Re: DHCP Authorization
From: Miha Pihler [MVP] (mihap-news_at_atlantis.si)
Date: 02/10/05
- Next message: Sam: "WINS setup"
- Previous message: Phillip Windell: "Re: permission needed for static routes"
- In reply to: Mark: "Re: DHCP Authorization"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 10 Feb 2005 21:17:02 +0100
AD is checked every time DHCP service starts. I am not sure about the
overhead. Can you be more specific what are your concerned about? Network
overhead? I believe this check would cause less traffic then client looking
for DHCP...
-- Mike Microsoft MVP - Windows Security "Mark" <Mark@discussions.microsoft.com> wrote in message news:92D72F72-1006-450F-8AC0-0592D9F1416F@microsoft.com... > Miha, > > I have seen this article and yes it helps thanks but I am really > interested > in what the process is. Is this basically just a list stored in LDAP that > is > checked every so often by a DHCP server to see if it is authorized? what > overhead does this generated? > > Thanks > > Mark > > "Miha Pihler [MVP]" wrote: > >> Hi Mark, >> >> An unauthorized DHCP server on a network can cause a variety of problems, >> such as the leasing of incorrect IP addresses and options. To protect >> against this type of problem, when a Windows 2000 or Windows Server 2003 >> domain member DHCP server attempts to start on the network, it first >> queries >> Active Directory. The DHCP server compares its IP address and server name >> to >> the list of authorized DHCP servers. If either the server name or IP >> address >> is found on the list of authorized DHCP servers, the server is authorized >> as >> a DHCP server. If no match is found, the server is not authorized in >> Active >> Directory and does not respond to DHCP traffic. The process of >> authorizing >> DHCP servers is useful for only Windows 2000-based or Windows Server >> 2003-based DHCP servers. This process cannot be used for DHCP servers >> running Windows NT Server, or servers running non-Windows-based DHCP >> services. Only a member of the Enterprise Admins group can authorize or >> unauthorize a DHCP server in Active Directory. >> >> Authorizing DHCP Servers in Active Directory >> http://www.microsoft.com/resources/documentation/WindowsServ/2003/all/deployguide/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/all/deployguide/en-us/dnsbc_dhc_srnz.asp >> >> I hope this helps. >> >> -- >> Mike >> Microsoft MVP - Windows Security >> >> "Mark" <Mark@discussions.microsoft.com> wrote in message >> news:A2557CF8-DC57-42A8-8AE4-FFD1D4E87A50@microsoft.com... >> > Why do you need to authorize a DHCP server when the server is a member >> > of >> > a >> > Domain? Where does it store the authorized server information and what >> > does >> > it do special with the information? Is there a way around this with a >> > machine in the domain? What type of overhead is genterated by this? >> > >> > Thanks >> > >> > Mark >> >> >>
- Next message: Sam: "WINS setup"
- Previous message: Phillip Windell: "Re: permission needed for static routes"
- In reply to: Mark: "Re: DHCP Authorization"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
