is it somehow possible to achieve same state as on WLC - "DHCP Addr. Assignment required" on Catalyst switches? I want to prohibit all users to assign static IPs on their laptops and use only DHCP and make exceptions only on some ports where are some appliances which must have static IP.
If you want to block a port when its client is using static IP address, you must use IP DHCP Snooping. In this scenario, the ports which are allowed to carry static ip addresses, are Trusted .
You can have a network with combination of static and dynamic IP addresses and you can also configure DHCP on Cisco Catalyst switches.
DHCP snooping , RACL and MACLs can negate rouge dhcp servers
However to negate users from applying statics to their pcs would require a local group policy on each pc to tie down access to the nic properties
This is something active directory can do but not i am aware it's possible from a Cisco perspective