7.8 Authorizing a DHCP Server in Active Directory Domain Services
The authorization MUST first check to see if a "CN=DhcpRoot" object is present in the AD DS in the ADsPath.
If it is not found it MUST be created in the AD DS using the following:
Object Relative Distinguished Name: CN= "DhcpRoot"
Object Class: "dHCPClass" (defined in the AD schema [MS-ADSC])
When creating "DhcpRoot" object, the "dHCPClass" attributes SHOULD be updated.
Once the object "DhcpRoot" exists, a new object by the name of the DHCP server authorizing itself in AD DS MUST be created.
The LDAP ADsPath of the new object MUST be specified using the following:
Object Distinguished Name = <server name>
Object Class = "dHCPClass"
When creating DHCP server object to authorize in AD DS, the "dHCPClass" attributes SHOULD be updated.
The new server object attribute "dhcpServers" MUST be updated.