How to Manage Microsoft DHCP Server [In Depth Tutorial]

Steve Sherry

Read more posts by this author.


If you wonder how basic network configuration is managed across your environment, today is your lucky day. You’ll learn how to connect to your Microsoft DHCP server and manage all of the common components from DHCP scopes, DHCP policies, DHCP reservations, and DHCP leases!

Prerequisites

This article is a tutorial. If you plan on following along step-by-step, you will need the following:

  • A Microsoft DHCP Server in an Active Directory environment- This tutorial uses Windows Server 2019, but any server from 2008R2 onwards would work. The server is called dc01.stevesherry.com.
  • An Active Directory account that is a member of the DHCP Administrators group or equivalent.

DHCP Scopes

At its simplest, a Microsoft DHCP server is a machine on a network that hands out IP addresses to clients. It ensures all clients receive IP addresses so they can communicate on the network. It does this through DHCP scopes.

A DHCP scope represents contains various components such as:

  • Assignable IP addresses for a particular group of devices (address pools)
  • A client’s DNS server and default gateway
  • IPs to only assign to certain devices (DHCP reservations)
  • Address pools (groups of assignable IP addresses)

The DHCP scope is a core element on a network and that allows you to configure network settings common to all of the clients on that network.

Creating a DHCP Scope via Server Manager

Let’s kick off this tutorial by learning how to add DHCP scopes to an existing DHCP server. For this first demo, you’re going to learn how to set up a DHCP scope via the Windows Server Manager.

Assuming you’re at the Windows desktop of a test DHCP server:

1. Click on your Start menu and type dhcpmgmt.msc to open the DHCP Microsoft Management Console (MMC).

2. Once the DHCP MMC opens, click on the dropdown to the left of the server name and then on IPV4.

Microsoft DHCP Server supports both IPv4 and IPv6 address allocation to clients. This tutorial will only focus on IPv4 scopes.

Expand the DHCP server settings so that you can see IPv4
Expand the DHCP server settings so that you can see IPv4

3. Right click on IPv4 and select New Scope to start the New Scope Wizard, and click Next on the introduction screen.

Begin creating a new IPv4 DHCP scope
Begin creating a new IPv4 DHCP scope

4. Provide a name of your choice for the Name and Description. This tutorial will create a scope for the company’s head office. Click Next when complete.

Scopes are commonly assigned to physical buildings or sometimes IP subnets.

Create the name and description for the scope
Create the name and description for the scope

5. Next, define an IP Address Range indicating the IP address range you’d like to assign to the DHCP server’s clients. The tutorial will ensure the first IP address allocated to clients will be 10.0.0.100 and the last IP address will be 10.0.0.200. These start and end IP addresses create the scope’s address pool which you’ll learn about later.

Also on this screen, enter a CIDR Length or Subnet mask which will be assigned to all clients.

Configure the IP Address Range
Configure the IP Address Range

It is common to deliberately leave the beginning and end of the address pool free to allow for any statically assigned addresses.

6. Click Next to skip past the Add Exclusions and Delay step.

Add DHCP exclusions and delays
Add DHCP exclusions and delays

If you know of one or more IP addresses that are already in use within the defined address range, an exclusion prevents the DHCP server from attempting to assign a particular IP address in its address pool.

7. For now, click Next to accept the default Lease Duration. You’ll learn a lot about DHCP leases later in this tutorial.

Select the lease duration
Select the lease duration

8. Leave the default setting of Yes, I want to configure these options now and click Next on the Configure DHCP Options step. You will configure various scope options shortly in this tutorial.

Configure DHCP options whilst configuring the DHCP scope
Configure DHCP options whilst configuring the DHCP scope

9. Next, provide an IP address of 10.0.0.1 for the Router (Default Gateway). Once the DHCP scope is available to clients, the DHCP server will hand out this IP address as the clients’ default gateway. The default gateway is the primary way clients can communicate with other networks or the Internet in general.

Provide Default Gateway details
Provide Default Gateway details

10. Since this tutorial is using an environment that has a DNS server located at 10.0.0.10, provide the IP address on the Domain name and DNS Servers step. This IP address will be handed out as the DNS client for DHCP clients to translate names into IP addresses.

The Parent domain should automatically populate based on the Active Directory domain the DHCP server is a member of.

Configure the DNS server information
Configure the DNS server information

11. If your environment still uses a WINS server, provide its IP address on the WINS Server step. This tutorial does not use one, so click Next to continue.

Add a WINS server to the DHCP scope options
Add a WINS server to the DHCP scope options

12. Finally, activate the new DHCP scope and make it available to clients by ensuring that Yes, I want to activate this scope now is selected. Then click Next to continue.

Activate the DHCP Scope
Activate the DHCP Scope

Once all of the above steps are followed, you should now see the new scope under IPv4 as shown below.

Review the new DHCP scope
Review the new DHCP scope

Creating a DHCP Scope with PowerShell

If you’re not a fan of the GUI or simply need to automate DHCP tasks, look no further than PowerShell. Let’s now cover the same process as just performed via the Server Manager, only this time with PowerShell.

Assuming you’re at the Windows desktop of a test DHCP server:

1. Open Windows PowerShell as administrator.

2. Run the Get-DhcpServerv4Scope cmdlet to find all existing DHCP scopes.

As you’ll see in the below example, this server only has the scope that you’ve created using the GUI in the previous steps.

Use PowerShell to report all of the available DHCP scopes on the server
Use PowerShell to report all of the available DHCP scopes on the server

3. Run the Add-DhcpServerv4Scope cmdlet to create a new DHCP scope. Since this cmdlet has many parameters, save time by defining each parameter in a PowerShell hashtable and using splatting to pass all parameters to the cmdlet.

This cmdlet will create a DHCP scope called Head Office Wireless Scope that, when activated, will hand out IP addresses 10.1.0.100 – 10.1.0.200 with a subnet mask of 255.255.255.0 with a lease that expires after one day (day.hrs:mins:secs).

# Create an IPv4 DHCP Server Scope
 $HashArgs = @{
     'Name' = 'Head Office Wireless Scope';  # This sets the name of the wireless scope
     'Description' = 'Wireless Clients';     # This is the human-readable description of the scope
     'StartRange' = '10.1.0.100';            # Specifies the starting IP address in the scope
     'EndRange' = '10.1.0.200';              # Specifies the end IP address in the scope
     'SubnetMask' = '255.255.255.0';         # Specifies the subnet mask of the scope
     'State' = 'Active';                     # Activates the scope
     'LeaseDuration' = '1.00:00:00';         # Specifies the length of the lease duration
 }
 Add-DhcpServerv4Scope @HashArgs

4. Now, run Get-DhcpServerv4Scope again to verify PowerShell successfully created the DHCP scope.

Piping output to the Format-List PowerShell cmdlet allows you to see each property name and it’s value rather than a truncated row.

Confirm that the DHCP scope has been deployed
Confirm that the DHCP scope has been deployed

Managing Scope Options

Once you’ve created a scope, you can modify any attribute you’d like. Microsoft DHCP has an area specifically called Scope Options which allows you to change some common DHCP attributes sent to DHCP clients.

Let’s now walk through the available scope options and cover their affect on your clients.

While in the DHCP MMC:

  1. Click on Scope Options under <server name> —> IPv4 —> Scope [X.X.X.X]. In the screenshot below, you can see the scope previously created. Here you can see the Router, DNS Servers, and DNS Domain Name that this scope will hand out to DHCP clients.
Reviewing the DHCP Scope Options
Reviewing the DHCP Scope Options

2. Right click on Scope Options and choose Configure Options to navigate to the Scope Options box to change these options.

Configure a new DHCP Option
Configure a new DHCP Option

3. Scroll down the available options under the General tab. You’ll see dozens of options that the DHCP server can assign to clients.

If you have a specific setting that is not available to you by default, you’ll need to follow the vendor’s specific information using the Advanced tab to create a custom Option.

Review new DHCP Scope Options
Review new DHCP Scope Options

4. Perhaps you forgot to add one of your DNS servers. Find the 006 DNS Servers option, enter it’s IP address, click Add, and OK. This tutorial will be using the IP address of 10.0.0.5.

Add a new DNS Server to DHCP Options
Add a new DNS Server to DHCP Options

Once you click OK, Windows will then validate if DNS services are available on your provided IP address.

Validating a new DNS Server
Validating a new DNS Server

5. Return to the main screen and review the Options pane. You’ll now see two IP addresses listed under 006 DNS Servers.

Confirming the DNS Server Option is available
Confirming the DNS Server Option is available

DHCP Leases

An important part of DHCP is the lease. A device is known to “lease” an IP address from a DHCP server for a certain period of time (lease time).

Network administrators typically configure DHCP servers to lease IP addresses based on different use cases. For example, for devices on a wired connection that rarely leave the network, administrators may assign a longer lease time like eight days. If the device never leaves the network, it’s not efficient to go through the lease renewal process.

On the other hand, if a wireless device roams on and off the network several times a week, administrators may assign a shorter lease period (12-24 hours) to save available IP addresses for other devices.

While in the DHCP console, you can find all current leases in <server name> —> IPv4 —> Scope [X.X.X.X] —> Address Leases as shown below.

Once on the Address Leases window, you’ll see each IP address that the DHCP server has assigned along with the Lease Expiration date.

Managing DHCP Address Leases
Managing DHCP Address Leases

Setting the Microsoft DHCP Lease Period

Let’s now discover how to set the DHCP lease period at the server level for DHCP clients.

While still in the DHCP console on the DHCP server:

1. Find the scope containing the IP address pool you’d like to look at, right-click on the scope name, and select Properties.

Display the properties of your DHCP Scope
Display the properties of your DHCP Scope

2. Within the Properties window, you’ll now see a Lease duration for DHCP clients. This setting is the DHCP lease time for all IP addresses in that scope.

The default DHCP lease period on Microsoft DHCP servers is eight days, but it can be updated to any period of time to suit the business needs.

Show the DHCP Lease properties and the DHCP Lease duration
Show the DHCP Lease properties and the DHCP Lease duration

3. Click Cancel to close the Properties box.

Finding Assigned DHCP Lease Times

DHCP services can only assign one IP address per device. How does the DHCP server know when it can re-use an IP address in the pool? The DHCP lease time.

If a device doesn’t renew its dynamically assigned IP address within the lease time, the lease expires and is available to other devices to lease.

How do you actually discover the lease time on a device? Unfortunately, each operating system (OS) has a different way of exposing the DHCP lease time. This tutorial will cover how to determine lease time on Windows 10.

In Windows 10, you see your DHCP lease time on the command-line either with the command prompt (cmd.exe) or PowerShell. This tutorial assumes you are an IT pro so let’s use PowerShell.

To find a Windows DHCP client’s lease time, on the Windows client console, open Windows PowerShell and run the ipconfig /all command.

lease time from windows 10
lease time from windows 10

You’ll see the time the lease was made (Lease Obtained) and when it expires (Lease Expires). The Lease Obtained field is the exact time the DHCP server assigned the IP address to this device. The Lease Expires field indicates the time the device will ask the DHCP server to renew its lease.

Subtract the Lease Expires value from the Lease Obtained value and you have your DHCP lease time.

DHCP Address Pools

Once you’ve configured the scope, you already have an address pool. The address pool is the range of IP addresses the DHCP server will assign to clients in a lease. Let’s navigate through the address pool already set up.

Updating the Address Pool

IP address scopes are not fixed in stone. It’s inevitable that after some time you’ll need to expand the address pool to allow more devices to connect to your network. Rather than creating a new address pool, it’s often easier to expand an existing pool. To do that:

1. Right click on <server name> —> IPv4 —> Scope [X.X.X.X] and click on Properties to open the Scope Properties configuration wizard.

Update the DHCP address pool
Update the DHCP address pool

2. Update the fields to increase the range of IP addresses for your existing address pool so that more addresses are available for any future allocation. Once complete, click OK.

Expand the DHCP address pool
Expand the DHCP address pool

3. Click on <server name> —> IPv4 —> Scope [X.X.X.X] —> Address Pool to bring up the address pool. Notice below that it now shows the expanded Address Pool in the scope.

Confirm the new DHCP pool
Confirm the new DHCP pool

Adding Exclusion Ranges to the Address Pool

Imagine that you need to create a small list of IP addresses within the address pool that are not assigned to any new devices on the network. Exclusion ranges are how you’d achieve this.

Assuming that you still have the DHCP console open:

1. Click on <server name> —> IPv4 —> Scope [X.X.X.X] —> Address Pool to bring up the address pool.

Review the Address Pool
Review the Address Pool

2. Right-click on Address Pool and click on New Exclusion Range to open the Add Exclusion wizard.

Add a new exclusion range to your DHCP address pool
Add a new exclusion range to your DHCP address pool

3. Complete the fields to create a small range of IP addresses within your existing address pool that will not be included in any future allocation of leases. Once complete, click Add.

Add the IP addresses to be excluded
Add the IP addresses to be excluded

4. Back on the DHCP console, refresh the screen and note that the exclusion is now in place.

Confirm that the addresses are now excluded from the DHCP scope
Confirm that the addresses are now excluded from the DHCP scope

At this point, whenever a new device connects to the network, your DHCP server will not lease an address from within this exclusion range.

DHCP Reservations

IP addresses are, by their nature, dynamic. Most of the time this is OK as you typically don’t care what the IP address of your PC is. Occasionally you’ll need to manually specify the address of a device such as an admin laptop or a printer.

When you need to statically assign an IP address to a particular device, use a DHCP reservation.

Adding Reservations

Let’s start out by adding a reservation to a scope previously created. While in the DHCP console on the DHCP server:

1. Select <server name> —> IPv4 —> Scope [X.X.X.X] —> Reservations to open the Reservations window. You’ll see no reservations exist.

Managing DHCP Reservations
Managing DHCP Reservations

2. Right-click on Reservations and then choose New Reservation to open the New Reservation input box.

Creating a new DHCP Reservation
Creating a new DHCP Reservation

3. Complete the fields with details that are relevant to a device you’d like to assign a “static” IP address to.

  • The Reservation name – This name is commonly as a hostname for the device or other identifying attribute.
  • The IP address to reserve for the device.
  • The MAC address of the device

Find the MAC address of a device from either the label that is on the back, or by using these methods.

  • The Description – Be sure to make sense here so that other administrators can understand what this reservation is for.

Once complete, click Add.

Information for a New Reservation
Information for a New Reservation

4. Back on the DHCP console, refresh the screen and note that the reservation is now in place.

Review the New DHCP Reservation
Review the New DHCP Reservation

At this point, when the device that has the MAC address you’ve provided in the reservation goes through its DHCP lifecycle, it will be assigned the expected reserved IP address.

Removing Reservations

As part of the general lifecycle of devices within your organization, you’ll occasionally have to retire old devices, some of which will have DHCP reservations.

Assuming you’re still in the DHCP console, removing DHCP reservation requires a right click on the reservation and clicking Delete.

Removing a DHCP Reservation
Removing a DHCP Reservation

DHCP Policies

Previously, you learned how to set reservations by MAC address. Although reservations are useful, they don’t allow you to assign addresses or specific scope options based on other criteria. Using a DHCP policy, you can define various conditions a client must meet to assign an IP address.

Using a DHCP policy, you can assign a specific category of devices a different DNS server, default gateway, or TFTP server, for example.

To create a DHCP policy:

1. Right click <server name> —> IPv4 —> Scope [X.X.X.X] —> Policies and click on New Policy to open the Policy configuration window.

Create a new DHCP policy
Create a new DHCP policy

2. Complete the fields with details of the Policy Name and a Description for the policy. Click Next, once complete.

DHCP Policy creation wizard
DHCP Policy creation wizard

3. Click on the Criteria dropdown and notice the many conditions you can check for on a client. For this tutorial, select MAC Address and add a relevant Value, selecting Wildcard.
Click Add, and then OK to move along.

Add condition for DHCP policy
Add condition for DHCP policy

4. Either Add another condition for the policy or click Next to continue.

Combine multiple conditions
Combine multiple conditions

5. Next, add a subset of IP addresses from within your existing range. The DHCP server will assign devices matching the conditions defined earlier an IP address from this range. Once complete, click Next.

Configure subset of IP addresses
Configure subset of IP addresses

6. Now it’s time to define the options the client will receive if it meets the condition. For this tutorial, select 003 Router to modify the default gateway clients matching the condition will receive.

Enter an IP address for the new gateway, click Add and then Next.

Configure settings for the policy
Configure settings for the policy

7. Review the screen and confirm that the details are correct. Click Finish to close the wizard.

Review the new configuration
Review the new configuration

8. Refresh the screen to confirm that the new policy is in place.

Confirm the new policy is in place
Confirm the new policy is in place

Conclusion

In this article, you’ve covered a lot of ground when it comes to DHCP. You’ve learned how to set up DHCP scopes and everything that comes with them. You also learned how DHCP assigns IP addresses and other information to clients.

Armed with all of this new information, you can now confidently tackle DHCP like a champion. How are you planning on using this knowledge?

Subscribe to Stay in Touch

Never miss out on your favorite ATA posts and our latest announcements!

Looks like you're offline!