Solved

Share single DHCP database

Posted on 2007-04-09
16
547 Views
Last Modified: 2010-04-18
What is the best way to share a single DHCP datebase between to DHCP servers.  One is running, the other will be on standy.  Should i store it on a 3rd location and simply point both to that location?
0
Comment
Question by:Mark Walden
  • 9
  • 7
16 Comments
 
LVL 26

Expert Comment

by:Pber
ID: 18876050
The database is designed not to be shared.  You could point it to a third server, but if the 3rd server goes down, your DHCP is down.  So you've only gained complexity and not really any more reliablility.  The best way to do this is to leave the local databases and use the 80/20 rules and have one DHCP server server up 80% of the subnet in each scope and the other servering the other 20% of the addresses.  

See this:
http://technet2.microsoft.com/WindowsServer/en/library/75cd0e1f-f464-40ea-ac88-2060e6769f331033.mspx?mfr=true

If you have clustering you could do this with shared disk.
0
 
LVL 26

Expert Comment

by:Pber
ID: 18876058
Here's the 80/20 rule info, it refers to 2000, but still valid for 2003:

http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/cnet/cncb_dhc_ogjw.mspx?mfr=true
0
 
LVL 4

Author Comment

by:Mark Walden
ID: 18876775
Our network is too large to use a 80/20 setup.  Plus, my bosses dont want to split it up.  I have about 433 Scopes, 9000 or so clients.  Some scopes are near capacity.  I will have the database backed up somewhere else.  But with the network so reliant on DHCP, i can afford zero downtime.  Cluster will be in place, but i need to know how to share the database (Special accounts if needed, how to point to database, permissions to what).  I agree with you on the complexity, but this is what i need.  Thanks for the help.
0
 
LVL 26

Expert Comment

by:Pber
ID: 18877002
You mentioned cluster will be in place?  Are you planning on putting this on a Windows Cluster?  Because if this is what you are trying to do, this is easy.  We do this with our DHCP and it's about the same size as yours.

Do you need a hand configuring that?
0
 
LVL 4

Author Comment

by:Mark Walden
ID: 18877061
Yes, windows clustering will be in place.  I just want to get the database issue resolved first.  I know there are some permissions and reg keys that need changed, but im not sure as to which ones.
0
 
LVL 26

Expert Comment

by:Pber
ID: 18877177
Well if you are using Windows Clustering, you put the the DHCP on the shared disk that belongs to the DHCP Resource Group.  Then in the DHCP service parameters in the cluster administrator, you point the database path to your shared disk in the DHCP resource group.

If you are migrating to a cluster from a standalone, during cut over time, turn off the old dhcp service, copy the database to the cluster shared disk.  Then point the DHCP service parameters to the folder that contains the dhcp on the shared disk.  You can also keep the same IP address as your old server (this way you don't have to update every single IP helper on your routers).  Turn on the service and it should pick up the database seamlessly



0
 
LVL 4

Author Comment

by:Mark Walden
ID: 18877459
But, can i do this without cluster inplace.  I can not config clustering yet.  Just want to see if i can get the database working with the 2 machines.  You have been a great help so far.  The points are yours.
0
 
LVL 26

Accepted Solution

by:
Pber earned 300 total points
ID: 18877695
I haven't done this, but To do what you want to do, you'll probably need to configure the DHCP service to run under a domain account as opposed to the local system account.

So stop the dhcp service, create a domain service account for dhcp to run under.
You'll need to add that account to the local admins of both servers hosting the dhcp service.  You'll need to create a share on the 3rd server (\\server\dhcpshare) with modify rights on the share and ntfs for the domain service account mentioned above (You might need to set this to Full Control, but try Modify first).  You may also have to add this service account to the local DHCP administrators on each of the DHCP servers (You need to add DHCP admin users to each DHCP Administrators group on each server - this has to also be done this way with a server cluster).  
In the DHCP manager on each dhcp, right click the server and click parameters and select the advanced TAB.  Point the Audit/Database/Backup paths to the UNC path of the 3rd server (\\server\dhcpshare).

One problem that will probably come up is IP addresses of the DHCP server.  You'll need to change the ip address of the dhcp server each time you fail over to match the ip helper address you have defined, or add multiple ip helper addresses on your routers to match your 2 servers (same as the 80/20 rule config).

You should be able to fire up the service one at a time on either server.  






0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 4

Author Comment

by:Mark Walden
ID: 18877764
Sounds about right.  Thanks for the help.  Im sure i will post more on this issue in the future.
0
 
LVL 26

Expert Comment

by:Pber
ID: 18877795
Not a problem
0
 
LVL 4

Author Comment

by:Mark Walden
ID: 18881476
still not working.  If i start the DHCP service with a network account, i can not access the DHCP console.  It says im not auth (but i am).  If i start the service with my network account, i still cant get in to dhcp.  Ideas?
0
 
LVL 26

Expert Comment

by:Pber
ID: 18881664
Are you in the local Admin of both servers as well as in the local DHCP Administrators Group?
0
 
LVL 4

Author Comment

by:Mark Walden
ID: 18881771
Yes, im in both.
0
 
LVL 26

Expert Comment

by:Pber
ID: 18881794
What are the permissions on the share\NTFS?  Try bumping that up to Full Control.

What happens if you move the database back to the local server?  
I know we're going backwards, but it will narrow things down a bit.  This setup might not work as the DHCP might be internally coded to only use the SYSTEM account.  With a cluster the shared disk is considered local and the SYSTEM can access it fine
0
 
LVL 4

Author Comment

by:Mark Walden
ID: 18881978
Yea, i think ill have to find a SAN.  I believe we have one thats not used.  Ill post a new question (with points) if i need help on the config.  Thanks for all you help.
0
 
LVL 26

Expert Comment

by:Pber
ID: 18882015
Fair enough.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now