Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

DHCP server problems

Posted on 2012-08-15
18
Medium Priority
?
938 Views
Last Modified: 2012-09-04
I am running DHCP on a 2k3 server. It's been fine until recently. In the last month, I've had issues where clients get an IP address, but can't ping or connect to the DC (also my DHCP).
They are able to ping any other server on the network.
After much research, I've discovered that my DHCP server has an issue, as this now is happening to multiple PCs everyday.  

I have attached a picture of a snapshot of my DHCP.  I have IP's that list "bad_address", and others that are blank.  I'm not sure if any of these are causing the problem, but it doesn't look good.  I'm assuming instead of trying to figure out what is corrupt, it might be easier to just move the DHCP server to another server, right?

So does anyone know of any good websites that have step by step instructions on how to do this?
0
Comment
Question by:afacts
18 Comments
 

Author Comment

by:afacts
ID: 38298549
Here's the attachement.
DHCP.jpg
0
 

Author Comment

by:afacts
ID: 38298560
I just had a user call me and tell me that her PC said there's a duplicate IP on the network, but when I checked, her IP is only listed once in DHCP.
0
 

Author Comment

by:afacts
ID: 38298577
After doing some googling, I was thinking to just migrate the entire database over to the the 2008 server, but if the database is corrupt, then I think I would be moving the issue over to the new server.  It would be nice though to just move everything over, instead of creating all scopes from scratch.
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
LVL 22

Assisted Solution

by:CompProbSolv
CompProbSolv earned 501 total points
ID: 38298593
Is the DHCP configuration too complicated to reconfigure on the other server manually?
0
 

Author Comment

by:afacts
ID: 38298607
Well, kind of.  I have 4 scopes, but that's not the problem, I have a Siemens phone system, an when the vender installed it, they entered a special code of characteres into the DHCP server to make it work. I  have no idea what that code is.  But I was thinking, since it's exporting the database in a .txt document, I wonder if that moves the corruption to the new server or not?
0
 
LVL 19

Assisted Solution

by:Andrew Davis
Andrew Davis earned 498 total points
ID: 38298927
have you checked for existence of a secondary DHCP?

Can you post a ipconfig /all from a good machine and also a bad machine?

Have you tried doing an ipconfig /registerdns to a bad machine?

Cheers.
Andrew
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 38299488
Looks like something is issuing DHCP leases too (another DHCP server?)
Try to investigate if there is any
http://blogs.technet.com/b/teamdhcp/archive/2009/07/03/rogue-dhcp-server-detection.aspx

additionally, please enable on your DHCP server, IP conflict detection attempt and used IPs won't be issued. DHCP database would be rebuilt
http://www.windowsitpro.com/article/dhcp2/how-can-i-enable-conflict-detection-on-my-dhcp-server-

and see if it is working properly then

Regards,
Krzysztof
0
 

Author Comment

by:afacts
ID: 38301071
I am on windows 2003, so it doesn't have the optoin for IP conflict detection.

What gives you the impression that something else is issuing DHCP leases?
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 38302193
Yes you have :) Open DHCP Management console and select server name. Click on it right mouse button and choose "Properties". Udener "Advanced" tab set up 2-3 in section "Conflict detection attempt"

Should work fine. If you wish, you may also rebuild DHCP database by replacing current with empty one. If you're interested, please let me know

Krzysztof
0
 

Author Comment

by:afacts
ID: 38302217
Yes, I guess I don't mind rebuilding it, but the only problem is with my Siemens VoIP phone system, there's special characters they entered when they installed it and I don't know what they are.  Do you have instructions on how to build it step by step, I think I alreayd have an article on this.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 38302258
Please follow a post from EE in which I helped with
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_27818325.html

This is about broken DHCP database but it also applies in your case.

Krzysztof
0
 

Author Comment

by:afacts
ID: 38302262
I ran the subnet and rogue program and it didn't detect any rogue dhcp servers.

my main DHCP server is 192.168.100.50

Then my 192.168.100.81 should be my backup server.

Then it still shows 192.168.100.88 and 192.168.100.89 as "AD authorized MS DHCP servers", and I'm not sure why, as those are decommissioned and not in production anymore, they are disposed of.  How do I deauthorize them from my domain, as I don't physically have those servers anymore.  Can they be causing this problem?
dhcprogue.jpg
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 38302302
Probably not if they have no valid scopes. However, you can clean this up using Active Directory Sites and Services console. But this is sensitive action and you can break something by wrong action. I have no access to test environment to provide you complete guide at this moment, sorry

If you could wait until morning (it's late here, I will check that and prepare guide for you)

Krzysztof
0
 

Author Comment

by:afacts
ID: 38303095
sure, I won't do anything now anyways, so I will wait until Monday morning.
0
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 501 total points
ID: 38303611
OK, so to remove DHCP servers which are no longer authorized but still appears on the list, you need to follow below steps:

1) Open Active Directory Sites and Services console
2) Select root node in the console "Active Directory Sites and Services"
3) In "View" menu select "Show Services Node"
4) Now, you should see new node in the console. Expand "Services" node
5) Select "NetServices" node and go to the right pane
6) Search for DHCP server names and/or their IP addresses (if they are present)
7) You can select them with control key but I would suggest to remove them one by one (just in case :) )
8) Click right mouse button on an entry to remove and choose "Delete"
9) Click "Yes" to confirm

after these steps. "ghost" DHCP should disappear. And you can set up simply conflict detection and rebuild DHCP database

Krzysztof
0
 

Author Comment

by:afacts
ID: 38312291
Thanks, I deleted them, but there's an entry for DhcpRoot.  There's no IP address for it, so not sure what that's for, I'm assuming I don't want to delete that, right?

Also, I'm getting ready to add a new DC, DHCP server, etc... what are the proper steps to add a new DC server, with DHCP, DNS, etc.., Then I will want to decommission my current DC, dhcp, dns, but I will still need to use the server in production, just not for DHCP and DNS.  What do you recomend?

Back to my original post, any idea's what's causing that problem, could it be that my DHCP server is corrupt? If it is, is it not wise to export and import the configuration to my new server?
0
 

Author Comment

by:afacts
ID: 38312604
Now I have a bigger problem, as of 10 minutes ago, I have devices that are not getting an ip address from my server.  They get a random 169.254.228.x Ip address.  I have plenty IP addres in my DHCP server, as I saw that theres about 50% free.

Not sure what to do?  How do I fix this?
0
 

Author Comment

by:afacts
ID: 38312717
Nevermind my last post, the server was not handing out IPs because it was not authorized.
I have no idea how it got dauthorized.
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
I’m willing to make a bet that your organization stores sensitive data in your Windows File Servers; files and folders that you really don’t want making it into the wrong hands.
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question