Install the DHCP Server Role and the NPS Role Service

Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2

A Microsoft DHCP server is a NAP enforcement server for the DHCP enforcement method. To deploy a DHCP server for NAP, you must install the DHCP server role and the Network Policy Server (NPS) role service. For more information about DHCP enforcement, see DHCP Enforcement Configuration.

This topic explains how to install the DHCP server role and NPS role service in Windows Server® 2012, Windows Server® 2008 R2, and Windows Server® 2008.

Note

Membership in the local Administrators group, or equivalent, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (https://go.microsoft.com/fwlink/?LinkId=83477).

This topic includes sample Windows PowerShell cmdlets that you can use to automate some of the procedures described. For more information, see How to Run a Windows PowerShell Cmdlet.

Install a NAP-enabled DHCP server

Follow the steps in the appropriate section based on the version of Windows Server running on the server:

  • To install a NAP-enabled DHCP server in Windows Server Beta by using Windows PowerShell

  • To install a NAP-enabled DHCP server in Windows Server Beta by using Server Manager

  • To install a NAP-enabled DHCP server in Windows Server 2008 R2 and Windows Server 2008 by using Server Manager

To install a NAP-enabled DHCP server in Windows Server Beta by using Windows PowerShell

  1. Open a Windows PowerShell® session with elevated rights. To do this, right-click the Windows PowerShell or Command Prompt Start menu object that you are using to start your Windows PowerShell sessions, and then click Run as administrator.

Note

Because of security restrictions imposed by User Account Control, you must use a Windows PowerShell session with elevated rights when adding server roles and role services.

  1. Load the Server Manager module into the Windows PowerShell session before working with Server Manager cmdlets. Type the following, and then press Enter.

    Import-Module Servermanager
    

Note

Windows PowerShell cmdlets are not case-sensitive.

  1. Type the following to install the DHCP server role and the Network Policy Server (NPS) role service:

    install-windowsfeature -name dhcp,npas-policy-server -IncludeManagementTools 
    

Note

The –IncludeManagementTools parameter installs the management consoles on the target server.

  1. Verify via the Windows PowerShell console that the installation succeeded. Under Success, the result should be True.

  2. To complete the configuration, follow the instructions in Configure a DHCP Server for NAP.

To install a NAP-enabled DHCP server in Windows Server Beta by using Server Manager

  1. In Server Manager, click Manage and click Add Roles and Features.

  2. On the Before you begin page, click Next.

  3. On the Select installation type page, click Role/Feature Based Install and then click Next.

  4. On the Select destination server page, click Select a server from the server pool, click the name of the server where you want to install DHCP and then click Next.

  5. On the Select server roles page, click DHCP Server, and in the Add Roles and Features Wizard dialog box, verify that Include management tools (if applicable) is selected, and then click Add Features. Then click Network Policy and Access Services. Click Next four times.

  6. On the Select role services page, click Network Policy Server, and in the Add Roles and Features Wizard dialog box, verify that Include management tools (if applicable) is selected, and then click Add Features. Click Next.

  7. On the Confirm installation selections page, click Install.

  8. On the Results page, confirm that all role services and features were installed, and then click Close.

  9. To complete the configuration, follow the instructions in Configure a DHCP Server for NAP.

To install a NAP-enabled DHCP server in Windows Server 2008 R2 and Windows Server 2008 by using Server Manager

  1. In Server Manager, under Roles Summary, click Add Roles, and then click Next.

  2. On the Select Server Roles page, select the DHCP Server and Network Policy and Access Services check boxes, and then click Next twice.

  3. On the Select Role Services page, select the Network Policy Server check box, and then click Next twice.

  4. On the Select Network Connection Bindings page, select the network connections that will be used to provide DHCP service to client computers by selecting the check box under IP Address next to the IP address of the network connection. Click Next to continue.

  5. On the Specify IPv4 DNS Server Settings page, in Parent Domain, verify that the name of the DNS domain that clients use for name resolution is correct. For example, if your domain is named woodgrovebank.local, verify that the DNS domain name is woodgrovebank.local.

  6. In Preferred DNS server IPv4 address, type the IPv4 address of your preferred DNS server, and then click Validate. In Alternate DNS server IPv4 Address, type the IPv4 address of your alternate DNS server, if any, and then click Validate.

Note

If a DNS server responds when you click Validate, the DHCP installation wizard indicates the specified address for the DNS server is valid. If no DNS server responds when you click Validate, the DHCP installation wizard returns the message: The DNS server at the specified IP address is not responding.

  1. Click Next. On the Specify IPv4 WINS Server Settings page, select one of the following:

    • If you do not have WINS servers on your network, select WINS is not required for applications on this network.

    • If one or more WINS servers are deployed on your network, select WINS is required for applications on this network. In Preferred WINS server IP address, type the IPv4 address of your preferred WINS server. In Alternate WINS server IP Address, type the IPv4 address of your alternate WINS server, if any, and then click Next.

  2. On the Add or Edit DHCP Scopes page, click Add. The Add Scope dialog box opens.

  3. In the Add Scope dialog box, type values for all required items, and in Subnet Type, select either Wired or Wireless, depending on the IP address lease duration that you prefer, and then do one of the following:

    • To automatically activate the scope immediately after DHCP installation is complete, click Activate this scope. If there are computers or devices on the network that have static IP addresses, do not activate the scope until after you have created an exclusion range. The exclusion range prevents the DHCP server from leasing IP addresses that are already in use by a statically configured device.

    • To manually activate the scope later, use the DHCP Microsoft Management Console (MMC).

  4. Click OK. This returns you to the Add or Edit DHCP Scopes page. If your network has multiple subnets that are serviced by this DHCP server, add scopes for each subnet using steps 8 and 9. Click Next.

  5. On the Configure DHCPv6 Stateless Mode page, select Disable DHCPv6 stateless mode for this server, and then click Next.

  6. On the Authorize DHCP Server page, do one of the following:

    • Select Use current credentials to authorize the DHCP server in Active Directory Domain Services (AD DS) using the credentials supplied for the current session, and then click Next.

    • To specify alternate credentials for authorization, select Use alternate credentials. Click Specify, type the credentials to use for DHCP server authorization, click OK, and then click Next.

    • Select Skip authorization of this DHCP server in AD DS, and then click Next.

Note

Before your DHCP server can issue IP address leases, the DHCP server must be authorized in AD DS.

  1. On the Confirm Installation Selections page, review your selections, and then click Install.

  2. In Installation Results, confirm that all role services and features were installed, and then click Close.