When configuring a DHCP server in Windows 2000, there are some special configuration steps that need to be taken. Although some features may not be utilized in every situation, they nonetheless need to be considered and implemented.
On networks running Active Directory, Windows 2000 provides a new feature that allows administrators to authorize DHCP servers. An authorized DHCP server can deliver IP addresses and TCP/IP configuration data on a Windows 2000-based network. If Active Directory detects an unauthorized DHCP server, it prevents the server’s DHCP service from starting.
Authorization of DHCP servers is available only in Windows 2000 Active Directory-based networks.
Why would an administrator need to authorize a DHCP server? As shown in Chapter 3, when a DHCP client makes a request for an IP address, it sends a DHCPDISCOVER message. This message is a broadcast message that any DHCP server could receive and therefore respond to with an offer for an IP address. The DHCP client has no way of confirming the identity of the offering DHCP server.
An unauthorized or badly configured DHCP server could wreak havoc on a network. It could lease incorrect IP addresses that cause the DHCP client to be unable to connect to the network. Another possibility is that the DHCP server could send negative acknowledgments to the clients when they attempt to renew their current IP address leases. As a result, the client loses IP connectivity. ...