© 2024 SkillPoint IT. All rights reserved.
Module 2: Automating IP Address Assignment Using DHCP in Windows Server
DHCP (Dynamic Host Configuration Protocol) is a network service that automatically assigns IP addresses and other network configuration parameters (such as DNS, default gateway) to client devices. This reduces manual configuration and ensures consistent, conflict-free IP address management.
Benefits of DHCP in Windows Server
Automatic IP Assignment – No need for manual setup on each device
Efficient Address Management – Prevents IP conflicts and simplifies subnet control
Centralized Configuration – Easily change settings network-wide
Faster Client Setup – Especially helpful for large or dynamic environments (schools, offices, etc.)
Key DHCP Components
| Component | Purpose |
|---|---|
| DHCP Server | Assigns IP configurations to clients |
| Scope | Defines the IP address range that can be assigned |
| Lease | Time period a client can use an assigned IP |
| Reservation | Assigns a specific IP to a MAC address |
| Exclusion Range | IPs within a scope that should not be assigned |
| Options | Extra settings (e.g., DNS server, default gateway) |
Overview of DHCP
- Manual vs. Automatic TCP/IP Configuration
| Manual TCP/IP Configuration | Automatic TCP/IP Configuration |
|---|---|
Disadvantages | Advantages |
| IP addresses entered manually on each client computer | IP addresses are supplied automatically to client computers |
| Possibility of entering incorrect or invalid IP address | Ensures that clients always use correct configuration information |
| Incorrect configuration can lead to communication and network problems | Elimination of common source of network problems |
| Administrative overload on networks where computers are frequently moved | Client configuration updated automatically to reflect changes in network structure |
- DHCP Operation
- The DHCP Lease Generation Process
- The DHCP Lease Renewal Process
- Requirements for DHCP Servers and Clients
- DHCP Server Requirements (Windows 2018 Server)
- The DHCP service
- Static IP address, subnet mask, default gateway
- Range of valid IP addresses
- DHCP Clients
- Windows 2018 Professional or Windows 2018 Server
- Windows Server or Workstation or later
- Windows 10 or Windows 11
- Windows for Workgroups 11, running TCP/IP-32
- Microsoft Network Client 3.0 for MS-DOS
- LAN Manager 2.2c
- Non-Microsoft operating systems
Installing the DHCP Service on Windows Server: Step-by-Step Guide
DHCP (Dynamic Host Configuration Protocol) is a Windows Server role that enables automatic assignment of IP addresses and network settings to client devices. It streamlines IP management in both small and enterprise networks.
Prerequisites
Before installation, ensure:
You have administrative privileges on the server
The server has a static IP address
The server is domain-joined (recommended for authorization)
Installing DHCP Using Server Manager
Open Server Manager
Click “Add Roles and Features”
Choose Role-based or feature-based installation
Select your target server
In Server Roles, check DHCP Server
Click Next through the prompts and confirm installation
After completion, click Complete DHCP Configuration
Authorize the server in Active Directory (required)
Installing DHCP Using PowerShell
You can also install DHCP via PowerShell with just two commands:
# Install the DHCP Server role
Install-WindowsFeature -Name DHCP -IncludeManagementTools
# Authorize DHCP in Active Directory
Add-DhcpServerInDC -DnsName “ServerName.domain.local” -IPAddress “192.168.1.1”
Replace ServerName.domain.local and 192.168.1.1 with your actual values.
Post-Installation Tasks
Open DHCP Management Console
Create and configure IP scopes
Set DHCP Options (DNS, router, domain name)
Configure exclusions and reservations
Test with client devices to confirm IP assignment
Authorizing the DHCP Service in Windows Server: Secure Network Deployment
DHCP Authorization is a security feature in Active Directory environments that ensures only approved DHCP servers can assign IP addresses. Unauthorized DHCP servers are automatically denied service, helping protect against IP conflicts and rogue devices.
Why DHCP Authorization Is Important
Prevents rogue DHCP servers from distributing incorrect or malicious IP settings
Centralizes IP address control in AD-managed networks
Ensures integrity of network configuration for all client devices
When Is Authorization Required?
When the DHCP server is running in a domain-joined environment
When Active Directory exists on the network
Not required for standalone (non-domain) workgroup DHCP setups
How to Authorize the DHCP Server (GUI Method)
Open Server Manager
Go to Tools > DHCP
In the DHCP console, right-click your server name
Select Authorize
Wait a few seconds and refresh — the green check mark confirms success
PowerShell Method for DHCP Authorization
Add-DhcpServerInDC -DnsName “yourservername.domain.local” -IPAddress “192.168.1.1”
Replace "yourservername.domain.local" and "192.168.1.1" with your actual hostname and IP.
📋 Verify Authorization Status
In DHCP Manager:
Green arrow = Authorized and running
Red icon or error = Unauthorized or failed service
Or, use PowerShell:
Get-DhcpServerInDC
Creating and Configuring a DHCP Scope in Windows Server: Step-by-Step Guide
A DHCP scope is a range of IP addresses that the DHCP server can lease to clients on a specific subnet. It includes settings like subnet mask, lease duration, exclusions, and DNS/gateway configuration.
Key Components of a DHCP Scope
| Element | Description |
|---|---|
| IP Range | Start and end IP addresses for the scope |
| Subnet Mask | Defines the size of the subnet |
| Exclusion Range | IPs within the scope that should not be leased |
| Lease Duration | Time an IP address remains assigned before expiration |
| DHCP Options | Settings like default gateway, DNS servers, and domain name |
Steps to Create a Scope (Using DHCP Console)
Open Server Manager > Tools > DHCP
Expand your server name → IPv4
Right-click IPv4, select New Scope
Follow the wizard:
Name & Description
IP Address Range (e.g., 192.168.10.100 to 192.168.10.200)
Exclusions (e.g., reserve 192.168.10.150–160 for printers)
Lease Duration (e.g., 8 days)
DHCP Options:
Router/Gateway (e.g., 192.168.10.1)
DNS Server (e.g., 192.168.10.10)
Domain Name (e.g., yourdomain.local)
Activate the scope
PowerShell Method to Create a Scope
Add-DhcpServerv4Scope -Name “Main Office Scope” `
-StartRange 192.168.10.100 -EndRange 192.168.10.200 `
-SubnetMask 255.255.255.0 -LeaseDuration 1.00:00:00
Add exclusions:
Add-DhcpServerv4ExclusionRange -ScopeId 192.168.10.0 `
-StartRange 192.168.10.150 -EndRange 192.168.10.160
Set DHCP options:
Set-DhcpServerv4OptionValue -ScopeId 192.168.10.0 `
-Router 192.168.10.1 -DnsServer 192.168.10.10 `
-DnsDomain “yourdomain.local”
- Overview of Scopes
- Using The New Scope Wizard
- Configure scope parameters
- Change the default lease duration
- Activate a scope
- Configuring a Scope with Options
- IP Address of a Router
- IP Address of a DNS Server
- DNS Domain Name
- IP Address of a WINS Server
- Type of NetBIOS over TCP/IP Name Resolution
- Customizing the Use of Scope Options
- Reserving IP Addresses for Client Computers
Customizing DHCP Functionality in Windows Server: Options, Policies & Reservations
Customizing DHCP allows administrators to control how IP addresses and settings are assigned to different devices or users. This enables more efficient IP management, supports special device requirements, and enhances network performance.
Ways to Customize DHCP Functionality
| Feature | Description |
|---|---|
| DHCP Options | Set default gateway, DNS servers, WINS, and domain names |
| Reservations | Assign a fixed IP to a specific device using MAC address |
| Policies | Apply rules based on MAC, vendor class, or user class |
| Failover & Load Balancing | Improve availability and redundancy of DHCP services |
| Filters | Allow or deny DHCP leases based on MAC addresses |
Customizing DHCP Options
Open DHCP Console → Expand server → Right-click scope → Configure Options
Set:
Option 003: Router (Gateway IP)
Option 006: DNS Servers
Option 015: DNS Domain Name
Apply globally (server-wide) or per-scope
Creating Reservations
Reservations are useful for printers, VoIP phones, and servers.
Add-DhcpServerv4Reservation -ScopeId 192.168.10.0 `
-IPAddress 192.168.10.150 -ClientId “00-11-22-33-44-55” `
-Description “HP Office Printer”
This ensures the device always gets the same IP from DHCP.
Using DHCP Policies
Apply settings based on:
Device type (e.g., laptops vs printers)
Vendor class (e.g., Cisco IP phones)
MAC address pattern
➡️ Example: Assign a shorter lease duration to mobile devices
Add-DhcpServerv4Policy -Name “MobileDevices” -ScopeId 192.168.10.0 `
-Condition OR -VendorClass EQ “Mobile” -ProcessingOrder 1
MAC Address Filtering
Use Allow and Deny filters to control which devices receive IPs:
Right-click Filters under IPv4 → New Filter
Add MAC addresses for devices to allow or deny
DHCP Failover (Advanced)
For high availability:
Configure Load Balance or Hot Standby between two DHCP servers
Ensures continuous IP assignment during server outages
- Using Option Classes
- Vendor-defined Classes Manage DHCP Options Identified by Operating System Vendor Type
- User-defined Classes Manage DHCP Options with Common Configuration Requirements
- Combining Scopes by Using Super scopes
Configuring DHCP in a Routed Network: Relay Agents & Multi-Subnet Support
By default, DHCP broadcasts do not travel across routers. In a routed or multi-subnet network, devices on remote subnets won’t receive IP addresses unless the DHCP server is placed in every subnet (not efficient) or DHCP relay agents are used.
What Is a DHCP Relay Agent?
A DHCP Relay Agent (or IP Helper) listens for DHCP requests on one subnet and forwards them to a DHCP server on another. It enables centralized IP address management across multiple VLANs or routed segments.
Ways to Configure DHCP in a Routed Network
| Method | Description |
|---|---|
| Deploy DHCP Relay Agent | Install the RRAS role on a Windows Server to relay DHCP traffic |
| Configure IP Helper Address | Use router configuration (Cisco, MikroTik, etc.) to forward DHCP packets |
| Multiple DHCP Scopes | Create separate scopes for each subnet on the central DHCP server |
Windows Server: Configure DHCP Relay Agent (RRAS)
Install Remote Access > Routing role
Open Routing and Remote Access (RRAS)
Right-click General > New Routing Protocol > DHCP Relay Agent
Right-click DHCP Relay Agent > Add Interface → choose LAN interface
Right-click DHCP Relay Agent > Properties → Add DHCP server IP (e.g.,
192.168.10.10)
Router-Level DHCP Relay Example (Cisco)
interface vlan 20
ip address 192.168.20.1 255.255.255.0
ip helper-address 192.168.10.10
This forwards DHCP requests from VLAN 20 to the DHCP server in VLAN 10.
DHCP Server Configuration
Make sure to:
Create a separate scope for each subnet
Match each scope with correct subnet mask and gateway
Set relevant DHCP options (router, DNS, etc.) for each scope
Best Practices
Always document IP scopes and relay setups
Use short lease durations in high-churn networks
Test each subnet with real devices to verify DHCP handoff
Ensure firewalls allow UDP 67/68 and 69 (if PXE involved)
Monitor logs using Event Viewer or
Get-DhcpServerv4Lease
- Routed Network Configuration Options
- Using a DHCP Relay Agent
Supporting DHCP in Windows Server Networks: Tools, Monitoring & Troubleshooting
Supporting DHCP means ensuring that the Dynamic Host Configuration Protocol (DHCP) service is consistently functional, secure, and scalable. This includes monitoring leases, resolving issues, backing up configurations, and ensuring high availability in enterprise networks.
Key Aspects of DHCP Support
| Task | Purpose |
|---|---|
| Monitoring Leases | Prevents IP exhaustion and detects conflicts |
| Backing Up Configuration | Ensures quick recovery from failure |
| Logging Activity | Helps track IP assignments and security events |
| Managing Scopes | Adjusts to new devices or subnet changes |
| Troubleshooting | Fixes client connectivity and IP distribution problems |
| High Availability (Failover) | Maintains DHCP service continuity during outages |
Monitoring DHCP Activity
Use the DHCP Management Console or PowerShell to:
View active leases
Check scope utilization
Detect rogue clients or MAC addresses
Log events in Event Viewer > Applications and Services > Microsoft > Windows > DHCP-Server
Get-DhcpServerv4ScopeStatistics
Backing Up and Restoring DHCP Configuration
To back up DHCP settings:
Export-DhcpServer -ComputerName “YourDHCPServer” -Leases -File “C:\backup\dhcp.xml”
To restore:
Import-DhcpServer -ComputerName “YourDHCPServer” -Leases -File “C:\backup\dhcp.xml”
- Monitoring the DHCP Server Service
When You Enable Logging, the DHCP Server Creates Log Files Called DhcpSrvLog.xxx. The DHCP Server Stores These Files in the DHCP Database Directory
Troubleshooting DHCP Database Problems
- Removing a DHCP Server from Service
- Set short lease durations for clients
- Ensure new lease for clients
- Record any reserved addresses
- Large address pool in other DHCP servers
- Transfer IP address to the new scope
Add comment