Install Windows Server DHCP, Configure Scopes, and Authorize in AD

In today’s Ask the Admin, I’ll show you how to set up a DHCP server in Windows Server using PowerShell.

If you’re working with Windows Server Core, or need to configure Windows Server DHCP using the Remote Server Administration Tools (RSAT) for Windows 10, learning how to install and configure DHCP using PowerShell will come in handy. Server Core doesn’t have a GUI, so there’s no Server Manager or DHCP management console. And RSAT for Windows 10 no longer includes a DHCP management snap-in.

 

 

In the instructions that follow, I’ll show you how to install the DHCP server role in Windows Server using PowerShell. Once DHCP is installed, we’ll configure a scope, authorize the DHCP server in Active Directory (AD), and add some DHCP server options. The instructions are intended for a DHCP server that will issue IP addresses to domain-joined devices.

• Log in to Windows Server with an account that has local administrator permissions and the right to authorize DHCP in AD.
• Open a PowerShell prompt by clicking the blue PowerShell icon on the desktop taskbar.
• In the PowerShell window, run the Install-WindowsFeature cmdlet as shown below to install the DHCP server role and management tools:

Install-WindowsFeature DHCP -IncludeManagementTools

Let’s add the DHCP Users and DHCP Administrators security groups to the local server using Add-DHCPServerSecurityGroup, replacing dhcpsrv1 with the name of your DHCP server.

Add-DHCPServerSecurityGroup -ComputerName dhcpsrv1

We need to point the DHCP server to a DNS server, which it will use to register and deregister client DNS records. In my lab, DNS is running on a domain controller (DC), dc1. Replace dc1 with the name of your DNS server.

Set-DHCPServerDnsCredential -ComputerName dc1

The next step is to define a scope, or pool, of IP addresses that the DHCP server will issue to clients. I’m going to keep it simple and use a range of 192.168.2.0/24. In the code below, I define the scope ID in a variable and then use the Add-DhcpServerv4Scope cmdlet to configure an IPv4 scope (192.168.2.20 – 192.168.2.254) on the server.

$scopeID = '192.168.2.0' 
Add-DhcpServerv4Scope -Name Internal -StartRange 192.168.2.20 -EndRange 192.168.2.254 -SubnetMask 255.255.255.0 -Description 'My DHCP' -State Active

I need to set some DHCP server options: DnsServer, DnsDomain and the Router (default gateway) address. DHCP will issue these options to clients, along with an IP address, to ensure that they can communicate successfully on the network. Don’t forget to replace the -DnsServer, -DnsDomain, and -Router parameter values to match those for your network and domain.

Set-DHCPServerv4OptionValue -ScopeID $scopeID -DnsServer 192.168.2.1 -DnsDomain ad.contoso.com -Router 192.168.2.1

And the final step is to authorize the DHCP in Active Directory. You’ll need to replace the value of -DnsName with the fully qualified domain name (FQDN) of a DC in your AD domain, and -IPAddress with the IP address of the same DC.

Add-DhcpServerInDC -DnsName dc1.ad.contoso.com -IPAddress 192.168.2.1

Once the DHCP server is authorized in AD, it should start successfully issuing IP addresses to clients.