Part 4: DHCP, Computer Creation & Domain Joining
In the previous part of this guide I briefly explained Active Directory and it’s use. I also walked through the process of creating a user object within Active Directory. This part of the guide will cover installing and configuring the DHCP Server role, followed by joining client computers to the domain for user logon.
Let’s get started.
What is DHCP and how does it work?
For the less network-savvy folks out there DHCP stands for Dynamic Host Configuration Protocol. It is essentially the protocol for automatically assigning network devices with an IP Address on a network. For example: in most typical home networks the Router will be the device in which all other computers obtain an IP Address from due to it having an in-built DHCP Server. Most, if not all home Router based devices have this function.
DHCP servers are usually configured with IP Address range for client computers and other network devices. This range ensures that the DHCP server can only assign IP Addresses to those in it’s configured range. For example: a 192.168.101 – 192.168.1.200 range will only assign the addresses within that particular range. This is also referred to as a Scope within Windows Servers DHCP Manager.
DHCP-enabled Clients such as computers obtain a lease for an IP address on a network from a DHCP server. The DHCP server must renew this IP Address lease for the client or the client must obtain a new lease. The DHCP server can be configured to set a defined lease duration, this information is retained and can be viewed the DHCP servers database. For example: in Windows Server the default lease duration for a client is 8 days when configuring the DHCP server role.
DHCP in the Enterprise:
Within medium to large businesses utilising a Windows Server based environment with Active Directory, DHCP is normally configured on servers as opposed to on routers. DHCP servers can then be authorised in Active Directory. Having this option also gives the advantage of creating different DHCP Scopes for different Subnets.
Additionally, Superscopes can be created in order to provide address leases to clients from more than one scope on a single physical network.
Windows Server 2008 R2 also gives the option to split a DHCP scope between different DHCP servers for load balancing and redundancy.
For this part of the guide I will be showing you how to create a basic DHCP scope for a simple network. If you wish to read more about DHCP and advanced configuration within Windows Server have a look at the following TechNet Library page:
Before proceeding: If you are attempting to configure a DHCP server within a production environment or home network then please verify that NO other active DHCP servers are present within the same network/subnet.
For example; if you have a home Router which has DHCP enabled then please disable this option before configuring.
Installing and configuring the DHCP Server Role
To install the DHCP server role in Windows Server 2008 R2 go to Server Manager and select “Roles” from the left pane.
From the Wizard select the DHCP Server role and hit next.
Select the IP Address that you want to bind for DHCP on the network, if only one is present this will be selected by default.
Enter the Domain name and DNS server address that DHCP will use for serving clients on the nerwork.
NOTE: if you have already promoted your server to a Domain Controller then the Domain name will be entered by default. For DNS make sure that it points to the set IP address of a DNS server.
For example; 172.16.1.100 is the IP Address of the primary Domain Controller/DNS server on this particular network.
If you have older Windows 9x based systems on your network then you may also want to configure WINS. If you do not require this then select the first option and hit next.
Now the next stage is to configure the DHCP scope that you want to use for clients on your network. To do this click on the Add button.
This will let you configure the options for your Scope.
NOTE: If you have a mixture of wired wireless clients on your network then there is no need to change the default Subnet Type, Wired will work for both.
The Default Gateway will typically be the IP Address of your Router, it’s recommended that you enter this in order for clients on the network to get internet access too.
Once you have configured your Scope you can then check the “Activate Scope” option and select OK, followed by next again to continue.
If you have clients on your network using IPv6 (Internet Protocol version 6) then you can configure DHCPv6. Again, if you do not require this select the option “Disable DHCPv6 stateless mode for this server” and hit next.
The final stage of configuration is to Authorise the DHCP server within Active Directory Domain Services. You can choose to Authorise with the default logged in credentials or with alternate credentials. Please note that the account must have the required Administrative privileges in order to do this.
Finally verify your configuration and select “Install”
DHCP will now install and configure itself to what you have selected.
Now that we have DHCP installed and configured we will go ahead and bring up the DHCP Management console and check that everything has taken effect. To do this go to Start > Administrative Tools > DHCP
To view the configured options expand Server name then IPv4/IPv6
- Scope – The IP set and Scope name that was configured
- Address Pool – The configured IP Address range for client computers
- Address Leases – Currently connected clients and their dynamitic IP Address
- Reservations – Assign DHCP clients with the same IP Address each time
- Scope Options – Lists DNS Servers, Default Gateway and other server types.
- Filters – Allow or Deny DHCP services to MAC addresses added to a list
To view currently connected clients with assigned IP addresses select Address Leases from the left pane.
Joining Client Computers to the Domain:
So now that we have DHCP installed and configured, the next stage is to join connected client computers to the domain and login with our domain user accounts.
Firstly you will want to verify that the computers being joined are getting the correct IP configuration. To do this simply bring up an elevated Command Prompt and type “ipconfig /all” (without quotes) and check the DHCP, DNS server and Default Gateway IP addresses are correct.
Joining a computer to a Domain involves entering the system applet. There are of course many different ways to do this, here is one way:
Bring up the Start Menu, right click on Computer and select Properties
From the System applet select “Change Settings” under Computer name, domain and workgroup settings.
Select the “Change” option under advanced system settings
Select the Domain option and enter your Domain name.
This will prompt you for Administrative credentials, enter an account with sufficient privileges. E.g. the Domain Administrator account.
If all went well you will receive a message welcoming you to your Domain. A reboot will be required.
All that’s left to do now is to login to the computer with the desired Active Directory user account by selecting Switch User and entering the username. Additionally you can also use DOMAINUsername. E.g. TESTLABjsmith
During this process the computer account will be created in the “Computers” container in Active Directory by default.
Well folks, that concludes it for this guide. I hope you have enjoyed and learned a lot from it. Especially those who are new to client server network configurations.
The amount of e-mail and feedback that I have received regarding this guide has been overwhelming to say the least. I didn’t ever think it would gather so much interest.
Thank you so much.
Well some of you may be glad to know that I will be continuing to post content based on the areas of this guide. This will include such things as a more in-depth look into Active Directory, where I will be covering Organizational Units, Groups, Group Policy, Group Policy Objects and remote installations using Windows Deployment Services.
As always, stay tuned!