• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1270
  • Last Modified:

DHCP Authorize/Unauthorize in AD using Netsh

Having a strange issue.  I'm trying to add a new dhcp server at a site, but cannot properly authorize/unauthorize DHCP.  I believe this is due to leftover baggage in AD from a previous DC with the same name/IP.  When I run a netsh dhcp show server, it shows me two authorized DHCP servers at that site, but both contain incorrect information, yet one is currently authorized and performing DHCP without issue.  Does AD key off the DNS name, IP address or both when authorizing a dhcp server?  For example,  here's what I see in AD > 

Server [ChicagoDC.sub.domain.com] Address [10.28.32.47] Ds location: cn=ChicagoDC.sub.domain.com

Server [ChicagoDC1.sub.domain.com] Address [10.28.32.48] Ds location: cn=ChicagoDC.sub.domain.com

The server that's currently up and running and serving DHCP properly is  ChicagoDC.sub.domain.com, but it's IP address is really 10.28.32.48 so both AD entries are technically incorrect.  I could delete them both, but I'd like to avoid breaking the current DHCP server if possible.

Ultimately, I'm trying to move DHCP from ChicagoDC [10.28.32.48] to Chicago DC1 [10.28.32.49].  I know how to move it, but cannot get it to work on ChicagoDC1 due to the mixup in AD.

Any thoughts on how to clean up the incorrect DHCP info in AD?

Thanks!
0
dkraut
Asked:
dkraut
3 Solutions
 
mittermuellerCommented:
You may user ntdsutil with metadata cleanup (after a backup of AD).
0
 
Mike KlineCommented:
Are you using an account that is in the enterprise admin group when trying to authorize the DHCP server?

Thanks

Mike
0
 
dkrautAuthor Commented:
Yes Mike,  I'm pretty sure the issue is being caused by the twisted up DHCP settings in AD.  
0
 
AwinishCommented:
You can remove the entry from ADSIEDIT.MSC & remove wrong or which is not authorizing.

http://blogs.technet.com/b/networking/archive/2009/02/27/old-dhcp-servers-appear-in-the-list-of-authorized-servers-after-a-domain-rename.aspx

Delete the scope & recreate it & it should work.

The enterprise admin account is required when you have multiple domain to authorize dhcp else domain admin membership account is sufficient.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now