Solved

Why isn't my DHCP Scope issuing leases anymore?

Posted on 2008-06-13
12
682 Views
Last Modified: 2012-08-13
This is a wierd one.  We have a Windows 2003 Server that we move the DHCP scope off of back in March 2008.  Everything has been running fine until last week.  All of a sudden the server stopped renewing IP Addresses.

There are a few dhcp errors inside the event log, pointing to the permissions that the scope runs under but I can't remember the exact error message.  I did what MS told me to do and it didn't resolve the issue.

I also saw an error in the event log that pointed to a Jet -1032 error; but that didn't yield any positive results either.
I followed MS's approach to restore the DHCP database which didn't help and I also totally deleted the DHCP scope and recreated it; which didn't help either.

Some of my users can get a DHCP address but the majority cannot; which makes little sense to me.  I have turned the DHCP on the old server scope back on and there isn't a conflict; which there should be since it is the same scope with the same exceptions, and it is issuing DHCP addresses without issue.

What am I missing?  I have checked the permissions and they are h set to the same settings.  As I said earlier, it was working fine for 3 months then all of a sudden it started having issues.

We have the lease set to expire after 8 days.

Any help is appreciated.
0
Comment
Question by:roadnrail
  • 7
  • 5
12 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 21785012
>>"There are a few dhcp errors inside the event log, pointing to the permissions that the scope runs under but I can't remember the exact error message"
That would be useful information to have.

In the DHCP management console if you expand the server name, there should be a green dot on the server name. Is there? If not is it blue, yellow, red, and what icon is it?

-Have credentials been set and is it a current user name and password? [ right lick on scope name | properties | advanced | credentials]
-Have you authorized the scope? [Right click on the server name it should show unauthorize if authorized]
-Is DHCP bound to the correct adapter? [ right lick on scope name | properties | advanced | bindings]
0
 

Author Comment

by:roadnrail
ID: 21785251
RobWill,

Thanks for your reply and here's what I got.
In the management console the is a Green Arrow pointing UP beside the scope and the scope is **ACTIVE** when I click on the scope name.

The error message is below since it is huge.  I didn't think about it, but I clicked on the "more help" in the event log and it actually took me somewhere.

Yes, the credentials are set with an active Username and Password (using the administrator account), but I reset the password just in case.
The Scope has been authorized (see Unauthorize when I right click)
There is only 1 adapter showing up in the bindings area and it is checked.

DHCPServer Error Code: 1014
Details
Product: Windows Operating System
ID: 1014
Source: DhcpServer
Version: 5.2
Symbolic Name: EVENT_SERVER_JET_ERROR
Message: The following problem occurred with the Jet database %1: Jet database read or write operations failed. If the computer or database has just been upgraded, then this message can be safely ignored. If this message appears frequently, either there is not enough disk space to complete the operation or the database or backup database may be corrupt. To correct this problem, either free additional space on your hard disk or restore the database. After you restore the database, ensure that conflict detection is enabled in DHCP server properties. For information about restoring the database, see Help and Support Center. Additional Debug Information: %2.

We have 153 GB's on that partition and 750 GB's on the D partition so I know it's not the Hard drive space running low.  Don't think you can run dskchk on a SCSI array, but never tried it so I don't know for sure and lastly, the DB is only 5 MB's in size.

Thanks for the help and the wierd thing is that it was working for 3 months then just stopped.  That's what I would like to know; WHY?  

The only thing installed on that machine in the last 3 months has been MS updates and and 2 accounting package that uses port 10000 and port 9999 to communicate on and the MS updates.

All have been working fine for the last 3 months until last week when the leases stopped getting renewed.

Thanks again for the help and hope to hear from you soon.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 21785457
Sounds more like corruption than a space issue. I have seen that with some anti-virus programs, but have you seen the following list from EventID.net?  They have several good links relating to this problem. Perhaps review those if you haven't already.
http://www.eventid.net/display.asp?eventid=1014&eventno=593&source=DhcpServer&phase=1
0
 

Author Comment

by:roadnrail
ID: 21805092
Lookng into these items now.  I tried restoring the databae from a backup and it didn't work.

Tried excluding the folder yesterday afternoon from my Symantec EndPoint Protecton and am waiting to test it now.
0
 

Author Comment

by:roadnrail
ID: 21805253
Does anyone know what a "Rogue Service" is in the DHCP world?

50+       Codes above 50 are used for Rogue Server Detection information.
Part of the DHCP log from Monday
00,06/16/08,11:40:29,Started,,,,
55,06/16/08,11:40:29,Authorized(servicing),,RoadandRail.com,,
24,06/16/08,12:40:30,Database Cleanup Begin,,,,

However, it did assign/renew IP addresses for 5 machines, but not for 10 others.
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 21805562
http://www.serverwatch.com/tutorials/article.php/10825_2193001_2
A rogue DHCP server is another unauthorized DHCP server. Could be malicious or just something like a router with DHCP enabled.
I have also seen employees add home routers, usually wireless) to a network and install them backward by mistake such that they are offering DHCP leases to your network.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 

Author Comment

by:roadnrail
ID: 21805720
Well, I have 2 DHCP servers.  the old one and the new one.  I had to turn on the old one because the new one stopped issuing leases.

They both have the same scope and range so that could be it.  But I need to make sure the uses have a valid ipaddress so they can work.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 21805944
Can you change the DHCP scopes on the two servers so they don't overlap?
0
 

Author Comment

by:roadnrail
ID: 21806320
Sure I can; but this was the first thing I tried ad it didn't resolve anything.

Also deleted the original scope (thought about possible corruption) and rebuilt it; but that didn't help either.

I'll change it to:
 New = upper 1/2 of the scope.
 Old = Lower 1/2 of the scope.
0
 

Author Comment

by:roadnrail
ID: 21814574
Well, I feel like a heal.  One of the things I found in my research after chasing my tail on this is that "Is DHCP Relay Turned On?"

It's not by default.  So we tried turning it on.  "Can't turn on DHCP Relay while the Windows Firewall is enabled."  So we disabled it and WOW imagine that, DHCP now works again.  Go figure.

Anyway, we had never had the firewall on in the first place so not really sure how it got turned on, but that was the issue.

Thanks RobWill for all your help.  I greatly appreciate you taking the time out to entertain me for a few days.
0
 

Author Closing Comment

by:roadnrail
ID: 31468452
I found the answer myself, but am awarding you all the points since you helped in my research and pointed me toward possible solutions which a definately appreciate.

Thanks for all your efforts and hardwork to help me out.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 21815514
Thanks roadnrail. Glad to hear you were able to resolve.
Are you sure it was the Windows firewall and not the the RRAS NAT/firewall with DHCP enabled.

Cheers !
--Rob
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Ever wondered why you had to use DHCP options (dhcp opt 60, 66 or 67) in order to use PXE? Well, you don't!
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now