particular MAC address.

Thanks for your time.




I doubt it is possible. For the first question this is all based on IP stuff. And as soon as the computer has a default gateway it is possible to reach all other nets. You should have a look at your router to limit access there.
Second, nearly the same. I doubt it will be possible. You could perhaps create firewall rules, but this would not be a good solution!

In short: do not do this!