DHCP
First, a brief review before examining DHCP in Windows 2012...
DHCP (Dynamic Host Configuration Protocol) allocates IP addresses to client machines (desktops, laptops, hand-held devices, even printers) so manual configuration is not necessary. This is an obvious advantage when hundreds or even thousands of devices require an IP address or a change in IP settings.
Let's imagine that the IP address of the DNS server(s) or default gateway changes. Without DHCP, this change would have to be manually adjusted on a multitude of clients (or scripted in some way).
DHCP clients initiate contact with the DHCP server by broadcast, using their MAC address. The process follows four steps that one can remember as "DORA".
- Discover - the client attempts to discover a DHCP server.
- Offer - the DHCP server offers (from a pool of addresses) an available IP address to the client.
- Request - the client requests the IP address in question.
- Acknowledgement - the server sends a packet with configuration information to the client.
DHCP in Windows 2012
Much more can be said about DHCP in general but let's concentrate on DHCP on Windows 2012 and in particular, how it can be configured at the command line.
The "traditional" command-line tool for DHCP was netsh.
With Windows 2012, we can configure DHCP with Powershell.
I will use Powershell for the most part but use some netsh for purposes of comparison.
I will also use some screenshots to illustrate the results obtained with the command line cmdlets.
Installation of the DHCP role
We first need to install the DHCP role. In Windows 2008/R2, this was accomplished - at the command line - with the servermanagercmd commands (or the ocsetup commands in Server Core).
These commands are deprecated and unavailable in Windows 2012.
So... we will use the Add-WindowsFeature cmdlet (or Install-WindowsFeature).
First, let's see if the role is installed already:
Get-WindowsFeature
Display Name Name Install State
------------ ---- -------------
[...]
[ ] DHCP Server DHCP Available
Conclusion: The DHCP role is not installed but the binaries are available for installation.
Let's install the role. The cmdlet is very simple (too simple?):
Add-WindowsFeature DHCP
But here, I forgot something...
When I open the GUI to verify the results... I cannot find "DHCP" among the "Tools" in Server Manager.
The solution? We need to execute this command:
Add-WindowsFeature DHCP -IncludeManagementTools
Now we can configure DHCP...
At some point, we will need to:
- Authorize the DHCP server (unless it is also a domain controller in which case this step is - supposedly - not necessary).
- Activate the scope(s).
We cannot activate the scopes until we have created them but we can authorize the DHCP server.
Currently no servers are authorized, as shown respectively by PS and netsh cmds:
PS C:\> Get-DhcpServerInDC
PS C:\>
PS C:\> netsh dhcp show server
0 Servers were found in the directory service:
This is what we would see in the GUI:
The netsh command does not seem to function in Windows 2012:
PS C:\> netsh dhcp server 10.1.1.10 initiate auth
Command completed successfully.
Yet...
PS C:\> netsh dhcp show server
0 Servers were found in the directory service:
Note: the GUI still shows the "Authorize" option meaning, logically, that the DHCP server is not authorized.
The PS cmdlet seems to work, as verified below":
PS C:\> Add-DhcpServerInDC
PS C:\> Get-DhcpServerInDC
IPAddress DnsName
--------- -------
10.1.1.10 dc-001.machlinkit.biz
PS C:\> netsh dhcp show server
1 Servers were found in the directory service:
Server [dc-001.machlinkit.biz] Address [10.1.1.10] Ds location: cn=dc-001.machlinkit.biz
For those that prefer a little more color, the DHCP Manager confirms the changed setting as well:
If the option is to "Unauthorize" the DHCP Server, then logically it is in an authorized state.
Elementary...
Although it may not be visible in the command line output or the screenshots, this server is also a domain controller and a DNS server (it was used in a previous post about promoting a server to the domain controller role). Even so, it was not authorized as a DHCP server by default.
At this point, I was about to configure - and activate - a scope. However, I noticed a warning message stating that the DHCP configuration needed to be finished:
The details are here (there is a "Configure DHCP configuration" link not visible in the screenshot):
So, it appears that installing the DHCP role at the command line does not create the "DHCP Administrators" Group or the "DHCP Users" group.
The existence of these groups in not absoutely necessary since domain administrators can perform all necessary operations and even some that DHCP administrators cannot.
Even so, this might be desirable in scenarios where delegation of roles is an objective.
Before configuring scopes and options for the scopes, I want to see if the two groups in question can be created at the command line - and with all the proper attributes. Of course, simply creating two groups with the respective names "DHCP Administrators" and "DHCP Users" would not assign members the proper permissions.
If you have that information, please do not hesitate to post a comment!
Thank you for reading the article about Windows Server 2012 - DHCP - Part 1 - installation of the role (command line) on the blog NEW TECH If you want to disseminate this article on please list the link as the source, and if this article was helpful please bookmark this page in your web browser by pressing Ctrl + D on your keyboard keys.