Search This Blog

Wednesday, October 19, 2011

DHCP Server Cleaning

I've been working on the domain controller server replacement and OS upgrade from 2003 to 2008 R2.
Each DC has DHCP, DNS and other roles as well. One of them held all FSMO roles and time server role.,

Two physical machines have been replaced with a HP ProLiant DL160 G6 and a virtual machine so far.

I knew non-existing servers somehow still remain in Active Directory as authorized DHCP servers because they are listed as authorised DHCP servers Since the servers themselves dont' exist physically in the domain, when I tried to unauthorize them, I got an error message "an object can not be found" or something and can remove them.
I decided to clean up dead DHCP servers. This process is done on ADSIEdit.

To install ADSIEdit console, type the following command in Run to register dll.
regsvr32 adsiedit.dll

Click Start and select Run. Type "mmc".
Form the File menu select Add/Remove snap-in.
Add ADSIEdit.lmmc.

Once ADSIEdit.msc opens expand Configuration in the left pane.
If you don't have Configuration, right-click ADSIEdit in the left pane and select Connect to....
Click "Select a well known connection point" and select "Configuration" (Woops... Default naming context is enclosed in the below image.)

Navigate Select CN=Services --> CN=NetServices
Right click on CN=DHCPRoot in the middle pane and select properties.
In the CN=DHCPRoot, select DHCPServers and click the Edit button.

High-light the server you want to remove from your domain and click Remove.
Click OK.
 If the server is still alive, you don't have to do this. This process is for the situation that the server was removed from the domain without unauthorizing.

Now that the non-existing DHCP server entries have been cleared from AD, we clean up junk from AD Site and Service.
Open Active Directory Site and Service.
Select the site and servers on the left pane.
Right-click on the ghost DHCP server, which should be empty.
Select delete.