70-291 – Managing DHCP Pt. 3

Authorization of DHCP servers was introduced in Windows 2000. Due to the importance of this feature, it is included in Windows Server 2003. You can definitely expect to see at least one or two questions regarding authorization of a DHCP on exam 70-291. You need to know how to perform the authorization and what happens when an unauthorized server is on the network.

Before a DHCP server can lease IP addresses to clients on a network, it must be authorized to do so. This prevents a DHCP server with incorrect scope information from being introduced on the network. For example, a DHCP server with incorrect scope information would lease incorrect scope information to DHCP clients, thereby wreaking possible havoc on the network.

DHCP servers are authorized through the DHCP management console. In order to complete the steps listed below, you must be a member of the Enterprise Admins group.

A DHCP server can be authorized in Active Directory by completing the procedure outlined below:

  1. Click Start, point to Administrative Tools, and select DHCP.
  2. Within the DHCP management console, right-click the DHCP server and click Authorize. Any server not yet authorized appears with a red arrow beside it.
  3. After the server has been successfully authorized within Active Directory, it appears with a green arrow beside it.

If you need to unauthorize a DHCP, you can so do by once again completing the procedure above. Right-click the DHCP server within the DHCP console and select the Unauthorize option. Click Yes to confirm your actions. The DHCP server then is removed from Active Directory.

As mentioned in a previous article, the DHCP service can be installed on a domain controller (D.C.), member server, or stand alone server. If DHCP is installed on a D.C.or member server, the service will not start if the server is not authorized. However, this is not the case if you install the service on a stand alone server. So if you want to take advantage of this feature, make sure that DHCP is only installed on D.C.s and member servers.