7.8 Authorizing a DHCP Server in Active Directory Domain Services

A DHCP server that is domain joined is authorized by a domain administrator in the AD DS.

The authorization first checks to see if a "CN=DhcpRoot" object is present in the AD DS in the ADsPath.

If the object is not found, create it in the AD DS using the following:

  • Object Relative Distinguished Name: CN= "DhcpRoot"

  • Object Class:  "dHCPClass" (defined in the AD schema [MS-ADSC])

When creating "DhcpRoot" object, the "dHCPClass" attributes need to be updated.

Once the object "DhcpRoot" exists, a new object by the name of the DHCP server authorizing itself in AD DS needs to be created.

The LDAP ADsPath of the new object is specified using the following:

  • Object Distinguished Name = <server name>

  • Object Class = "dHCPClass"

When creating the DHCP server object to authorize in AD DS, the "dHCPClass" attributes need to be updated.

The new server object attribute "dhcpServers" needs to be updated.