Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Unable to authorize DHCP server 1

Status
Not open for further replies.
sharyn

sharyn

IS-IT--Management
Mar 6, 2001
161
0
0
US
Hi folks,

I have about a day to fix this before the IP Address leases on my remote machines expire and I dont have a way to renew em.

I have a remote site in Kentucky. This site had an nt 4.0 server, acting as a BDC, a WINS server, and a DHCP server. We purchased them a new win2k server, I configured it in my office and shipped it up there. They are shipping us back the old one (it's in transit)for an upgrade and reassignment.

Here is my problem. I had my contact up there in KY plug in the new server and fire it up. I had already configured terminal services on it, and once it was booted I was able to connect to it with no problems. WINS is working fine, netlogon is fine, its replicating fine blah blah. However, no matter what I do, I can't get it to allow me to authorize it as a dhcp server. I get the error message, "The specified server already exists in the directory."

I have been on the MS KB all day and have tried deleting it in AD sites and services, tried the adsiedic.msc and all the other things MS suggests, to no avail.

Has anyone run into this and fixed it????? I really need some help here or in a day or so, I will be on the phone, walking 25 people through configuring tcp/ip properties manually.

HELPPPPPPPPPPPPPPPPPPPPPPPP!!!!!!

Thanks in advance!
Sharyn
 
Sort by date Sort by votes
Scopes are all set up?
Stop and start the service.
After picking authiorise, you usually have to close the DHCP server screen and go back in to it. It can sometimes take two or three times before the screen shows as activated. Hitting authorize again will give that error, as it has already been activated (authorised).
 
Upvote 0 Downvote
thanks..i got that error after hitting authorize the very first time.

I have rebooted the server, stopped and started the dhcp service, triggered a manual replication, opened and closed the dhcp mmc, opened it on ANOTHER DC and tried to authorize it from there, nothing I can think of to do works. Been working on this on and off all day. This is the 4th win2k DC i've installed and configured dhcp on and I have never seen this :(

Other suggestions?

Thanks,
Sharyn
 
Upvote 0 Downvote
Go to the other DHCP server in the directory and check to see if it has two entries for that server in its list of authorised DHCP servers. Using the DHCP console tool, simply right-click the DHCP icon, choose Manage Authorized Servers look and see if it is listed twice. If so delete one entry. If not listed at all add it in.

 
Upvote 0 Downvote
This isnt going to help you this time but you have learned not to remove the old system from site until the new system is working!
 
Upvote 0 Downvote
I had this exact problem, however my news will not help.

I had 4 dhcp servers and one was not authorising yet the other 3 were. All servers were identical hardware and ghosted from an orignal setup.

Eventually it did authorise but it took weeks to do so. I do not know why, but eventually it did authorise.

As your deadline has probably already passed you may have to do it manually for now but hopefully it should be ok for the future.
Mark Taylor
Technical Manager
NHS
 
Upvote 0 Downvote
Good morning and thanks for everyone's response.

My dhcp server will still not authorize. I have launched the dhcp mmc and gone to manage authorize servers. There is only one entry for the server in question. I deleted the entry and recreated it but I still can't get the server to authorize.

I did a search on this site and found some reference to a registry hack..Im cutting and pasting the post. Does anyone know anything about this? I hate hacking into my registry when I really dont know what other effects this will have..

"It is a bug in sp2 the fix is to disable the rogue server capability in 2000 svr via sp2 reg fix is hkey\local_machine\system\controlset\services\dhcp_server\parameters

new value dword name is DisableRogueDetection (exact case) hexadecimal value of 1"

As far as removing the old system before the new one was working, without going into a long, boring unimportant explanation, it was necessary to remove the old system first. Usually I am very careful about always having a backup plan. In this case, there was no choice.

Any other help would be greatly appreciated!

Thanks again
Sharyn

 
Upvote 0 Downvote
In my event viewer, I am getting the following error message. I am 100% positive this has something to do with my problem but I really don't have a clue how to fix this.
Anyone seen this?????


The object CN=kyserver.fdc.com,CN=NetServices,CN=Services,CN=Configuration,DC=FDC,DC=com (with objectGuid 206425c7-01fb-4564-857a-2a13c21600e6) was created on a remote server. However, this name is already in use here by the object with objectGuid f343c489-f40a-4e50-8d8d-e3a46b87586a.


I am getting this message on both the problem server and its replication partner in AD, however the objectGUID numbers are different on either server.

 
Upvote 0 Downvote
No, when I created it, it automatically put itself in the defaultfirstsite container.

Once I shipped it up there and had my contact plug it in and fire it up, then I created a site and a subnet for it and moved it out of the defaultfirstsite and put it where it was supposed to be. This is how I have been doing this for the last 4 servers.

One thing to note, I am not getting any AD replication errors other then the one about the cn=netservices one. The machine seems to be replicating fine and is accepting netlogon attempts, WINS replication is working, its in network neighborhood etc. The ONLY thing that is wrong is I can't authorize it.

I'll check out these articles though, thanks.
 
Upvote 0 Downvote
Hey Sharyn, not having a lot of luck lately I see...I know how you feel.
If futuretech's items don't pan out I think you may need to do an AD cleanup by Booting into Directory Services Restore Mode and running an NTDSUTIL session. Try a semantic check, "sem d a" , followed by "go fix".
It's a bit extreme, but it won't hurt anything.
 
Upvote 0 Downvote
Thanks Bront, was wondering if u were going to join in here.

Only problem with that is the box in question is in Kentucky and I'm in Florida. I have been doing all of this through a terminal services session from my local workstation to the server up in ky.

I am unsure of how to boot into a restore session like that when I'm not directly in front of the machine. The contact I have up there, while able to follow simple directions, like "PLUg the ethernet cable in" is not really capable of doing something this complicated, not to mention I myself have never done it and would be plodding through the screens as well.

<sigh>

By the time I get this figured out I will have manually configured all the freaking clients up there anyway!

While futureteks suggestions were good ones, I am not running DFS so that first article doesnt apply. I did everything that I was supposed to do according to the 2nd article, and have been doing it this way for some time now so I dont think that is it either. I am in the process of reinstalling sp2, am afraid to go to sp3 after reading some of the problems people have been having.

I will have to read up on booting into ad restore, I really dont know anything about it not to mention Im not real familiar with the ntdsutil except for viewing the fsmo roles.

Still looking for an easy fix! :)

Thanks!
 
Upvote 0 Downvote
Thanks.

I really hope it doesnt come down to this as I am pretty sure that the person helping me out up there is not capable of doing this.

I have seen the syntax of this in article q218485 which refers to the semantic checker go fix command.

Would be nice if I had a server to do this on first, before I tried to walk someone through it over the phone!

I was going to re-install sp2..think that might h elp or am I wasting my time?
 
Upvote 0 Downvote
LOL futuretek,

I'm staring at the darn article right now trying to figure out if I can walk someone who is not really technical through doing this over the phone.

This article also mentions installing sp3. I am wondering if that is really necessary.

The problem I am having is only pertaining to the cn=netservices and I am not getting any other repl errors.
 
Upvote 0 Downvote
They suggest the latest service pack.I havent had any real problems with SP3(knock on wood) and it has apparently fixed other problems for other people.
 
Upvote 0 Downvote
Thanks again.

I have just gone back through the process of removing all indications of the problem server being a dhcp server in both AD sites and services and using the adsiedit.msc (Q306925). I have manually triggered a replication and I am going to reboot the server.

This will be my last attempt at doing the &quot;easy&quot; fix, then I&quot;ll see about installing sp3 and running this ntdsutil command.

The irony of this is, this is the 5th win2k server I have installed. All the others have been upgrades and I've had very few problems with them. Here I thought this would be &quot;simple&quot;, ship the machine up there, plug it in, done. WRONG!
 
Upvote 0 Downvote
that is a good article futuretech, thanks. I had to dig around so many sites ealier this year for that ntdsutil info...

sharyn, you could always uninstall SP3 if it causes pain...
 
Upvote 0 Downvote
The pain I'm afraid of is, earlier on this site, few weeks ago, I read somewhere that sp3 caused blue screens and error messages about not being able to find some file that win2k needs to boot. Cant remember the exact file.

Since the machine is not at my fingertips, I have got to be really cautious about what I do here.

Manual configuration of tcp/ip properties is one thing, a corrupted boot sector or anything that hoses the machine totally will really hose me!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MaioMaio
  • Question
Server Remote Desktop License
Replies
0
Views
103
MaioMaio
MaioMaio
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
118
Aquiles Vidal
Aquiles Vidal
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
143
suncit
suncit
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
97
antonio_dsanchez
antonio_dsanchez
jamescpp
  • Locked
  • Question
Windos OpenSSH server vulnerability
Replies
0
Views
117
jamescpp
jamescpp

Part and Inventory Search

Sponsor

Back
Top