DHCP server not leasing addresses

My server 2003 is not leasing addresses for my domain.  The server name listed on the DHCP mmc is similar to: activedirectory.<companyname>.local.  It used to say the server name like: Server[192.168.100.253].  I've tried uninstalling and re-installing but still nothing.  Anyone have any ideas about what it could be?  Thanks.
LVL 1
CharbroiledAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ChiefITCommented:
Did you authorize it as a DHCP server?
0
CharbroiledAuthor Commented:
Yes it is Authorized.  It's almost as if DHCP doesn't realize that it should lease addresses.  If I add the correct server name (e.g. Server[192.168.100.253] to the mmc, it will revert back to activedirectory.<companyname>.local[192.168.100.253] after a few hours.

What's also weird is that netsh shows the correct name for the DHCP server but on the MMC it's wrong.  Very strange.
0
ChiefITCommented:
Download DHCPloc.exe onto an XP machine and look for a rogue DHCP server.

A rogue DHCP server is one with the same address pool and scope as your server. If your DHCP server sees a rogue, it will shut down. Since you have to authorize Microsoft DHCP servers, most likely the rogue is a mass storage device, or router. They can be supplying DHCP.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

CharbroiledAuthor Commented:
Thanks Chief for the comment but I tried DHCPloc last week and found nothing.  I'm thinking it's more of an Active Directory misconfiguration or DNS.  Unfortunately I don't know enough about DHCP to know where it gets it's information from.  I did check ADSIedit after following instructions from some other web sites and it looked ok but I can't be sure.  Thanks again.
0
ChiefITCommented:
Have you unistalled and reinstalled the service?
0
CharbroiledAuthor Commented:
Yes several times.  Every time I reinstall it immediately names itself activedirectory.<myCompany>.local.  It's even named that in ADSIedit.  Just for fun I tried pinging activedirecory.<company>.local (from the same computer) and it replied with my servers IP.  I looked in DNS and could not find any record for that.  It's almost like DHCP doesn't know its part of a domain.
0
ChiefITCommented:
The DHCP service doesn't know it is a part of the domain. DHCP is its own entity. It's sole purpose in life is to provide an IP to clients and servers that request one. It doesn't discriminate between domain computers and workgroup computers unless you specifically tell it to. To tell it to, you have to use 802.1 or some other access based enumeration protocol:

Info on 802.1:
http://en.wikipedia.org/wiki/802.1x

The fact that your DHCP server isn't supplying IPs, is still a mystery. Usuall it is the result of a Rogue DHCP server. Rogues are usually mass storage devices or routers that are supplying DHCP. So, you may want to double check the LAN for those nodes.

Your issue can also be caused by non authorization, which we already covered.  

Now, if you can ping it, you should be getting a DHCP address from it. So, we have to retarget out troubleshooting.

Now, I have a couple more ideas that may shed light on the subject, but have to ask a few questions first.

1) Have you configured ANY reservations within the DHCP scope?
2) Have you configured ANY acceptions within the DHCP scope?
3) Do you have a multihomed server, (meaning a server with two or more IPs, such as two nics)?
4) Do you have a VPN connection on this server?
5) Are you seeing your Scopes and/or address pool zero out?
0
CharbroiledAuthor Commented:
Hi Chief,

Thanks for the reply.  To answer your questions:

1. No
2. No
3. No
4. No
5. Not sure what you mean.  The scope appears to be displayed normally.

To add more weirdness Exchange is installed on this server and recently a few addresses have been changed from me@domain.com to me@activedirectory.<companyname>.local.

Netmon shows dhcp discover packets reaching the server but no offers comming back.  If I check stats on the DHCP MMC it says offers where offered but I don't see any on the wire.  Thanks again for replying.
0
ChiefITCommented:
Sorry about not responding sooner: I just went through Hell week with our enterprise mail server and XP service pack three knocking down about 30% of my computers.

If the discovery packets are recieved and the offer is not sent, then you should see errors in the DHCP logs. NOT the Event logs, the DHCP log.

http://support.microsoft.com/kb/298367

If DHCP sees the discovery, it should provide the offer to the client. If it doesn't see the offer, I am going to have to ask what firewall software you have on this server. I know of two software firewalls that can knock down DHCP. One is Windows firewall and the other is ISA firewall.

I will get back to the DCHP scopes zeroing out. I am just trying to cover the most common causes of your problem with the DHCP server first.
0
CharbroiledAuthor Commented:
Hi ChiefIT,

Hope you had a great holiday last week.  I think we got hit with a touch of the SP3 issue as well and I was handling that earlier this week.  But for now back to the DHCP issue.

I checked the DHCP logs and they are clean.  By that I mean there are no errors.  Here is a sample when I unauthorized and then reauthorized my dhcp:

24,12/04/08,09:36:47,Database Cleanup Begin,,,,
25,12/04/08,09:36:47,0 leases expired and 0 leases deleted,,,,
25,12/04/08,09:36:47,0 leases expired and 0 leases deleted,,,,
01,12/04/08,10:34:25,Stopped,,,,
00,12/04/08,10:43:00,Started,,,,
56,12/04/08,10:43:01,Authorization failure, stopped servicing,,comp.org,,
55,12/04/08,10:43:31,Authorized(servicing),,comp.org,,

Before that it's just clean-up messages for the entire week.  So I'm using Netmon and I see the Discover packets coming through but no offers (using DHCP filter).  According the DHCP it is offering so they are not making it on the wire.

I don't have any firewall (that I know of) on this machine at the moment.  ISA is not installed and windows firewall is not enabled.  I also checked packet filtering on the nic and it's off.

Could you please explain scope zeroing out?  I'm not familiar with that and I'd like to make sure it's not causing this.

I've attached two pics of my DHCP MMC so you can take a look for yourself.  Notice the name of the server (activedirectory vs. MachineName).   I'm not sure but I don't think that's normal.  Thanks again Chief for taking a look at this.

DHCPpic.jpg
DHCPStats.jpg
0
CharbroiledAuthor Commented:
Something I forgot to add.  Although I don't have ISA I do have RRAS installed.  I tried disabling it though to troubleshoot.  
0
CharbroiledAuthor Commented:
I think my dhcp database could be corrupted.  While backing up my server one of the files that could not be copied was system32/dhcp/tmp.edb.  I'm not sure how to fix it since i tried uninstalling/reinstalling DHCP but that didn't work.  Anyone have any other ideas?
0
CharbroiledAuthor Commented:
Bump...

I know it's been a while but this has still not been resolved.  I got excited when I read: http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/SBS_Small_Business_Server/Q_23457114.html
I tried what was suggested but that didn't work.  I have that same nic card but.. no go.  Anyone have any other ideas?
0
CharbroiledAuthor Commented:
OK, I finally figured this out.  It turns out that IPSec was the culprit.  Although all communications were working fine, it was blocking DHCP Offers from communicating with workstations.  Apparently even though I had set IPSec to "Request" encryption, it was still blocking broadcast traffic.  The solution was to add an exception to my servers IPSec policy that allows UDP port 67 from <server> to <any>.  After that everything worked perfectly.
0
ee_autoCommented:
Question PAQ'd, 300 points refunded, and stored in the solution database.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.