7.8 Authorizing a DHCP Server in Active Directory Domain Services
A DHCP server that is domain joined is authorized by a domain administrator in the AD DS.
The authorization first checks to see if a "CN=DhcpRoot" object is present in the AD DS in the ADsPath.
If the object is not found, create it in the AD DS using the following:
Object Relative Distinguished Name: CN= "DhcpRoot"
Object Class: "dHCPClass" (defined in the AD schema [MS-ADSC])
When creating "DhcpRoot" object, the "dHCPClass" attributes need to be updated.
Once the object "DhcpRoot" exists, a new object by the name of the DHCP server authorizing itself in AD DS needs to be created.
The LDAP ADsPath of the new object is specified using the following:
Object Distinguished Name = <server name>
Object Class = "dHCPClass"
When creating the DHCP server object to authorize in AD DS, the "dHCPClass" attributes need to be updated.
The new server object attribute "dhcpServers" needs to be updated.