Export (0) Print
Expand All

7.8 Authorizing a DHCP Server in Active Directory Domain Services

A DHCP server that is domain joined is authorized by a domain administrator in the AD DS.

The authorization MUST first check to see if a "CN=DhcpRoot" object is present in the AD DS in the ADsPath.

If it is not found it MUST be created in the AD DS using the following:

  • Object Relative Distinguished Name: CN= "DhcpRoot"

  • Object Class: "dHCPClass" (defined in the AD schema [MS-ADSC])

When creating "DhcpRoot" object, the "dHCPClass" attributes SHOULD be updated.

Once the object "DhcpRoot" exists, a new object by the name of the DHCP server authorizing itself in AD DS MUST be created.

The LDAP ADsPath of the new object MUST be specified using the following:

  • Object Distinguished Name = <server name>

  • Object Class = "dHCPClass"

When creating DHCP server object to authorize in AD DS, the "dHCPClass" attributes SHOULD be updated.

The new server object attribute "dhcpServers" MUST be updated.

© 2015 Microsoft