Authorize DHCP Server

1. Authorize DHCP – If DHCP is on DC then you don’t have to authorize it to register with active
directory. It’s required to authorize only if DHCP is installed on a member server. Pre-req is
domain admin credential.
2. Go to DHCP Management console – Right click server level and authorize. Right click on DHCP
and select all authorized server or add server to authorize and select it to hit Okay
3. If DHCP Server is unauthorized we can still create scope and configure it
4. Once DHCP Server is authorized it can start handing over IP’s to the clients

Create and Configure Scope

1. Scope consists of an IP Range, a subnet mask, options and exclusions. After scope is created and
configured we activate it and clients can start receiving IP’s from DHCP
2. Clients need to be configured from static IP assignment to automatic IP assignment
3. Clients will retrieve IP’s from DHCP information
4. Creation of new DHCP scope configuration :
a. Provide new scope name, setup an IP range, check length and subnet mask
b. Specify exclusions to ensure static IP’s are not handed out to clients
c. Provide subnet delay in milli seconds. This is useful if you have multiple DHCP Servers on the
network and you have a split scope between them to act as primary and secondary. This
option will delay DHCP offers after it receives DHCP DISCOVER packet to wait x amount of
time to give ability to prioritize which DHCP Server will respond first
d. Specify lease duration from default 8 days to an optimal number. If the machine is not
leaving the network then you can increase the delay and if the machine is constantly leaving
the network like mobile clients then we can decrease the delay
e. Configure options for the scope later
5. Right click on newly created scope and activate them because they are not activated by default.
We need to activate the scope to start serving clients and listen for DISCOVER messages
broadcast on the network and respond with OFFER messages to clients that are auto-configured
for DHCP on the network.
6. Enable Dynamic updates and discard A and PTR records when lease is deleted
7. BOOTP is predecessor of older version of DHCP
8. Address pool provides us the DHCP IP range for the scope and also IP address range excluded
from distribution. So address pool comprises of both “address range for distribution” and also
“IP addresses excluded from distribution”
9. Address leases will show us all of current leases from current scope. It provides whom lease is
assigned to and when it will be expired
10. Scope options provides DNS, Default gateway etc. Scope options will override server options.
Scope level options will override options at server level
11. Policies apply permissions to apply a scope to a specific set of devices. Policies allow us to setup
conditions. For instance lease out IP’s only to a set of printers or machines with a specific
operating system
12. Client machines should be enabled for automatic IP assignment. IPCONFIG /ALL command on
client machine will list the DHCP Server leasing IP to the client
 13.
14. Right click on scope from GUI and choose the option – Display Statistics

Configure DHCP Options

1. DHCP options are additional network parameters and/or configuration that can be attached to a
DHCP scope and can be configured on the server side that gets supplied to DHCP clients i.e, for
example default gateway, DNS server etc and we can configure these options at many different
levels
2. Create a new scope

3. We can configure options on server level, scope level and also set options at reservations. Scope
level options will supersede server level options and reservation will supersede both server and
scope level DHCP options

003 Router – enter default gateway

006 DNS server
 4. Change static ip to automatic ip assignment on client machines so that DORA process is initiated.
5. IPCONFIG /renew command will renew the lease and IPCONFIG /release will release the DHCP IP
6. DHCP scope ID is the IP address between scope and its name

Configure a DHCP Reservation

1. DHCP reservations give us a way to statically assign IP Addresses to our machines so that they
always get the same exact IP Address
2. This way we are also leveraging the benefit of managing all our static IP’s through a centralized
location
3. First off we need to authorize the DHCP Server and activate the scope
4. We can convert a lease to a reservation. This can be done by right clicking on the leased IP and
select the option “Add to reservation”
5. BOOTP or Bootstrap protocol is the predecessor to DHCP
6. In address leases the unique ID is the MAC address of the network adapter which is associated
with the client workstation
7. Create reservation from powershell
Configure Client and Server for PXE Boot

1. Using PXE boot we can install an operating system over a network. PXE stands for pre-boot
execution environment that is a feature installed on NIC that allows to talk to DHCP Server at
hardware level to obtain IP Adderss, subnet mask and get on the network
2. Bare metal machines with PXE enabled network cards in them go through the DORA 4 step
process to acquire an IP Address. These machines will not find a local boot device when they
boot up and so will perform a network boot. DHCP option will contain a reference to TFTP server.
TFTP stands for trivial file transfer protocol. WDS is windows deployment services. We add a
boot image and we install images inside of it.
3. We need to configure our DHCP scope with options that point our machine to where WDS server
is and what boot image we want. Machine will then contact WDS and pull down the Boot image
which will start the installation process and install Operating system on the network
4. Client without DHCP PXE boot configured

5. Launch windows deployment services

 6. All we need for our DHCP server is the name of the BOOT image and the name of our FQDN WDS
server. With these two information we can configure our DHCP Scope and our PXE enabled
clients can then locate the server and locate the BOOT image.
7. Client will load BOOT image which contains windows PE and put it on RAM disk which is virtual
created on system memory and then display the BOOT menu containing install images
8. Install images-

9. DHCP scope server options that we need to configure are 066 (DHCP Boot server hostname) and
067 (Boot filename).

Configure DHCP Relay Agent

1. DHCP clients can only access DHCP servers on their local network segment. DHCP relies on
broadcast transmissions and routers stop broadcast. So if we want our DHCP Servers to hand out
IP addresses across multiple subnets we need DHCP relay agents on those subnets
2. Clients on local subnetA will get IP address from DHCP server on same subnetA. Clients on
SubnetB will not be able to see the DHCP server on SubnetA because router will not
transmissions the broadcast messages and the DISCOVER message will be dropped when it hits
the router. We can either install a new DHCP Server on subnetB to handle those clients on
SubnetB but most of the organizations will have lot of subnets and lot of DHCP servers to
manage. A better solution would be to set up a DHCP relay agent and point it to the DHCP server
on subnetA.
3. DHCP configuration Scope Options – 006 is for DNS, 003 is for router
4. If you don’t configure router as DHCP relay agent and add helper addresses then client will get IP
from APIPA because clients on Subnet2 were not able to contact DHCP server in subnetA
because router dropped those broadcast packets. DHCP relay agent is a router that acts as man
in middle between clients in SubnetB and DHCP Server in SubnetB.
5. Install RRAS role, set up a LAN config, add DHCP relay agent routing protocol to the interface that
will receive DHCP requests. RRAS stands for Routing and Remote Access protocol.
6. From server manager install remote access role and select routing feature

Custom configuration – LAN routing

Select DHCP Relay agent

7. DHCP will lease IP address from SubnetB scope to clients in SubnetB. It’s encoded inside DHCP
packet in a field called GIDDR. DHCP server is smart enough to know that packet came from
SubnetB to assign IP from Scope in SubnetB