Connecting to DHCP Server
I've inherited a Windows network that has a number of locations with Windows 2003 and Windows 2008 servers. One of the DCs is running Windows 2008 R2 server is also serving DNS and DHCP.
The DHCP environment was showing several servers that had been decommissioned years ago. I used the tip in http://blogs.technet.com/b/networking/archive/2009/02/27/old-dhcp-servers-appear-in-the-list-of-authorized-servers-after-a-domain-rename.aspx to remove the obsolete servers.
My issue now is that when I'm connected to this particular Windows 2008 R2 server, I can bring up DHCP, but I can't see the locally defined scope. I can access this server's scope from other systems, and from that perspective, it appears to be operating normally. The other unusual thing I've noticed is that when accessed locally, instead of the server's name showing at the top of the list, the name of one of the software apps on this server is displayed. The icon is a server with a red circle and a horizontal white line, which I find to be defined as "DHCP server connected but current user does not have the administrative credentials to manage the server."
The same username can remotely access that server's DHCP setup without problems.
So the questions are (1) why can't I access DHCP locally and (2) why isn't the server name used?
The DHCP environment was showing several servers that had been decommissioned years ago. I used the tip in http://blogs.technet.com/b/networking/archive/2009/02/27/old-dhcp-servers-appear-in-the-list-of-authorized-servers-after-a-domain-rename.aspx to remove the obsolete servers.
My issue now is that when I'm connected to this particular Windows 2008 R2 server, I can bring up DHCP, but I can't see the locally defined scope. I can access this server's scope from other systems, and from that perspective, it appears to be operating normally. The other unusual thing I've noticed is that when accessed locally, instead of the server's name showing at the top of the list, the name of one of the software apps on this server is displayed. The icon is a server with a red circle and a horizontal white line, which I find to be defined as "DHCP server connected but current user does not have the administrative credentials to manage the server."
The same username can remotely access that server's DHCP setup without problems.
So the questions are (1) why can't I access DHCP locally and (2) why isn't the server name used?
Sounds like you may have at least one old or conflicing DHCP server listed under DHCP's authorized server list. And also, perhaps there are group policies or local policies restricing which accounts can connect to the DHCP server with admin rights. On the true DHCP server, launch the DHCP console, right click on "DHCP," and check the "Manage Authorized Servers..." list and make sure no old or rouge DHCP servers exist. Then check your group and local policies for DHCP admin restrictions.
ASKER
When I started working in this domain, there were two obsolete DHCP servers listed in the authorized server list. I used ADSIedit to remove them. I've not come across any group or local policies that would restrict access to the DHCP server.
The same account that can successfully open the DHCP console on the "bad" server remotely cannot do it locally. I've granted that account membership in the DHCP Administrators group, but that didn't help.
Any other suggestions would be appreciated.
The same account that can successfully open the DHCP console on the "bad" server remotely cannot do it locally. I've granted that account membership in the DHCP Administrators group, but that didn't help.
Any other suggestions would be appreciated.
Running "GPResult" on both DHCP servers while logged in with the admin account in question may shed some light on what is happening. If your admin account is being restricted, the report generated by GPResult should show what group policy or local policy is causing it.
ASKER
The only thing related to DHCP when running GPResult on the two systems is that the id I'm using is a member of the DHCP Administrators group.
The last thing I can think to check is if the MMC console settings have somehow been changed or corrupted. If you create a new MMC file (start, run, type MMC) and then add the DHCP snap in, can you specify the DHCP server and access it with admin rights?
ASKER
Tried it and get the same result.
I went ahead and reinstalled DHCP on the "obsolete" server and uninstalled DHCP on the new server. Did a reboot on the new server, went to the \Windows\system32\dhcp folder and removed the files there. Added the DHCP role back onto the new server.
Same result. I can access the new server's DHCP remotely, but not locally. When I'm local on the new server, I can see DHCP servers in other locations, but I can't see the local scope.
I went ahead and reinstalled DHCP on the "obsolete" server and uninstalled DHCP on the new server. Did a reboot on the new server, went to the \Windows\system32\dhcp folder and removed the files there. Added the DHCP role back onto the new server.
Same result. I can access the new server's DHCP remotely, but not locally. When I'm local on the new server, I can see DHCP servers in other locations, but I can't see the local scope.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
No other answer that was submitted worked for this problem.
Thanks ITHastings. Solved my issue too!