Just want to share with you some problem I faced with running DHCP on a RODC.
When you install a DHPC role on a server, it will create a local group name “DHCP Administrators” and also “DHCP Users”.
RODC is a new & exciting features on Windows Server 2008. (http://technet.microsoft.com/en-us/library/cc753223(WS.10).aspx) Now, we don’t have to bother what the local admin are doing in our server at the site. 🙂
Now, I have a problem when installing a DHCP on RODC. As mentioned earlier, when you installed a DHCP on a server, it will create a local DHCP group(DHCP Administrators & DHCP Users). Since, RODC is pretty much a DC, there is no local group on the server and since it’s also a READ-ONLY DC, it cannot create the account itself.
You will notice that when your DHCP service is stopped when you install it on RODC and when you check the event log, you’ll notice error 1035 and 1036. This error shows, there exist a authentication problem.
So what shall we do in order to resolve this?
Easy! Just create the DHCP groups in DC 😉
Here’s the step
- Login to any RWDC
- Open Active Directory User & Computers (ADUC)
- Under the Users OU > Create group name “DHCP Administartors” & “DHCP Users” with the group scope is set to “Domain Local”
- Let the replication kicks in
- Voila! Your DHCP service is now automatically started 😉