Solved

Why should I use Microsoft verus ISC (Linux-based) DHCP in an Active Directory environment?

Posted on 2008-06-12
8
517 Views
Last Modified: 2012-08-14
My organization will utilize reserved DHCP assignments almost exclusively for IP connectivity, and as such DHCP must be robust and highly available. For that reason, I am very interested in ISC's DHCP failover feature. However, of prime importance is that our DHCP implementation constitutes no significant loss of features or incompatibility with Active Directory.

1. Will ISC's DHCP implementation work well with Active Directory?
2. Can an ISC DHCP server seamlessly substitute an authorized Windows DHCP server in Active Directory? Can it be established as the exclusive authorized server for Microsoft clients at all?
3. Have you any experience using this failover feature with Windows DHCP clients? If so, does it work well?
4. Lastly, are there any really hard-hitting reasons why, from either an administrative or functional perspective, I might prefer Windows to ISC DHCP with Active Directory?

Thanks in advance, and please be civil. :)
0
Comment
Question by:carnesc
  • 4
  • 4
8 Comments
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 21772748

1. Yes, although if DHCP is updating DNS things get rather tricky. You're likely to have to go with non-secure dynamic updates.

However, if all your clients are 2000 and above they can update DNS directly so that doesn't normally constitute a big loss and you're back on secure updates only.

2. As far as I know, no.

3. As far as I'm aware Windows DHCP doesn't have a fail-over feature. You can, however, configure a Split Scope so both servers can hand out valid addresses for a subnet (without overlapping assignable scopes).

That means that reservations and scope options have to be configured on each server as well. Administratively a bit too heavy and way behind the preferred fail-over mechanism.

4. Not really. Windows DHCP is rather basic. It does have a few specific options, such as the ability to disable NetBIOS over TCP/IP, but nothing fundamental.

The DHCP team were asking for feedback on how Windows DHCP could be improved not so long ago. If some of the suggestions (including scripting support and fail-over) go ahead it will be more manageable and perhaps then there's an argument to maintain Windows DHCP over ISC's.

HTH

Chris
0
 

Author Comment

by:carnesc
ID: 21774812
Wow. Coming from a Windows administrator, that's quite a plug for ISC! I suspected as much.

Regarding question three, I meant to ask in terms of user experience using ISC's DHCPd and failover feature with Windows clients, not Windows DHCP.

Incidentally, I looked into the split scope option, and administratively speaking, I agree it's pretty lame by comparison with ISC's failover. If I went with Windows, I would use it in a virtual machine and simply rely on speedy restores from virtual disk backups.

But back to my point: Have you used ISC with Windows clients in an AD environment? Just curious how well it worked and what glitches you may have noticed with ISC's failover (if used).

Much appreciated.
0
 

Author Closing Comment

by:carnesc
ID: 31466674
Just wondering if you've noticed any issues using ISC failover.
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 21813486

My apologies, forgot to write up a response.

I've not had any problem, the transition between servers has been invisible to the user end, with only a tiny outage while the servers change.

Chris
0
 

Author Comment

by:carnesc
ID: 21818848
Thanks Chris. If you don't mind my asking, what OS are you running it on, and with what tool do you manage it?
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 21820370

Solaris, and it's managed on the command line :)

Chris
0
 

Author Comment

by:carnesc
ID: 21822383
Oh, the Humanity! :)

Thanks Chris. I appreciate your input.
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 21822925

No problem, good luck :)

Chris
0

Join & Write a Comment

Suggested Solutions

Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now