• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 365
  • Last Modified:

DHCP AD Objects in Server 2003

Through many server migrations over the years it appears that I have inconsitencies in active directory I'd like to clear up for DHCP objects.

I am in ADSIEDIT looking at Configuration/Services/NetServices and i see about 90 percent of the servers listed there htat should be there. If I look in CN=DhcpRoot I see the remaining 10% listed in dhcpServers plus couple of the ones directly under NetServices.

Where should the really reside? As a value in the dhcpServers attribute of CN=DhcpRoot or as an object directly in CN=NetServices?
1 Solution
Henrik JohanssonSystems engineerCommented:
When comparing two AD-forests, the DhcpRoot has value specified in the system that has been upgraded from Windows 2000, but it exist without value in system that was installed as Windows Server 2003 from the beginning.

As specified in the PDF below with the protocol specification, the authorization machanism uses both DhcpRoot and the individual server objects, and that both must be created if they don't exist. It states that the dhcpServers attribute must be updated for the individual server object.
As you want to cleanup and get rid of the inconsistencies, remove the values listed as attribute of DhcpRoot and re-authorize the servers that shall exist.

The validation filter used when checking if server is authorized is specified as it must match any dhcpClass object with DHCP server's IP address or server name in the dhcpServers attribute makes both the DhcpRoot and the individual server object work as long as any of them contain the expected value in the dhcpServers attribute.


Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Tackle projects and never again get stuck behind a technical roadblock.
Join Now