Share via


Event ID 1066 — DHCP Authorization and Conflicts

Applies To: Windows Server 2008

When configured correctly and authorized for use on a network, Dynamic Host Configuration Protocol (DHCP) servers provide a useful administrative service. However, a misconfigured or unauthorized DHCP server can cause problems. For example, if an unauthorized DHCP server starts, it might begin either leasing incorrect IP addresses to clients or negatively acknowledging DHCP clients that attempt to renew current IP address leases.

To resolve these issues, DHCP servers are verified as authorized in Active Directory Domain Services before they can service clients. This prevents most of the accidental damage caused by either misconfigured DHCP servers or correctly configured DHCP servers running on the wrong network.

Event Details

Product: Windows Operating System
ID: 1066
Source: Microsoft-Windows-DHCP-Server
Version: 6.0
Symbolic Name: DHCP_ROGUE_STRING_FMT_UNAUTHORIZED
Message: The DHCP/BINL service is not authorized in the directory service domain "%2" (Server IP Address %1)

Resolve

Authorize the DHCP server or remove other active DHCP servers

To perform these procedures, you must be a member of the Administrators group, or you must have been delegated the appropriate authority.

To authorize the DHCP server in Active Directory Domain Services:

  1. At the DHCP server computer, click Start, point to Administrative Tools, and then click DHCP.
  2. In the DHCP console, right-click DHCP.
  3. Select Manage authorized servers.
  4. In the Manage Authorized Servers dialog box, click Authorize.
  5. In the Authorize DHCP Server dialog box, type the name or IP address of the DHCP server, and then click OK.

You might also need to:

  • Remove other active DHCP servers from the network.
  • Reconfigure the Routing and Remote Access service. If Routing and Remote Access is set up incorrectly, it can act as a second DHCP server.

Notes

  • A DHCP server running Microsoft Small Business Server will not operate if another DHCP server is active on its network.
  • Detection of unauthorized DHCP servers requires the deployment of Active Directory Domain Services and the DHCP service. Other DHCP servers do not attempt to determine whether they are authorized by Active Directory Domain Services before offering IP address leases.

Verify

To perform these procedures, you must be a member of the Administrators group, or you must have been delegated the appropriate authority.

To verify that the DHCP server is authorized by Active Directory Domain Services:

  1. At the DHCP server computer, click Start, click Run, type dhcpmgmt.msc, and then press ENTER.
  2. Right-click DHCP, and then click Manage authorized servers.
  3. If the DHCP server is authorized in Active Directory Domain Services, it appears in the list.

DHCP Authorization and Conflicts

DHCP Infrastructure