I have removed my old DHCP servers from the infrastructure but when I run command those old servers are still showing up as authorized DHCP servers even all references in [easyazon_link identifier=”1904811787″ locale=”US” tag=”wn0d5-20″] DNS [/easyazon_link] and DHCP have been removed.
How do you check and list your authorized DHCP servers in [easyazon_link identifier=”0672336227″ locale=”US” tag=”wn0d5-20″] Windows Server 2012 R2 [/easyazon_link] domanin:
netsh dhcp show server 4 Servers were found in the direcotry service: Server [box1.contoso.com] Address [172.10.10.20] Ds Location: cn-box1.contoso.com Server [box2.contoso.com] Address [172.10.10.22] Ds Location: cn-box2.contoso.com Server [box5.contoso.com] Address [172.10.10.45] Ds Location: cn-box5.contoso.com Server [box6.contoso.com] Address [172.10.10.46] Ds Location: cn-box6.contoso.com
I notice that my box5 and box6 should not be on the list of Authorized Dhcp servers as these 2 servers are removed and no longer on the domain. I have checkd all [easyazon_link identifier=”0128033061″ locale=”US” tag=”wn0d5-20″] DNS [/easyazon_link], DHCP records and these servers are no where noticed in the records. In order to remove them, you need to run netsh command again:
netsh dhcp delete server box5.contoso.com 172.10.10.45 Deleting server with box5.contoso.com, 172.10.10.45 Command completed sucesfully. netsh dhcp delete server box5.contoso.com 172.10.10.46 Deleting server with box6.contoso.com, 172.10.10.46 Command completed sucesfully.
Now when you run the netsh command to list your authorized server you should not see these 2 removed server on the list. However, in case you get the following error: “There is no such object on the server” – you will need to use ADSIEDIT MMC to remove the objects from Active Directory.
How to remove the objects from Active Directory using ADSIEDIT:
1. Start Adsiedit.msc
2. Open the configuration Container
3. Expand Services
4. Expand Net Services
5. On the right hand side you will find a record named CN=DHCPRoot
6. Right Click the CN=DhcpRoot entry and then click Properties
7. Highlight the entry with the old Domain name and click Remove from DHCPServers Attribute
8. Once deleted the DHCPServers value will be “not set”:
9. Save the change by clicking OK and close Adsiedit.
10. Restart the DHCP server service.
Once you have restarted the DHCP Server service, run the following command: “Netsh DHCP show server”. You should no longer see the old servers listed as Authorized. Take into account that you may have to wait on AD replication. Also, if the servers are still listed, you can now run the command “netsh DHCP delete server ServerFQDN ServerIPAddress” without error.