I own a small home Windows Server 2008 domain based network. all the clients on the network run windows 7. here is the problem. i am in charge of ensuring that my brother is shut down at 9:30 every night. to address this i created a simple script which shuts him down every night at this time. then within his account settings in active directory i restrict his log in hours appropriately so that if he attempts to log in after those hours that it will lock him out. recently my brother has found a loophole in my networks security. he is able to bypass the log in restriction by disconnecting his computer from the LAN then logging in. once he is logged in he then reconnects himself to the LAN and is then able to access the internet but not the network resources. i use a router and not a proxy server but will not be able to implement a proxy server any time soon. what can i do to prevent my brother from logging in when he is disconnected from the LAN? any help is greatly appreciated.
Can't you add access restrictions at the router? Many routers will allow you to limit Internet access based on MAC address, schedule, etc. If the only problem is Internet access (other network resources remain inaccessible), that would seem to be the place to take action.
Of course, since you live in the same house, there’s probably ALWAYS going to be a way around your security measures, including just disconnecting the router and running an Ethernet cable from his PC directly to the modem. There’s only so much you can do when someone has physical access.