DHCP Authorization

DHCP in and of itself is an unauthenticated service, which means that anyone can establish a DHCP server on a network and start to accept clients and assign them erroneous addresses or redirect them for malicious purposes. Consequently, since Windows 2000, it has become necessary to authorize a DHCP server that is running in an Active Directory domain. After the DHCP server is authorized by the proper domain administrative authority, that server can then accept client leases.

The downside to this approach is that a Windows NT 4.0 server could still be added, unauthenticated, to a network. In this situation, it would become necessary to pull out a network analyzer to determine the location of rogue DHCP servers.

Authorization of a Windows Server 2003 DHCP server is straightforward and can be accomplished by following these steps:

Open the DHCP Manager by choosing Start, All Programs, Administrative Tools, DHCP.

Right-click the server name and choose Authorize, as illustrated in Figure 13.34.

Figure 13.34. Authorizing a DHCP server.

I « DHCP

E*

-:■ Ê [0 ESA ® G ®

£

'HHP

tervsl .ctxnfunyahc c«Ti 11 SB.Cm 1

CÖ «i

D^tisySritHic-i

fi*îlifr flïtorefe £1 Seep«:.

AulhoiizG Lha DM DP Sarvci

Œ „Jflfi Ijjî SH S«*«I

A D3H ¡LP nu:i be aJîtfiMd m ihî Aclive C feeäojj twice iJ can iiyjTi !P «üíííí; i: a Mci/typMaiAyi tha Ihjt on^m/äioiurfOHCP TefYïiT na» on jwt*

To aulhovf ïln- DHCP s«vtr, m líieÀcKmmîm. cfck Auifori»

AiNhOfiíallWi tTWylùfcD jfcwmomenií to oofnpfclt FoföHciu:

ii-rijd* ^h^raF-'Pi ■ ' -n lit- dj-hm i: ^ivi rirk Rrfi^-h

Was this article helpful?

0 0

Post a comment