Old DHCP Servers appear in the list of Authorized servers after a Domain Rename

Old DHCP Servers appear in the list of Authorized servers after a Domain Rename

  • Comments 9
  • Likes

After running a Domain Name Rename of a domain that has Authorized DHCP servers in Active Directory, you may see the old server’s name still listed when you view DHCP Authorized servers. This will not prevent the servers from handing out IP Addresses, but you will want to clean up the directory. You can view your Authorized DHCP Servers via the GUI or via a NETSH command. In the GUI, you will bring up DHCP management console and right-click on DHCP at the top level and then click Manage Authorized Servers.


You can also use the following command: “Netsh DHCP show server”. If you find the DHCP servers listed here with the old domain name, you can try deleting them from the command prompt by typing the following command:

“Netsh DHCP delete server ServerFQDN ServerIP address”


Netsh DHCP delete server 2003-dc1.contoso.com

However, you may get the following error: "There is no such object on the server”. If you do, you will need to use the ADSIEDIT MMC to remove the objects from Active Directory. This GUI tool is a Microsoft Management Console (MMC) snap-in that acts as a low-level editor for Active Directory. This tool is part of the Windows Server Support tools. More information about Adsiedit can be found here:


How to remove the objects from Active Directory using ADSIEDIT:

1. Start Adsiedit.msc.
2. Open the configuration Container.
3. Expand Services.
4. Expand Net Services.
5. On the right hand side you will find a record named CN=DHCPRoot as shown below:image

6. Right Click the CN=DhcpRoot entry and then click Properties:image

7. Highlight DhcpServers Attribute and click Edit. The following dialog will appear:image

8. Highlight the entry with the old Domain name and click Remove from DHCPServers Attribute. Click OK to close DHCPServers editor’s screen.

9. Once deleted the DHCPServers value will be “not set":image

10. Save the change by clicking OK and close Adsiedit.

11. Restart the DHCP server service.

Once you have restarted the DHCP Server service, run the following command: “Netsh DHCP show server”. You should no longer see the old servers listed as Authorized. Take into account that you may have to wait on AD replication. Also, if the servers are still listed, you can now run the command “netsh DHCP delete server ServerFQDN ServerIPAddress” without error.

“Netsh DHCP delete server serverFQDN serverIP address”


Netsh DHCP delete server 2003-dc1.contoso.com

- Louis Hardy

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment
  • 214 Microsoft Team blogs searched, 101 blogs have new articles in the past 7 days. 237 new articles found

  • Great article.  We had an entry stuck in there forever.  This resolved it.

  • for the benefit of people doing good expression was illustrated for the issues you would like to thank

  • good way to explain the program was excellent thanks illustrated narrative

  • Thanks, solve an age old problem for us as well.

  • thank you! I've been staring at the old dhcp for years, its finally out of my list.

    great article

  • Thank you for the information. It's great to get rid of that old DHCP entry safely.

  • Thanks! This is so useful and it worked!

  • Thank you for writing this! My ghost server is gone!

    This was my first time using ADSIEdit. Couldn't see no configuration container and had no idea of how to get there. Found instructions here: www.kineticcomputer.com/.../1103-cannot-see-configuration-container-in-adsiedit.htm

    Hope this is helpful for other blondies like me :-)