Article ID: 282001
Article Last Modified on 2/28/2007
APPLIES TO
- Microsoft Windows Server 2003, Standard x64 Edition
- Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
This article was previously published under Q282001
SYMPTOMS
After you install the DHCP Server service on a Windows Server 2003 domain controller that is also running the DNS Server service, the following event may be logged in the System log:
CAUSE
This behavior occurs because you did not configure the DNSCredentials on the domain controller on which you installed the DHCP Server service, and DNS services. This is not a recommended configuration; see the "More Information" section in this article for more details.
RESOLUTION
To resolve this behavior, configure DNSCredentials by using one of the following methods:
By Using the DHCP Server Snap-In
- In the DHCP Server snap-in, which is located in the Administrative Tools folder, right-click the DHCP server that you want to configure, and then click Properties.
- On the Advanced tab, click Credentials.
- Type the username, domain and password of the account under which you want the DHCP Server service to run. You can use any valid existing user account for this, such as a Domain User account. The account should not be set to expire or have any other restrictions.
- Click OK, and then OK again to exit the Properties dialog box.
By Using the Netsh.exe Command Line
- From a command prompt, type netsh, and then press ENTER.
- From the netsh prompt, type dhcp server
ipaddress
(whereipaddress
is the IP address of the DHCP server that you want to configure), and then press ENTER. - Type set dnscredentials
username domain password
(whereusername domain password
is the user account information for the account under which you want the DHCP Server to run), and then press ENTER. You can use any valid existing user account for this, such as a Domain User account. The account should not be set to expire or have any other restrictions. - Type quit, and then press ENTER to exit.
MORE INFORMATION
The DHCP Server service runs under the domain controller's computer account and therefore has full control of all DNS objects. As a result, DNS records that you have dynamically registered with DNS are susceptible to having their name records overwritten by an earlier version of DHCP Client. This behavior may be undesirable, especially if you have configured the DNS zone for Secure Updates only. By using the DNSCredentials parameter, you can run the DHCP Server service under a specified user account that does not have the ability to overwrite the DNS records.
Microsoft strongly recommends the use of DNSCredentials when you are running the DHCP Server service and DNS services on the same domain controller to ensure the integrity of Secure Dynamic Updates. If you do not use DNSCredentials, Microsoft recommends that you run the services on different computers.
Additional query words: dnscredentials 1056 dhcp
Keywords: kberrmsg kbprb KB282001