Riker1964
asked on
DHCP Entries in ADSI Edit
I have two DHCP servers (W2K8 R2 Domain) on my network, both have a /23 subnet, server01 hands out IPs in the 192.168.0.x range and server02 hands out IPs in the 192.168.1.x range. Server01 is on a TMG 2010 server. Server01 is NOT handing out addresses, even though the server appears to be authorized and the scope is activated.
So I looked into ADSI Edit to see the entries listed there and this is what I found:
NAME
CN=server01.mydomain.netCN F:ba47eb2c -3c6e-479b -a2d3-837a 2a78d437
DISTINGUISHED NAME
CN=server01.mydomain.net\O ACNF:ba47e b2c-3c6e-4 79b-a2d3-8 37a2a78d43 7,CN= NetServices,CN=Services,CN =Configura tion,DC=MY DOMAIN,DC= NET
NAME
CN=server02.mydomain.net
DISTINGUISHED NAME
CN=server02.mydomain.net,C N=NetServi ces,CN=Ser vices,CN=C onfigurati on,DC=MYDO MAIN,DC=NE T
The server01 appears to be a conflict item which would cause it not to work properly. So I need to know, do I deactivate the scope then unauthorized the server for server01 using the DHCP MMC or can I just manually delete the CNF entry in ADSI Edit?
Will deleting the entry manually in ADSI Edit cause any issues with Exchange, AD, etc?
Will I still have to deactivate the scope then unauthorized the server for server01 using the DHCP MMC afterwards as well?
Thx for any help.
So I looked into ADSI Edit to see the entries listed there and this is what I found:
NAME
CN=server01.mydomain.netCN
DISTINGUISHED NAME
CN=server01.mydomain.net\O
NAME
CN=server02.mydomain.net
DISTINGUISHED NAME
CN=server02.mydomain.net,C
The server01 appears to be a conflict item which would cause it not to work properly. So I need to know, do I deactivate the scope then unauthorized the server for server01 using the DHCP MMC or can I just manually delete the CNF entry in ADSI Edit?
Will deleting the entry manually in ADSI Edit cause any issues with Exchange, AD, etc?
Will I still have to deactivate the scope then unauthorized the server for server01 using the DHCP MMC afterwards as well?
Thx for any help.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I would do the changes from the DHCP console and not goto adsiedit if I can help it.
Hi,
Is there something on the DHCP console that make you suppose your issue is about AD authorization of the DHCP server ??
As you told this DHCP server is also a TMG server, what did you do on TMG to allow DHCP request to reach the DHCP service ?????
Have a nice day
Is there something on the DHCP console that make you suppose your issue is about AD authorization of the DHCP server ??
As you told this DHCP server is also a TMG server, what did you do on TMG to allow DHCP request to reach the DHCP service ?????
Have a nice day
ASKER
For Server01, which is listed in ADSI Edit as the conflicted server, when I try to UNAUTHORIZE using the DHCP MMC, it tells me "There is no such object on the server".
So it seems like I will have to manually remove the entry for Server01 in ADSI Edit, then remove the DHCP Role from Server01, then add the DHCP Role back in and try to re-authorize it.
I just wanted to make sure that I can manually remove the conflicted entry in ADSI Edit without causing any issues in Active Directory. I don't want to have to go through an AD Restore.
So it seems like I will have to manually remove the entry for Server01 in ADSI Edit, then remove the DHCP Role from Server01, then add the DHCP Role back in and try to re-authorize it.
I just wanted to make sure that I can manually remove the conflicted entry in ADSI Edit without causing any issues in Active Directory. I don't want to have to go through an AD Restore.
ASKER
Also, under ADSI Edit, Services, NetServices, I see CN=DhcpRoot. When I go into that object's properties, and go down to dhcpservers, I see this:
¡192.168.1.1$rcn=server01. mydomain.n et$f0x0000 0000$sserv er01.mydom ain.net$
This is the conflicted dhcp server, I do not see the server02 192.168.1.3 listed there, but it is listed as the 3rd entry in NetServices. Server02 is my current DHCP server that is working fine.
Do I need to remove the ¡192.168.1.1$rcn=server01. mydomain.n et$f0x0000 0000$sserv er01.mydom ain.net$ entry as well?
¡192.168.1.1$rcn=server01.
This is the conflicted dhcp server, I do not see the server02 192.168.1.3 listed there, but it is listed as the 3rd entry in NetServices. Server02 is my current DHCP server that is working fine.
Do I need to remove the ¡192.168.1.1$rcn=server01.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.