Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Friday, January 8, 2016 4:01 PM
Hello,
We have two Windows Server 2012 R2 servers with DHCP Server role installed: DHCP1 and DHCP2. Both servers are Hyper-V virtual machines. Servers have over 400 scopes and all scopes (except one) are configured to Load Balance Failover mode. Both servers have two Network Interface Cards installed: named as Production and Backup. Detailed network information below. DHCP server service on both servers have been binded to Production NIC.
DHCP helper addresses on all our routers point to IP addresses configured to Production NICs.
Both DHCP servers were authorized to AD via Server Manager during role installation. No errors were detected during this phase. It was unexpected that Server Manager wizard authorized both servers to AD using IP addresses of backup NICs.
DHCP1
Ethernet adapter Production
IPv4 address 192.168.1.2
Subnet Mask 255.255.255.0
Default Gateway 192.168.1.1
Ethernet adapter Backup
IPv4 address 10.0.0.1
Subnet Mask 255.255.255.0
Default Gateway <none>
DHCP2
Ethernet adapter Production
IPv4 address 192.168.1.3
Subnet Mask 255.255.255.0
Default Gateway 192.168.1.1
Ethernet adapter Backup
IPv4 address 10.0.0.2
Subnet Mask 255.255.255.0
Default Gateway <none>
PROBLEM
Today I discovered that both DHCP servers are authorized to Active Directory using IP addresses configured to Backup NICs (10.0.0.1 and 10.0.0.2). Instead, IP address configured to Production NIC should be used. I verified wrong IP is being used for AD authorization from DHCP MMC and with “netsh dhcp show server” command.
What is the best approach to change both DHCP servers to authorize to AD with IP address of Production NICs instead of Backup NIC?
Thank you already.
All replies (4)
Friday, January 8, 2016 5:57 PM ✅Answered
Hi
First check for authorized server list with "Netsh dhcp show server"
Then run "netsh dhcp delete server dhcpsrv1.example.microsoft.com 10.0.0.1" (also run for 10.0.0.2)for unauthorized .
Fİnaly run "netsh dhcp add server dhcpsrv1.example.microsoft.com 192.168.1.2" (also run for 192.168.1.3) for authorized.
This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur
Saturday, January 9, 2016 12:41 PM
Hi
First check for authorized server list with "Netsh dhcp show server"
Then run "netsh dhcp delete server dhcpsrv1.example.microsoft.com 10.0.0.1" (also run for 10.0.0.2)for unauthorized .
Fİnaly run "netsh dhcp add server dhcpsrv1.example.microsoft.com 192.168.1.2" (also run for 192.168.1.3) for authorized.
This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur
Thank you Burak.
Do you know if your solution has any adverse effect to the operation of Load Balance failover mode?
Saturday, January 9, 2016 8:04 PM
AFAIK,there isn't any negative impact...but you should take a backup before process.
This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur
Monday, January 11, 2016 7:51 AM
Hi weedee,
Agree with Burak's suggestion.
In additional, please check the below thread which discuss the same problem:
Best regards,
Andy_Pan