Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Lesson 2:
Configu
Lesson 3:
Managin
Lesson 4:
Securin
Lab:
Implem
Module
Highlight
Note
Lesson 2:
Lesson 3:
Lesson 4:
Lab:
Implementing DHCP
Module Review and Takeaways
Module Overview
Dynamic Host Configuration Protocol
(DHCP) plays an important role in the Windows Server 201
2 infrastructure. It is the primarymeans of distributing import
Objectives
After completing this module, you will be able to:
Install the DHCP server role.
Configure DHCP scopes.
Manage a DHCP database.
Secure and monitor the DHCP server role.
Lesson Objectives
NAP
Installing DHCP
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WDSServer
Set the registry value to:
3.
UseDHCPPorts = 0
To set the new configuration, run the following command on the WDS s
WDSUTIL /Set-Server /UseDHCPPorts:No /DHCPOption60:Yes
DHCP Policies
You can create DHCP policies In Windows Server 2012. Policy
-based assignment allows the DHCP server to evaluate reque
sts for IPaddresses against policies that you define. The polic
ies apply to a specific scope using a defined processing orde
r and can be inheritedfrom the server. When the request mat
ches the conditions of a policy the DHCP server provides spe
cific settings to the client. You canuse DHCP policies to confi
gure conditions based on the FQDN of the clients, and to regi
ster workgroup computers with a guest DNSsuffix.
Previous to Windows Server 2012 R2, if you wanted to preve
nt a DNS reverse lookup record in DHCP, also known as point
er recordsregistration
(PTR), you had to disable both host and PTR record registrati
on for DHCP clients. In Windows Server 2012 R2, you canallo
w a DHCP server to register a clients host record, but not th
e PTR record.
Switch to LON-SVR1.
Open the DHCP console.
Authorize the lon-svr1.adatum.com server in AD DS.
Repeat steps 1 through 3 on LON-SVR2, replacing the FQDN in step 3 a
Note: Leave all virtual machines in their current state for the next dem
Lesson Objectives
After completing this lesson, you will be able to:
Describe the purpose of a DHCP scope.
Describe a DHCP reservation.
Describe the DHCP Options.
Explain how to apply DHCP Options.
Create and configure a DHCP scope.
IP address range. This property lists the range of addresses that can be o
ses for a given subnet.
Subnet mask. This property is used by client computers to determine the
Exclusions. This property lists single addresses or blocks of addresses tha
d for lease.
Delay. This property is the amount of time to delay before making DHCPO
Lease duration. This property lists the lease duration. Use shorter duratio
s for more static networks.
Options. You can configure many optional properties on a scope, but typi
Option 003 Router (the default gateway for the subnet)
Option 006 Domain Name System (DNS) servers
Option 015 DNS suffix
IPv6 Scopes
Windows PowerShell
Description
Add-DhcpServerv4Scope
Cmdlet name
Description
Add-DhcpServerv6Scope
Get-DhcpServerv4Scope
Get-
DhcpServerv4ScopeStatistics
Get-DhcpServerv6Scope
Gets the scope information for the specified IPv6 prefixes on the
Get-
Gets the IPv6 prefix statistics that correspond to the IPv6 prefix s
DhcpServerv6ScopeStatistics
Remove-DhcpServerv4Scope
Deletes the specified IPv4 scopes from the Dynamic Host Configu
Remove-DhcpServerv6Scope
Set-DhcpServerv4Scope
Set-DhcpServerv6Scope
The following table lists the common option codes that Wind
ows-based DHCP clients request.
Option code
Name
Subnet mask
Router
DNS servers
15
31
33
Static route
Option code
Name
43
Vendor-specific information
47
NetBIOS scope ID
51
Lease time
58
59
60
66
67
Bootfile name
249
3.
Lesson Objectives
Description
Dhcp.mdb
Dhcp.tmp
Dhcp.tmp is a temporary file that the DHCP database uses as a swap file d
n the Systemroot\System32\Dhcp directory.
J50.log and J50### J50.log and J50#####.log are logs of all database transactions. The DHCP
##.log
J50.chk
Note: You should not remove or alter any of the DHCP servic
e database files.
The DHCP server database is dynamic. It updates as DHCP cl
ients are assigned, or as they release their TCP/IP configurati
onparameters. Because the DHCP database is not a distribut
ed database like the Windows Internet Name Service
(WINS) serverdatabase, maintaining the DHCP server databa
se is less complex.
By default, the DHCP database and related registry entries a
re backed up automatically at 60-minute intervals. You can c
hange thisdefault interval by changing the value of BackupIn
terval in the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\
DHCPServer\Parameters
Restoring a Database
Backup Security
Using Netsh
You also can use commands in the Netsh DHCP Server conte
xt to back up the database; this is useful for backing up the
database toa remote location using a script file.
The following command is a script that you can use from the
Netsh DHCP Server prompt to back up the DHCP data for all
scopes:
export "c:\My Folder\Dhcp Configuration" all
To restore the DHCP database, use the following command:
import "c:\My Folder\Dhcp Configuration" all
Note: The Netsh DHCP Server context does not exist on serv
er computers that do not have the DHCP server role installed
.
Using Windows PowerShell
In the event that you must move the DHCP server role to an
other server, as a best practice you should also move the DH
CP databaseto the same server. This ensures that client leas
es are retained, and reduces the likelihood of clientconfiguration issues.
Initially, move the database by backing it up on to the old D
HCP server. Then, shut down the DHCP service on the old DH
CP server.Next, copy the DHCP database to the new server,
where you can restore it using the normal database restore p
rocedure.
Lesson Objectives
You can configure the refresh rate for the statistics in the Ge
neral tab of servers Properties dialog box.
The DHCP audit log files are named based on the weekday t
hat the file was created. For example, if audit logging is enab
led on aMonday, the file name is DhcpSrvLog-Mon.log.
Description
ID
Date
The date on which the entry was logged on the DHCP server
Time
The time at which the entry was logged on the DHCP server
Description
IP Address
Host Name
MAC Address
Description
Address conflicts
dress
Address obtainedfrom an in The client is obtaining anIP address from the wrongscope, causing
correctscope
DHCP databasesuffers data The DHCP databasebecomes unreadable or islost due to a hardwar
corruptio n or loss
ailure.
address pool
Objectives
After completing this lab, you should be able to:
Implement DHCP.
Implement a DHCP relay agent (optional).
Lab Setup
Estimated Time: 45 minutes
Virtual machines
20410C-LON-DC1
20410C-LON-SVR1
20410C-LON-RTR
20410C-LON-CL1
20410C-LON-CL2
User name
Adatum\Administrato
Password
Pa$$w0rd
For this lab, you will use the available virtual machine enviro
nment. Before beginning the lab, you must complete the foll
owing steps:
1. On the host computer, click Start, point to Administrative Tools, and
2. In Microsoft Hyper-V Manager, click 20410C-LON-DC1, and in the Ac
3. In the Actions pane, click Connect. Wait until the virtual machine start
4. Sign in using the following credentials:
o User name: Administrator
o Password: Pa$$w0rd
5.
6.
o Domain: Adatum
Repeat steps 2 through 4 for 20410C-LON-SVR1 and 20410C-LON-CL1.
For the optional Exercise 2, you should repeat steps 2 through 4 for 20
Scenario
As part of configuring the infrastructure for the new branch o
ffice, you need to configure a DHCP server that will provide I
P addressesand configuration to client computers. Servers ar
e configured with static IP addresses and usually do not use
DHCP for obtaining IPaddresses.
One of the client computers in the branch office needs to acc
ess an accounting app in the head office. The network team
usesfirewalls based on IP addresses to restrict access to this
app. The network team has requested that you assign a stati
c IP address tothis client computer. Rather than configuring a
static IP address on the client computer manually, you decid
e to create a reservationin DHCP for the client computer.
The main tasks for this exercise are as follows:
1. Install the Dynamic Host Configuration Protocol (DHCP) server role.
2. Configure the DHCP scope and options.
3. Configure the client to use DHCP, and then test the configuration.
4. Configure a lease as a reservation.
Task 1: Install the Dynamic Host Configuration Protoc
ol (DHCP) server role
1. Sign in to LON-SVR1 as Adatum\Administrator with the password Pa
2. Open Server Manager, and install the DHCP Server role.
3. In the Add Roles and Features Wizard, accept all defaults.
Task 2: Configure the DHCP scope and options
1. In Server Manager, open the DHCP console.
2. Authorize the lon-svr1.adatum.com server in AD DS.
3. In DHCP, in the navigation pane, browse to IPv4, right-click IPv4, and
4. Create a new scope with the following properties:
o Name: Branch Office
o IP Address Range: 172.16.0.100-172.16.0.200
o Length: 16
o Subnet Mask: 255.255.0.0
o Exclusions: 172.16.0.190-172.16.0.200
o Configure options Router 172.16.0.1
o For all other settings use default values
5. Activate the scope.
Task 3: Configure the client to use DHCP, and then tes
t the configuration
1. Sign in to 20410C-LON-CL1 as Adatum\Administrator with the pass
2. Reconfigure the Ethernet Connection using the following information:
o Configure Internet Protocol Version 4 (TCP/IPv4)
o Obtain an IP address automatically
o Obtain DNS server address automatically
3. Open the Command Prompt window, and then initiate the DHCP proces
4. To test the configuration, verify that LON-CL1 has received an IP addres
mand Prompt window.
Note: This command returns information such as IP address, subnet m
Task 4: Configure a lease as a reservation
1. To display the physical address of the network adapter, in the Comman
2. Switch to LON-SVR1.
3. Open the DHCP console.
4. In the DHCP console, in the navigation pane, browse to Scope [172.16
ick New Reservation.
5. Create a new reservation for LON-CL1 using the physical address of th
s172.16.0.155.
6. On LON-CL1, use the ipconfig command to renew and then verify the
Results: After completing this exercise, you should have im
plemented DHCP, configured DHCP scope and options, and c
onfigureda DHCP reservation.
Prepare for the optional exercise
If you are going to complete the optional lab, revert the 204
10C-LON-CL1 and 20410C-LON-SVR1 virtual machines by per
forming thefollowing steps:
1. On the host computer, start Hyper-V Manager.
2. In the Virtual Machines list, right-click 20410C-LON-CL1, and then c
3. In the Revert Virtual Machine dialog box, click Revert.
4. Repeat steps 1 through 3 for 20410C-LON-SVR1.
5. Start 20410C-LON-SVR1.
Scenario
To avoid configuring an addition DHCP server on the subnet,
your manager has asked you to configure a DHCP relay agen
t foranother subnet in your branch office.
The main tasks for this exercise are as follows:
1. Install a DHCP relay agent.
2. Configure a DHCP relay agent.
3. Test the DHCP relay agent with a client.
Task 1: Install a DHCP relay agent
1. Sign in to LON-RTR as Adatum\Administrator with password Pa$$w0
2. In Server Manager, open Routing and Remote Access.
3. Add the DHCP relay agent to the router.
Task 2: Configure a DHCP relay agent
1. Open Routing and Remote Access.
2. Configure the DHCP relay agent by performing the following steps:
a. In the navigation pane, right-click DHCP Relay Agent, and then c
b. In the New Interface for DHCP Relay Agent dialog box, click Et
c. In the DHCP Relay Agent Properties Ethernet 2 Properties
d. Right-click DHCP Relay Agent, and then click Properties.
e. In the DHCP Relay Agent Properties dialog box, in the Server a
K.
3. Close Routing and Remote Access.
Task 3: Test the DHCP relay agent with a client
Note: To test how a client receives an IP address from the D
HCP relay agent in another subnet, you need to create anoth
erDHCP scope.
1. Sign in to LON-SVR1 as Adatum\Administrator with the password Pa
2. Run Windows PowerShell as Administrator, and then type the following
Add-WindowsFeature -IncludeManagementTools dhcp netsh dhcp add
Active
To test the client, switch to LON-CL2.
4.
5.
6.
Open the Network and Sharing Center window, and then configure the
(TCP/IPv4)properties with the following settings:
o Obtain IP address automatically
o Obtain DNS server address automatically
Open the Command Prompt window.
In the Command Prompt window, at a command prompt, type the follo
Ipconfig /renew
7. Verify that IP address and DNS server settings on LON-CL2 are obtained
Note: The IP address should be in the following range: 10.10.0.100/1
Results: After completing this exercise, you should have im
plemented a DHCP relay agent.
Prepare for the next module
After you finish the lab, revert the virtual machines back to t
heir initial state. To do this, complete the following steps:
1. On the host computer, start Hyper-V Manager.
2. In the Virtual Machines list, right-click 20410C-LON-DC1, and then
3. In the Revert Virtual Machine dialog box, click Revert.
4. Repeat steps 2 and 3 for 20410C-LON-SVR1, 20410C-LON-RTR, and 204
Lab Review Questions
Question: For what is the DHCP scope used?
Question: How should you configure a computer to receive
an IP address from the DHCP server?
Question: Why do you need MAC address for a DHCP server
reservation?
Question: What information do you need to configure on a
DHCP relay agent?
Best Practices
Tools
Tool
Use
DHCP
Windows PowerShell
Ipconfig.exe
Netsh.exe
Regedit.exe
Editing and fine-tuning settings, including those for the DHCP server r