none
DHCP server authorisation failure Windows Server 2008

    Question

  • Hi

    Our network: Windows 2008 standard server (domain controller holding all FSMO roles, DHCP, DNS), Windows 2003 standard server (DNS, WINS), domain functional level = 2003. Windows storage server 2008 (file server), Windows server 2012 (WSUS, Remote access). One site, one 192.168.0.xxx subnet. Mixture of XP and Win 7 clients and one Vista client. None of the servers are multi-homed.

    The DHCP server is configured with a scope that assigns addresses between 100 and 200. All the clients (35 of them) have reserved addresses. The 2012 server grabs a block of ten or so addresses for VPN connections. DHCP server also specifies DNS server, router, time server, domain name, WINS server, NetBIOS over TCP/IP, and WINS node type. Address duration is 6 days.

    Clients' DHCP settings are configured as normal, except that APIPA address assignment has been customised so they get an address 192.168.0.2xx and the DNS server is the gateway not the domain controller.

    Last week, everything was fine.

    Monday morning and all the Windows 7 clients are unable to browse the network. I checked and saw that each W7 client had the APIPA address assigned. The XP machines were fine.

    The DHCP management console snap-in showed the IPV4 node with a red symbol. I restarted the DC but it did not help. The DHCP custom event log under Server Roles has no events at all. In the past there have been startup events present.

    When I started the DHCP snap-in it said that the server was not authorised. Selecting the server then clicking the action menu shows an unauthorise option.

    The system log has event 1059 logged:


    Log Name:      System
    Source:        Microsoft-Windows-DHCP-Server
    Date:          16/12/2013 08:31:02
    Event ID:      1059
    Task Category: None
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      Phobos.htlincs.local
    Description:
    The DHCP service failed to see a directory server for authorization.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-Windows-DHCP-Server" Guid="{6D64F02C-A125-4DAC-9A01-F0555B41CA84}" EventSourceName="DhcpServer" />
        <EventID Qualifiers="0">1059</EventID>
        <Version>0</Version>
        <Level>2</Level>
        <Task>0</Task>
        <Opcode>0</Opcode>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2013-12-16T08:31:02.000Z" />
        <EventRecordID>823779</EventRecordID>
        <Correlation />
        <Execution ProcessID="0" ThreadID="0" />
        <Channel>System</Channel>
        <Computer>Phobos.htlincs.local</Computer>
        <Security />
      </System>
      <EventData>
        <Data>
        </Data>
        <Data>htlincs.local</Data>
        <Data>0x    203a</Data>
        <Binary>3A200000</Binary>
      </EventData>
    </Event>



    This was followed by event 1044: The DHCP/BINL service on the local machine, belonging to the Windows Administrative domain htlincs.local, has determined that it is authorized to start. It is servicing clients now.

    Then event 1059 (above) was repeated.

    After 12 minutes event 1044 was repeated, but no other DHCP events have been logged since that time.

    I assigned static IP addresses to the clients and they are now able to browse the network

    There was just one system change made to the domain controller that hosts DHCP and that was the installation of Netwrix File Server Change Reporter. The installation required a new GPO being created and configured as shown on pp 16/17 of this guide http://www.netwrix.com/download/documents/NetWrix_File_Server_Change_Reporter_Administrator_Guide.pdf.

    I uninstalled this program and removed the GPO this morning.

    I checked the DHCP server about 3 hours later and the IPV4 node was green. Also, when the snap-in loaded it did not display a message saying that the server needs to be authorised.

    Anyone have any idea what may have caused the DHCP server to behave this way? It seems to be OK now (Win 7 clients with DHCP address assignment enabled are OK when restarted), and I wouldn't expect the Netwrix application to have this adverse effect on it.

    Also, I don't understand why the Win 7 clients could not simply retain their existing address. Why were the alternate configuration addresses used? I doubt very much that all those machines' address leases had expired by this morning (though, of course, it is remotely possible).

    Thanks!


    Monday, December 16, 2013 2:26 PM

Answers

  • Yes, they are different. Here are my notes on it. Sorry about all the links, but I thought to try to cover the behavior differences the best I can.

    =======
    Windows VIsta, Windows 7, and newer, DHCP Lease Behavior is different than Windows 2000 and Windows XP upon startup

    DHCP Client Behavior
    http://blogs.technet.com/b/networking/archive/2009/01/29/dhcp-client-behavior.aspx

    If the DHCP client obtained a lease from a DHCP server on a previous occasion, and the lease is still valid (not expired) at system startup, the client tries to renew its lease.  If, during the renewal attempt, the client fails to locate any DHCP server, it attempts to ping the default gateway listed in the lease, and proceeds with one of the following:

    •If the ping is successful, the DHCP client assumes that it is still located on the same network where it obtained its current lease, and continues to use the lease as long as the lease is still valid.  By default the client then attempts, in the background, to renew its lease when 50 percent of its assigned lease time has expired.
    •If the ping fails, the DHCP client assumes that it has been moved to a network where a DHCP server is not available.  The client then auto-configures its IP address by using the settings on the Alternate Configuration tab.  When the client is auto-configured, it attempts to locate a DHCP server and obtain a lease.

    As a workaround, you can force a Windows Vista or Windows 7 DHCP client to keep the old DHCP lease by adding registry key “DontPingGateway” if connectivity fails, see the resolution in the KB article below:

    Windows Vista does not keep its DHCP IP address if a DHCP server is not available (works for Windows 7, too):
    http://support.microsoft.com/kb/958336


    References and previous discussions on this topic:

    Clients get autoconfig address when DHCP server is down
    http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/0f1a6d43-aca1-41c7-bac8-a24632a34644

    How can Windows 7 Client hold DHCP Config after reboot without DHCP Server running?
    http://social.technet.microsoft.com/forums/en-us/winserverNIS/thread/245EF423-F2CA-42CD-8CAF-8B12D4565633

    Windows 7 machines not getting DHCP IP !!!!URGENT!!!!!!
    http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/c5f0c1b3-b6bf-465c-9b96-5ea1c9198bbc


    Ace Fekay
    MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services
    Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/

    This post is provided AS-IS with no warranties or guarantees and confers no rights.

    FaceBook Twitter LinkedIn

    Wednesday, December 18, 2013 3:03 PM
  • It might have to do with the IP config the APIPA is providing and not falling under the "Work or Domain Network" therefore the firewall kicks in blocking ICMP.

    I have not relied on this method to insure IP configuration for clients. Rarely does a DHCP server fail relying on such a method, and we usually insure DHCP servers are up and running. If worried about DHCP server failures, instread of relying on the APIPA method on the client side, I would highly recommend implementing DHCP failover with two DHCP servers utilizing an 80/20 rule, or even a 100/100 rule. Here's more on that:

    TechNet Thread - DHCP Failover
    Discusses 100/100 rules, and more.
    http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/b384c07c-008f-4176-aee9-643288292321/

    TechNet Thread - DHCP Failover:
    Discusses 80/20, DHCP sizing, diagrams, etc.
    http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/d0d6b210-c57c-4a05-8763-a6a67895ace5/

    Windows 2012 solves the problem of managing a 100/100 scope:
    What's new in DHCP in Windows 2012:
    http://technet.microsoft.com/en-US/library/jj200226.aspx

    -

    Oh, and one more thing - I don't know why you have an NTP scope option set. Windows by default uses the default Windows Time forest hierarchy. Other than configuring the forest root PDC emulator to an outside or some other reliable time source, there is NOTHING else to set - it just works out of the box. This is a default service that is implemented to insure Kerberos' authentication default 5 minute skew tolerance. If the clocks between the client and DC or DC to DC, or any other communication, is off more than 5 minutes, Kerb auth fails. This is why it was implemented as a default service. If you need down to the millisecond time sync, then a third party time service is recommended. More info:

    Configuring the Windows Time Service for Windows 2000, 2003, 2008 and newer, explanation of the time service hierarchy, and more
    Published by Ace Fekay, MCT, MVP DS on Sep 18, 2009 at 8:14 PM  3050  1 
    http://msmvps.com/blogs/acefekay/archive/2009/09/18/configuring-the-windows-time-service-for-windows-server.aspx

    How to configure an authoritative time server in Windows Server
    http://support.microsoft.com/kb/816042


    Ace Fekay
    MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services
    Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/

    This post is provided AS-IS with no warranties or guarantees and confers no rights.

    FaceBook Twitter LinkedIn

    Thursday, December 26, 2013 4:15 PM

All replies

  • Hi,

    Firstly, thanks for sharing your experience with us and it would be greatly helpful to others who has similar issue.

    Based on my knowledge, for a DHCP client it will ask the DHCP server to obtain an IP address firstly. If the DHCP server is not available, it will be assigned an IP from 169.254.0.0/16 by APIPA. If APIPA is disabled, it will check the alternate configuration to get an IP address. Otherwise, no IP address will be assigned to the client.  

    Besides, event 1044 is a normal condition and no further action is required for it. However, the event 1059 is usually due to the connectivity issue between the DC and DHCP server. In addition, it is not recommended to install the DHCP server on a DC.

    More information:

    Event ID 1044 — DHCP Authorization and Conflicts

    http://technet.microsoft.com/en-us/library/cc726927(v=ws.10).aspx

    Event ID 1059 — DHCP Server Active Directory Availability

    http://technet.microsoft.com/en-us/library/cc774849(v=ws.10).aspx

    Best regards,

    Susie

    Tuesday, December 17, 2013 6:13 AM
    Moderator
  • Hi,

    Firstly, thanks for sharing your experience with us and it would be greatly helpful to others who has similar issue.

    Based on my knowledge, for a DHCP client it will ask the DHCP server to obtain an IP address firstly. If the DHCP server is not available, it will be assigned an IP from 169.254.0.0/16 by APIPA. If APIPA is disabled, it will check the alternate configuration to get an IP address. Otherwise, no IP address will be assigned to the client.  

    Besides, event 1044 is a normal condition and no further action is required for it. However, the event 1059 is usually due to the connectivity issue between the DC and DHCP server. In addition, it is not recommended to install the DHCP server on a DC.

    More information:

    Event ID 1044 — DHCP Authorization and Conflicts

    http://technet.microsoft.com/en-us/library/cc726927(v=ws.10).aspx

    Event ID 1059 — DHCP Server Active Directory Availability

    http://technet.microsoft.com/en-us/library/cc774849(v=ws.10).aspx

    Best regards,

    Susie

    Hi, Susie

    Thanks a lot for responding.

    I had used the links you provided when I was trying to figure out what had happened. Using ping to test the connectivity from/to the DC worked fine, the XP clients were able to browse the network and connect to the Internet without issue.

    My question is why the Windows 7 clients suddenly began using the alternate addresses. I think it too much of a coincidence for their leases to have expired at the same time and for it to not have affected the XP clients.

    My point is that DHCP leases addresses for a set period - in our case, 6 days. The clients should contact the DHCP server when 3 days have elapsed and then at regular intervals thereafter. They should not use the alternate configuration address or the APIPA address unless the lease has expired and they are unable to contact a DHCP server or a DHCP server refuses the request.

    In this case they were unable to contact the DHCP server. Connectivity was not an issue while this occurred for the remainder of the clients. As I said, DNS is hosted on the DC that also hosts DHCP. I forgot to mention that the same DC also hosts the DFS root. It was only the DHCP server that had the issue contacting the DC. DNS was working fine, DFS was working fine. If the DC that hosts these services has any sort of connectivity issues it affects everyone.

    I was hoping that someone might be able to help explain why the Win 7 clients behaved as they did so that I could take steps to prevent/minimise this happening in the future.

    Regarding the issue of hosting DHCP on a DC, does anyone know if there would be any problems hosting DHCP on a member server that also hosted WSUS and Routing and Remote Access? I have never seen anything that states there might be issues regarding this but it's best to ask :)

    Thanks again.


    • Edited by Mark-Blood Tuesday, December 17, 2013 10:10 AM
    Tuesday, December 17, 2013 10:08 AM
  • Further to this I experienced a DNS name resolution failure today for one of the clients that I changed over to a static address yesterday.

    When I checked the DNS server only one of the clients had registered the new DNS address. I opened DHCP and removed the reservations. When I checked the leases none of the affected machines were listed.

    I logged onto one of the clients that had not registered the new address and used ipconfig /registerdns to force the registration of the static IP address. A message was displayed saying the process had been initiated and that any errors would be reported in the event log within 15mins. After an hour the address was not listed in DNS and no errors were reported in any of the event logs on the client.

    I have now manually added the A and PTR records to the DNS Server and name resolution is working fine - ping name, ping fqdn, ping -a ip address all work as they should.

    I've had a quick search for failure to register dns records but the results contain masses of unrelated material. I'm going to persevere but it would be great if anyone can point me at some resources which will help me understand why these machines (apart from one) did not register their new addresses and why the PC I chose to use ipconfig /registerdns on failed.

    Thanks!

    Tuesday, December 17, 2013 2:50 PM
  • If the zone is set to Secured Updates only, then it uses Kerberos to register. If there is still AD communications issues, then that would be one symptom where it won't register.

    As for the Netwrix, did you contact the vendor support? That would have been the first place I would have focused on, especially since that was the very last thing that was changed prior to this occurring, and especially that when you uninstlalled it, that DHCP would authorize.

    I don't know what Netwrix does, since I am not familiar with it, but what's concerning is that it thwarted AD communications. So I would ask myself, WHY? Does it have some sort of firewall feature? Does it add an IP to the server? If yes, and the server is a DC, then that can cause a whole boatload of problems, because it turns the DC into a multihomed DC. Multihoming a DC causes problems.

    I digress, because that's just speculation. Since everything was working before that, I would honestly recommend contacting Netwrix support to see what it did to your DC.


    Ace Fekay
    MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services
    Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/

    This post is provided AS-IS with no warranties or guarantees and confers no rights.

    FaceBook Twitter LinkedIn

    Wednesday, December 18, 2013 5:25 AM
  • Thanks a lot. I have posted a question on their support forum.

    However, this still does not explain why only the Win 7 clients and the Vista client were affected. That is what is really bothering me. Does Windows 7 and Vista's DHCP procedure differ from that of XP?

    Wednesday, December 18, 2013 12:10 PM
  • Yes, they are different. Here are my notes on it. Sorry about all the links, but I thought to try to cover the behavior differences the best I can.

    =======
    Windows VIsta, Windows 7, and newer, DHCP Lease Behavior is different than Windows 2000 and Windows XP upon startup

    DHCP Client Behavior
    http://blogs.technet.com/b/networking/archive/2009/01/29/dhcp-client-behavior.aspx

    If the DHCP client obtained a lease from a DHCP server on a previous occasion, and the lease is still valid (not expired) at system startup, the client tries to renew its lease.  If, during the renewal attempt, the client fails to locate any DHCP server, it attempts to ping the default gateway listed in the lease, and proceeds with one of the following:

    •If the ping is successful, the DHCP client assumes that it is still located on the same network where it obtained its current lease, and continues to use the lease as long as the lease is still valid.  By default the client then attempts, in the background, to renew its lease when 50 percent of its assigned lease time has expired.
    •If the ping fails, the DHCP client assumes that it has been moved to a network where a DHCP server is not available.  The client then auto-configures its IP address by using the settings on the Alternate Configuration tab.  When the client is auto-configured, it attempts to locate a DHCP server and obtain a lease.

    As a workaround, you can force a Windows Vista or Windows 7 DHCP client to keep the old DHCP lease by adding registry key “DontPingGateway” if connectivity fails, see the resolution in the KB article below:

    Windows Vista does not keep its DHCP IP address if a DHCP server is not available (works for Windows 7, too):
    http://support.microsoft.com/kb/958336


    References and previous discussions on this topic:

    Clients get autoconfig address when DHCP server is down
    http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/0f1a6d43-aca1-41c7-bac8-a24632a34644

    How can Windows 7 Client hold DHCP Config after reboot without DHCP Server running?
    http://social.technet.microsoft.com/forums/en-us/winserverNIS/thread/245EF423-F2CA-42CD-8CAF-8B12D4565633

    Windows 7 machines not getting DHCP IP !!!!URGENT!!!!!!
    http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/c5f0c1b3-b6bf-465c-9b96-5ea1c9198bbc


    Ace Fekay
    MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services
    Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/

    This post is provided AS-IS with no warranties or guarantees and confers no rights.

    FaceBook Twitter LinkedIn

    Wednesday, December 18, 2013 3:03 PM
  • Hi, Ace

    Many thanks for the comprehensive response. I downloaded the technical reference for DHCP on Win 2008 so I am now aware of the action that pings the gateway if a DHCP server cannot be contacted/does not respond and that the response, or lack of response determines client behaviour.

    In our setup I had configured the client's TCP/IP alternate address to use the gateway as the DNS server because I assumed that connectivity would fail if the domain controller was down (no local DNS and no DHCP). That way, the clients would still be able to browse the network using \\ip-address and still have access to the Internet.

    DHCP scope options:
    003 Router : 192.168.0.95
    004 Time Server : 192.168.0.10
    042 NTP Servers : 192.168.0.10
    044 WINS/NBNS Servers : 192.168.0.15
    045 NetBIOS over TCP/IP NBDD : 192.168.0.10
    046 WINS/NBT Node Type : 0x8
    006 DNS Servers : 192.168.0.10, 192.168.0.15
    015 DNS Domain Name : htlincs.local

    XP, Vista and Windows 7 client adaptor Alternate Configuration settings in the Internet Protocol Version 4 (TCP/IPv4) Properties page:
    User configured:
    IP address: 192.168.0.xxx
    Subnet mask: 255.255.255.0
    Default gateway: 192.168.0.95
    Prefered DNS server: 192.168.0.95

    When ipconfig /all is used to display the IP/TCP settings from clients using the DHCP assigned address from the DHCP reservation or from guest devices on the network that have a standard DHCP address assigned, the default gateway is always 192.168.0.95.

    When the Vista and Windows 7 clients were unable to contact the DHCP server the gateway was available. I know this because the remainder of the clients had access to the Internet which is via the default gateway address 192.168.0.95. When the Vista and Windows 7 clients had the alternate configuration applied they, too, were able to access the Internet via the default gateway address 192.168.0.95.

    This is what is so baffling. Something must have occurred that prevented the Vista and Win 7 clients from successfully pinging the gateway, despite the fact that the gateway was accessible the entire time. One has to wonder if the gateway address was correct. I've no reason to assume it wasn't because we have just the one gateway: 192.168.0.95 It's been that way for nearly ten years.

    We use a Draytek Vigor router for the gateway and there is an option to block ping requests from the Internet which I have enabled, but ping requests from the local network are always acknowledged.

    There must be something here that I'm missing or am not aware of.

    I'd also be interested in looking at how a DHCP server authenticates itself against the domain - how often this occurs, the steps involved etc. I've not found anything yet, so if you have any info on that I'd be really grateful if you could share it.

    Thanks a lot for responding - it really got me thinking about this and I learned some new stuff.

    [Edit]

    The people over at Netwrix have kindly responded to my query and I am satisfied that this software is not responsible for the DHCP hiccup.

    • Edited by Mark-Blood Thursday, December 19, 2013 3:23 PM Additional info
    Thursday, December 19, 2013 12:02 PM
  • Hi,

    Thanks for your detailed reply.

    The information below may be helpful to you:

    http://www.ietf.org/rfc/rfc3118.txt

    Best regards,

    Susie

    Monday, December 23, 2013 6:02 AM
    Moderator
  • It might have to do with the IP config the APIPA is providing and not falling under the "Work or Domain Network" therefore the firewall kicks in blocking ICMP.

    I have not relied on this method to insure IP configuration for clients. Rarely does a DHCP server fail relying on such a method, and we usually insure DHCP servers are up and running. If worried about DHCP server failures, instread of relying on the APIPA method on the client side, I would highly recommend implementing DHCP failover with two DHCP servers utilizing an 80/20 rule, or even a 100/100 rule. Here's more on that:

    TechNet Thread - DHCP Failover
    Discusses 100/100 rules, and more.
    http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/b384c07c-008f-4176-aee9-643288292321/

    TechNet Thread - DHCP Failover:
    Discusses 80/20, DHCP sizing, diagrams, etc.
    http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/d0d6b210-c57c-4a05-8763-a6a67895ace5/

    Windows 2012 solves the problem of managing a 100/100 scope:
    What's new in DHCP in Windows 2012:
    http://technet.microsoft.com/en-US/library/jj200226.aspx

    -

    Oh, and one more thing - I don't know why you have an NTP scope option set. Windows by default uses the default Windows Time forest hierarchy. Other than configuring the forest root PDC emulator to an outside or some other reliable time source, there is NOTHING else to set - it just works out of the box. This is a default service that is implemented to insure Kerberos' authentication default 5 minute skew tolerance. If the clocks between the client and DC or DC to DC, or any other communication, is off more than 5 minutes, Kerb auth fails. This is why it was implemented as a default service. If you need down to the millisecond time sync, then a third party time service is recommended. More info:

    Configuring the Windows Time Service for Windows 2000, 2003, 2008 and newer, explanation of the time service hierarchy, and more
    Published by Ace Fekay, MCT, MVP DS on Sep 18, 2009 at 8:14 PM  3050  1 
    http://msmvps.com/blogs/acefekay/archive/2009/09/18/configuring-the-windows-time-service-for-windows-server.aspx

    How to configure an authoritative time server in Windows Server
    http://support.microsoft.com/kb/816042


    Ace Fekay
    MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services
    Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/

    This post is provided AS-IS with no warranties or guarantees and confers no rights.

    FaceBook Twitter LinkedIn

    Thursday, December 26, 2013 4:15 PM
  • @Susie: Many thanks for the link. Luckily, I already have that :)

    @Ace: Thank you very much for the help. Your point is interesting - does the PC use an APIPA address while it pings the gateway. If it does, that would explain why it was unable to successfully ping the gateway as our firewall explicitly allows local traffic from 192.168.0.xxx

    We recently purchased an additional server for remote access so that the 2008 DC would no longer be multi-homed. I will set up DHCP on that additional server. The only other server we have that is not a DC is a Windows Storage Server 2008 server so I will look at setting up DHCP on that to provide fail-over.

    I will also remove the time setting from the scope options.

    Cheers! Your help has been invaluable.


    Monday, January 6, 2014 11:43 AM
  • That's a good question. I would assume if it gets an APIPA, that the system would know it could not get a DHCP config, therefore the APIPA applies, and knowing the default APIPA doesn't get a gateway (since it's a random 169.254.x.x/16 without a gate), it would not bother to try, but I don't know with a manually configured APIPA. I would need to research that to see if my assumption on the algorithm applies.

    Yea, I would definitely look at DHCP failover instead of the overhead you're implying dealing with it on the client side! This way it works with all devices, too!

    Cheers!


    Ace Fekay
    MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services
    Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/

    This post is provided AS-IS with no warranties or guarantees and confers no rights.

    FaceBook Twitter LinkedIn

    Tuesday, January 7, 2014 6:55 AM