Microsoft Windows DHCP Team Blog

The world's most deployed DHCP Server! Deploy and discuss about your fav. server, here!

Installing and Configuring DHCP role on Windows Server 2012

Installing and Configuring DHCP role on Windows Server 2012

  • Comments 39
  • Likes

With the new Server Manager in Windows Server 2012, there have been some changes in the way DHCP role will be installed. The blog post describes, in the sections below, installation and configuration of DHCP Role using Server Manager and PowerShell on Windows Server 2012. Before starting, the user needs to ensure that he/she logs in as a domain user with local administrative privileges, in case the machine involved is a domain joined machine.

 Installing DHCP role via new Server Manager

  • Ensure the computer has at least one static IP address assigned before starting the role installation.
  • Launch the Add Role Wizard from Server Manager.
  • Select DHCP server role and go through the steps needed for installation.
  • The last page of the wizard (which comes up after the role has been installed), provides a link - "Complete DHCP configuration". This provides some tasks that need to be performed to enable the DHCP server role to work properly after role installation.

Figure 1: The last page of Add Role Wizard after DHCP role installation

 

  • Launch the DHCP post-install wizard and complete the steps required.
  • Creation of DHCP security groups (DHCP Administrators and DHCP Users). For these security groups to be effective, the DHCP server service needs to be restarted. This will need to be performed separately by the administrator.

 

Figure 2: DHCP Post-Install configuration wizard - Introduction Page

 

  • Authorization of DHCP server in Active Directory (only in case of a domain-joint setup). In a domain joined environment, only after the DHCP server is authorized, it will start serving the DHCP client requests. Authorization of DHCP server can only be performed by a domain user that has permissions to create objects in the Net services container in Active Directory. See how to delegate permissions to do this in active directory.

 

Figure 3: DHCP Post-Install configuration wizard - Authorization Page

Figure 4: DHCP Post-Install configuration wizard - Summary Page

 

  • In case completing of the post-install step is missed after role installation, the administrator will continue to see a notification on the action pane and also a link on the DHCP role tile on the main Server Manager page suggesting that some configuration is required. That link would go away only after completion of the post-install task.

Figure 5: Server Manager: DHCP Post-Install configuration wizard launch point

 

  •  The configuration of DHCP server parameters such as scope, options etc. are no longer available in the new Server Manager. The administrator can now launch DHCP MMC either via Server manager (as shown below), or via the DHCP MMC application in the Start Menu, or writing dhcpmgmt.msc on the command prompt. The administrator can now create scopes, set option values so as to be able to lease out IP addresses and provide option values to clients. 

 

Figure 6: Server Manager: DHCP MMC launch point

 

Installing via PowerShell 

To install the DHCP server role via PowerShell, one needs to run the following command:

  •  Command: Add-WindowsFeature  -IncludeManagementTools dhcp

Note the extra switch (IncludeManagementTools) which is now needed, in contrast to Windows 7. Without this switch, just the DHCP server role would be installed. The DHCP server RSAT tools which includes DHCP MMC, netsh context and the new DHCP PowerShell cmdlets,  is not installed by default, unless you give the above flag.

  •  After the role is installed, there are a few other steps that the administrator needs to perform so that the server can work correctly and lease out addresses. This the post-install configuration as performed by the above mentioned post-install wizard. The administrator can either launch the Server Manager and complete the DHCP post-installation task from there (as this is UI-only task) or run the below set of commands which are an equivalent of above.
  • Creating DHCP security groups
    • Command:netsh dhcp add securitygroups
    • You will need to restart the DHCP service for these groups to become active.
      • Command:  Restart-service dhcpserver
    • Authorizing the DHCP server in Active Directory (only needed for a domain-joined setup)
      • Command: Add-DhcpServerInDC  <hostname of the DHCP server>  <IP address of the DHCP server>
  • Now the administrator can launch DHCP MMC either via Server manager, or via the DHCP MMC application from the start menu, or by writing dhcpmgmt.msc on the command prompt. The administrator can now also create scopes, set option values so as to be able to lease out IP addresses and provide option values to clients using DHCP MMC or the new DHCP PowerShell.

If the administrator has completed the post-install configuration using PowerShell, Server Manager may still raise a flag (alert) for its completion using the post-install configuration wizard. This alert can be suppressed by notifying the Server Manager that the post-install configuration has been completed. This can be done by the below command:

  • Command: Set-ItemProperty –Path registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ServerManager\Roles\12 –Name ConfigurationState –Value 2

 

Other Links


Team DHCP

Comments
  • This is really great, contains many stuffs in detail

  • How do you add additional non-standard DHCP options?  There used to be an available action to setup non-standard DHCP options that I have not been able to find.  What is the new method for adding new options not included in the standard list?

  • The UI in DHCP MMC for adding non-standard DHCP options has not changed. You can go to IPv4 node, right clikc, Set predefined options and then press Add to add a new option definition. Once the option definition is added, you can set values for that option at each scope or server wide. You can also use the Add-DhcpServerv4OptionDefinition cmdlet to add a new option definition and Set-DhcpServerv4OptionValue to set option value for any option.

  • Thank you!  I feel stupid -i see it now, but not before I found the technet info on using PowerShell to add them.  Great updates to DHCP server in 2012 - I'm loving the Policy maps!

  • Thanks WillB! It will be great if you could share how you are using the DHCP policies...It will help us understand the scenarios and plan for any future updates.

  • So, I have a private subnet that I want to provide DHCP services to and decided to use 2012 as the provider but I'm having tons of problems. This is a standalone server (ie, not part of a domain) and when I try to select alternate credentials and put in the admin info or say skip AD, I get an error about not being able to open registry keys to set the status of the post config task. It recommends setting trustedHosts via winrm which I have done even though this should not be needed as it's just a single machine but it still fails.

    Any thoughts would be great.

  • Hi Victor,

    We have seen this issue when you are try to perform post install configuration through server manager while logged in as a local administrator on a domain joined computer. You should be able to work around this by logging in as a domain user who is has admin privileges on the computer (member of the local administrators group). Hope it helps.

    Also you have mentioned the server is not part of domain - however the rest of your description ("try to select alternate credentials and put in the admin info or say skip AD") as well as the error that you hit suggest that the server is domain joined. You will not be prompted for authorization of the server in AD unless the server is domain joined.

  • This is really great article and I am sure it is helping many people. I wanted to add my 2 cents by sharing a small video on steps to install and configure Windows Server 2012 <a href="www.youtube.com/watch. More videos are available at <a href="www.prohut.net/.../a>

  • Hi I have almost the same issue as Victor.  The only difference is I am signed on as a domain administrator on the machine, which happens to be a domain controller.  I actually have removed the role and tried adding it back in, but the same issue occurs every time.  "Failed to open registry key on target computer...."

  • Hi Minoo, We have not seen this issue when the user performing the install is logged in as domain admin as the domain admin has the required permissions. However, as mentioned in earlier responses, the error is benign since the installation has completed successfully in this case.

    Below is what you can do, to get rid of the prompt in server manager to complete the post-install configuration step (this has also been added to the blog above) -

    If the administrator has completed the post-install configuration using PowerShell, Server Manager may still raise a flag (alert) for its completion using the post-install configuration wizard. This alert can be suppressed by notifying the Server Manager that the post-install configuration has been completed. This can be done by the below command:

    •Command: Set-ItemProperty –Path registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ServerManager\Roles\12 –Name ConfigurationState –Value 2

  • Can the clustered DHCP servers be accessed via NLB?  We have an issue with some old networking equipment that will only allow us to configure 1 address for the IP helper.

  • Hi Matt,

    I am assuming that by clustered DHCP servers you mean DHCP servers participating in failover.

    Using DHCP failover with NLB is not recommended as NLB can send request packet to only one server. It selects the server to send the packet to, after applying a logic (which is a configurable setting). It does not send the packets to multiple servers. DHCP failover requires that a request packet be received by both the failover partners.

    We recommend that you instead use a DHCP relay agent (in Routing and Remote Access Service role in windows server). A DHCP relay agent can relay a DHCP request to multiple servers.

  • So essentially, you will configure the IP address of the DHCP relay agent (in Routing and Remote Access Service role in windows server) in your old network equipment and configure the RRAS DHCP relay agent with IP addresses of the 2 DHCP failover servers. This would amount to cascading of DHCP relay agents.

  • Can I authorize a 2012 DHCP server in a 2008 R2 AD?

    We're having some problems doing so.  I must admit we're just in the preliminary stages, but I thought I'd ask here...

  • Hi Brian, yes you can authorize 2012 DHCP server in a 2008R2 or even a lower version AD. There is no dependency in DHCP server on a specific AD version. What is the problem you are facing.

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment