Jack Dee
asked on
Windows 2003: DHCP will not authorize "access is denied" error
Hello Experts!
I am trying to move DHCP services off my Windows 2000 server from Domain A (scheduled to be collapsed) and on to my Windows 2003 server in Domain B. The scopes configured on each Domain Controller are almost identical with the exception of WINS servers. After unauthorizing DHCP and stopping the DHCP services on the Win2k server, I try to authorize the DHCP on the Win2k3 server and get the "access is denied" error although I am a Domain Admin on the network.
I found this article, but it does not really answer my question.
https://www.experts-exchange.com/questions/21079060/DHCP-wont-authorize-'says-access-denied'-on-win-2003-server.html?query=DHCP+access+denied&clearTAFilter=true
My event IDs are 1046 and 1056
1046
The DHCP/BINL service on the local machine, belonging to the Windows Administrative domain ad.gd-ais.com, has determined that it is not authorized to start. It has stopped servicing clients. The following are some possible reasons for this:
This machine is part of a directory service enterprise and is not authorized in the same domain. (See help on the DHCP Service Management Tool for additional information).
This machine cannot reach its directory service enterprise and it has encountered another DHCP service on the network belonging to a directory service enterprise on which the local machine is not authorized.
Some unexpected network error occurred.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
1056
The DHCP service has detected that it is running on a DC and has no credentials configured for use with Dynamic DNS registrations initiated by the DHCP service. This is not a recommended security configuration. Credentials for Dynamic DNS registrations may be configured using the command line "netsh dhcp server set dnscredentials" or via the DHCP Administrative tool.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
I have uninstalled and reinstalled DHCP on the Win2k3 server and still have the same symptoms.
Please help!
I am trying to move DHCP services off my Windows 2000 server from Domain A (scheduled to be collapsed) and on to my Windows 2003 server in Domain B. The scopes configured on each Domain Controller are almost identical with the exception of WINS servers. After unauthorizing DHCP and stopping the DHCP services on the Win2k server, I try to authorize the DHCP on the Win2k3 server and get the "access is denied" error although I am a Domain Admin on the network.
I found this article, but it does not really answer my question.
https://www.experts-exchange.com/questions/21079060/DHCP-wont-authorize-'says-access-denied'-on-win-2003-server.html?query=DHCP+access+denied&clearTAFilter=true
My event IDs are 1046 and 1056
1046
The DHCP/BINL service on the local machine, belonging to the Windows Administrative domain ad.gd-ais.com, has determined that it is not authorized to start. It has stopped servicing clients. The following are some possible reasons for this:
This machine is part of a directory service enterprise and is not authorized in the same domain. (See help on the DHCP Service Management Tool for additional information).
This machine cannot reach its directory service enterprise and it has encountered another DHCP service on the network belonging to a directory service enterprise on which the local machine is not authorized.
Some unexpected network error occurred.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
1056
The DHCP service has detected that it is running on a DC and has no credentials configured for use with Dynamic DNS registrations initiated by the DHCP service. This is not a recommended security configuration. Credentials for Dynamic DNS registrations may be configured using the command line "netsh dhcp server set dnscredentials" or via the DHCP Administrative tool.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
I have uninstalled and reinstalled DHCP on the Win2k3 server and still have the same symptoms.
Please help!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
In addition, I found this for those that may reference this post later:
"If a DHCP server is also configured as a DNS server, members of the DHCP Admin group can view and modify the DHCP configuration but cannot modify the DNS server configuration on the same computer. Because members of DHCP Admin have rights on the local computer only, they cannot authorize or unauthorize DHCP servers in Active Directory; only members of the Domain Administrators group can perform this task. If you want to authorize or unauthorize a DHCP server in a child domain, you must have enterprise administrator credentials for the parent domain."
Quote taken from here:
http://www.microsoft.com/technet/itsolutions/techguide/wssra/raguide/Network_Services_SB_2.mspx