Solved

DHCP Server not functioning

Posted on 2007-03-21
29
4,383 Views
Last Modified: 2008-01-09
One of my Windows Server 2003 DHCP servers has stopped functioning. The machine acts as a DC, DNS, File Server and DHCP server for one of my small offices. The rest of the services listed appear to be working normally.

The local management console of the machine gives no indication that there is a problem with DHCP, but if I try to reach the DHCP application from a remote console, I get the following message:

Cannot find the DHCP Server
The DHCP Server you specified cannot be located. The DHCP server might be down, there might be network problems, or the DHCP service might not be installed.
The error was: The DHCP Server Service is not running on the target computer.
To retry the connection, either press F5, or on the action menu, click Refresh.

The problem that I am having is that the server is simply not assigning addresses to clients. Clients that obtained addresses before the problem started are functioning normally, as are machines that are manually assigned IPs. The server does not respond to renew requests for addresses.

I have restarted both the machine and the DHCP Server service, but it hasnt made a difference. The machine seems to behave normally otherwise: reponsive to pings, RDP connections, etc.. I cant narrow down the time of the failure precisely, but I suspect it coincides with a power failure at the office over the weekend. Event logs don't reveal anything substantial.

Any suggestions?
0
Comment
Question by:brainbolt
  • 12
  • 12
  • 3
  • +1
29 Comments
 
LVL 70

Expert Comment

by:KCTS
ID: 18765083
Check that it is authorised. Right click on the DHCP Server in the DHCP Console. If Authoirize appears as an option select it. (if is says Unauthorize you are Ok on this front, don't do anything and get back to EE)
0
 
LVL 2

Author Comment

by:brainbolt
ID: 18765125
The local console says "Unauthorize."
0
 
LVL 70

Expert Comment

by:KCTS
ID: 18765169
Pity - that means its OK and I'll have to think again.
0
 
LVL 2

Author Comment

by:brainbolt
ID: 18765210
Is it possible that the power failure somehow corrupted the DHCP service and that it needs to be reinstalled?
0
 
LVL 4

Expert Comment

by:Michael Frederick
ID: 18765342
What.
It has to be Autherized, not unautherized to be working.

When you look in DHCP is there a red X or a green arrow? If it is a Red X you need to Autherize it.

Get back to me.

Cheers
0
 
LVL 4

Expert Comment

by:Michael Frederick
ID: 18765356
If it is unauthorized, then right click it and authorize it.
0
 
LVL 2

Author Comment

by:brainbolt
ID: 18765365
KCTS's post seems to indicate that if you have the option to Unauthorize it, it must already be authorized, which makes sense to me.

On the local console it is a green arrow. On the remote management console it is a red "X."
0
 
LVL 4

Expert Comment

by:Michael Frederick
ID: 18765382
Ah,
My bad.

But a quick glance and it appears that you are saying different.

Cheers
0
 
LVL 4

Expert Comment

by:Michael Frederick
ID: 18765399
Event log check time.

What kind of errors are you getting in your system logs?
0
 
LVL 2

Author Comment

by:brainbolt
ID: 18765670
Immeidately following the power failure, I started getting this:

**********************************
Event Type:      Warning
Event Source:      DhcpServer
Event Category:      None
Event ID:      1056
Date:            3/19/2007
Time:            8:07:24 AM
User:            N/A
Computer:      CUBEDC02
Description:
The DHCP service has detected that it is running on a DC and has  no credentials configured for use with Dynamic DNS registrations  initiated by the DHCP service.   This is not a recommended security configuration.   Credentials for Dynamic DNS registrations may be configured using the command line "netsh dhcp server set dnscredentials" or via the  DHCP Administrative tool.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00               ....    
*********************************

Which was always follwed by this:

*********************************
Event Type:      Information
Event Source:      DhcpServer
Event Category:      None
Event ID:      1044
Date:            3/19/2007
Time:            8:07:29 AM
User:            N/A
Computer:      CUBEDC02
Description:
The DHCP/BINL service on the local machine, belonging to the Windows Administrative domain CUBE.CORP, has determined that it is authorized to start. It is servicing clients now.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00               ....    
*******************************************

So I followed the directions in MS KB282001 (http://support.microsoft.com/kb/282001/en-us), I used the DHCP Server Snap-In method and then restarted the DHCP service. I no longer get Event ID: 1056, but it didn't address the problem.

Nothing else in the logs that I can see as related to DHCP. There are other various events that relate to printers and an ACPI BIOS error that has to do with attempting to read form an illegal IO port address, but that is nothing new with this machine.

0
 
LVL 70

Expert Comment

by:KCTS
ID: 18765896
Go into Services and view the properties of the DHCP Server Service. Is it set to use the local sustem account or a specified account. Check that these accounts are not locked out or disabled.
0
 
LVL 4

Expert Comment

by:Michael Frederick
ID: 18765976
The credentials can be set via command line as suggested, but that can be problematic sometimes. The changes can also be made via the DHCP MMC. Go into the properties of the DHCP server, not the scopes, and then select the "Advanced" tab and finally the "Credentials" button. Fill in the account information as requested.
0
 
LVL 4

Expert Comment

by:Michael Frederick
ID: 18765994
0
 
LVL 2

Author Comment

by:brainbolt
ID: 18766016
KCTS; the Log On property of the DHCP Server service is set to "Local System account"

TEKWAZOO; I have actually already run that process through the DHCP Server properties.
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 4

Expert Comment

by:Michael Frederick
ID: 18766038
Restart DHCP services and tell me what errors you get if any in system log.
0
 
LVL 2

Author Comment

by:brainbolt
ID: 18766134
When I Restart DHCP I dont get an error. I get the following event in the system log:

******************************************
Event Type:      Information
Event Source:      DhcpServer
Event Category:      None
Event ID:      1044
Date:            3/21/2007
Time:            1:15:38 PM
User:            N/A
Computer:      CUBEDC02
Description:
The DHCP/BINL service on the local machine, belonging to the Windows Administrative domain xxx.xxx, has determined that it is authorized to start. It is servicing clients now.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00               ....    
*******************************************
0
 
LVL 4

Expert Comment

by:Michael Frederick
ID: 18766161
And the client stations still do not get an IP?

At the client station run:
Run CMD
ipconfig /release
ipconfig /renew

Anything?

0
 
LVL 2

Author Comment

by:brainbolt
ID: 18766436
When I run ipconfig /renew I get a message that says the DHCP server cannot be reached.

0
 
LVL 4

Expert Comment

by:Michael Frederick
ID: 18766458
Everything that I see says it should be working. Hmmm

At this point I would start thinking about rebuilding DHCP. It is possible that during the power outage that DHCP took a real hard hit and is now corrupted.

Just to be sure, you have checked for the renew on other client stations. We are not just doing this on one machine? Correct.
0
 
LVL 2

Author Comment

by:brainbolt
ID: 18766940
Correct; I have tested it on more than one machine.

When you say "rebuilding" it sounds like you are talking about more than just reinstalling an OS component. What did you have in mind?
0
 
LVL 4

Expert Comment

by:Michael Frederick
ID: 18767135
Correct and it is a lot faster then rebuilding the whole OS. You are just removing the DHCP and then reinstalling it. Once that is completed, you will just reconfigure it. Do you have many scopes in place?
0
 
LVL 4

Expert Comment

by:Michael Frederick
ID: 18767179
Before you do any of this make sure you know what scopes you have inpace and how they are configured.

Add/Remove Programs
Add/Remove Windows Components
Network Services
Uncheck DHCP
Ok through
Reboot

Add/Remove Programs
Add/Remove Windows Components
Network Services
check DHCP
Ok through
Reboot

Administrator Tools
DHCP
Authorize
Configure scopes
Reboot

Test with client station
0
 
LVL 2

Author Comment

by:brainbolt
ID: 18773794
I followed the steps you recommended, but it didnt change anything. I am still getting no response from the DHCP server when attempting to renew the address on client computers.

After I uninstalled and reinstalled DHCP, I got the following entries in the system event log

***********************************
Event Type:      Error
Event Source:      DhcpServer
Event Category:      None
Event ID:      1046
Date:            3/22/2007
Time:            12:31:08 PM
User:            N/A
Computer:      CUBEDC02
Description:
The DHCP/BINL service on the local machine, belonging to the Windows Administrative domain xxx.xxx, has determined that it is not authorized to start.  It has stopped servicing clients.  The following are some possible reasons for this:
      This machine is part of a directory service enterprise and is  not authorized in the same domain.  (See help on the DHCP Service  Management Tool for additional information).

      This machine cannot reach its directory service enterprise and  it has encountered another DHCP service on the network belonging to  a directory service enterprise on which the local machine is not authorized.

      Some unexpected network error occurred.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00               ....    
**************************************
But it was then followed with this:

**************************************
Event Type:      Information
Event Source:      DhcpServer
Event Category:      None
Event ID:      1044
Date:            3/22/2007
Time:            12:38:36 PM
User:            N/A
Computer:      CUBEDC02
Description:
The DHCP/BINL service on the local machine, belonging to the Windows Administrative domain xxx.xxx, has determined that it is authorized to start. It is servicing clients now.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00               ....    
****************************************

I checked the details for the event, and according to microsoft, the first error simply means that the DHCP server is not authorized to start. My server is definately authorized to start, so that is probably why I get the second event (1044) that says everything has started.

I am starting to wonder if this could be a network connectivity issue of some sort. If I recall, DHCP clients utlize a broadcast method for finding servers. Anyone know how I can test a broadcast to make sure that something isnt having a problem?
0
 
LVL 4

Expert Comment

by:Michael Frederick
ID: 18773826
It has to be something else. The DHCP service is running just fine.

There is not any other DHCP running on the network?
0
 
LVL 2

Accepted Solution

by:
brainbolt earned 0 total points
ID: 18777409
Well, I figured out what the problem was: Windows Firewall. The firewall on the server had not been configured to allow the exceptions necessary for a DHCP Server. I configured group policy firewall settings to manage the firewalls in the netowrk a few weeks ago, but for whatever reason, they apparently didnt go into effect on this machine until it was restarted because of the power failure.

I should have thought of that sooner.

Thanks for your help.
0
 
LVL 2

Author Comment

by:brainbolt
ID: 18777420
By the way, to configure the firewall on a DHCP Server to allow it to function properly, you need to allow exceptions for UDP ports 67 and 2535.
0
 
LVL 2

Expert Comment

by:BMarden
ID: 18805569
check to make sure netbios over tcpip is running on server and on clients and that their is no router between, if there is a router then it may need netbios helper
0
 
LVL 2

Author Comment

by:brainbolt
ID: 18810745
The problem was that Windows Firewall didnt have the proper port exceptions for a DHCP Server.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now