7.1 Windows DHCP Server Authorization in Domain Joined Scenario

  • Artikel

A domain joined Windows server with DHCP server deployed can validate itself. Authorization mechanism of a DHCP server in a domain joined scenario is as follows:

  • A domain joined DHCP server is authorized by a domain administrator in Active Directory Domain Services (AD DS). Any DHCP server which is domain joined and is required to service DHCP clients needs to have an Active Directory object in the Active Directory.

  • The DHCP server validates its authorization in AD DS every hour. It uses LDAP protocol [MS-ADTS] for the purpose of communicating with the Active Directory and validating whether it is authorized to serve IP addresses.

  • When installed in a multiple forest environment, DHCP servers seek authorization from within. Once authorized, DHCP servers in a multiple forest environment lease IP addresses to all reachable clients.