Monday, May 18, 2009

Set up a DHCP Server

Original Post

Alright, in this walkthrough we are going to install a DHCP server on Windows 2003. Most of you may already have an DHCP server offered by a small router, or even a larger one, but you might want to use the one built into Windows 2003 because its easier to control one location (in a smaller Active Directory network) with most of the essential services. I am going to install DHCP services on the same system (I used in the other walkthroughs) as my Active Directory, DNS, and Certificate Services.

First things first, if you have any clients using DHCP on there computers and they are getting the addresses from the router, you will need to power off the clients (its easier to do it now, then clean them up later) and then login to your router (or device that is currently distributing DHCP addresses to clients) and disable the DHCP services.
Once you have the DHCP server disabled, we can work on the server.
Go to; Start -> Settings -> Control Panel -> Add / Remove Programs
On the left click Add / Remove Windows Components and in the list of components select ‘Networking Services’ (do not check the checkbox next to it, just select it) and click on ‘Details’. In the new window check the box next to ‘Dynamic Host Configuration Protocol (DHCP)’ and click ‘Ok’ then click on ‘Next’ in the Windows Components Wizard dialog window. Windows 2003 will copy files, you may need your CD in the drive.

Now that DHCP is installed, lets configure it.

Go to; Start -> Programs -> Administrative Tools -> DHCP

You should be faced with the familiar tree view. On your left expand (server name). You may have an red arrow pointing down on the server box icon next to the (server name). This red arrow means the server has not yet been authorized in Active Directory. Lets do that now, right click on (server name) and choose ‘Authorize’. Give the server a few minutes and the DHCP server will be authorized in Active Directory. Close the DHCP Configuration Console and re-open it.

Go to; Start -> Programs -> Administrative Tools -> DHCP

To re-open the console, expand the (server name) and a green arrow should now appear next to the (server name).

Right click on (server name) and choose ‘New Scope’. Click ‘Next’ in the first window, and then you will be asked for a Name and Description for this DHCP Server. In the name you can put anything, but I will use ‘Testing Walkthrough DHCP Server’. I am going to leave the description blank and click ‘Next’.

Now you will need to enter your start IP Address and End IP Address. You can get these from the previous device that did DHCP on your network or enter some new ones. Just make sure that your server is in the same subnet as your new addresses. So, since my server is I will use ‘’ as the Start IP Address and ‘’ as the End IP Address.

You can leave the ‘Length’ and ‘Subnet mask’ defaulted and click ‘Next’. You should now be presented with the ‘Add Exclusions’ since we should have none at this stage, choose the defaults (none) and click ‘Next’.

Lease Duration is our next page, leaving this at default is good, so just click ‘Next’. You should now be asked if you would like to Configure DHCP Options. We like options, so click ‘Yes’ I want to configure these options now’ (it’s the default) and click ‘Next’.

Router (Default Gateway) page; Enter the IP Address of your router to get out to the internet, im going to use in this walkthrough. You can get your default gateway from the IP address properties on this server if you have internet access from this machine (you should if you did the other walkthroughs correctly).

You can get your gateway by going to; Start -> Run type in ‘cmd’ and click ‘Ok’. Then at the command line type in ‘ipconfig’ and read the line that says ‘Default Gateway’. Enter it in the Router (Default Gateway) part of the DHCP Options and click ‘Next’.

Now we get to configure our Domain Name and DNS Servers. In the ‘Parent Domain’ box type your domain suffix. We used this in the other walkthroughs about Active Directory and DNS.

Examples would be like…



Now that you put your Parent Domain in the box, enter the DNS servers IP Address in the ‘IP Address’ box and click ‘Add’ or you can type the servers name and click ‘Add’. If you are installing this DHCP server on your Active Directory server we setup in the last walkthroughs then you can just use the servers IP Address as the DNS server to give to clients, since its what should be done anyway, so the clients find the Active Directory server using DNS.

Click ‘Next’ when your done with this page…

The next page contains WINS, we don’t use WINS anymore so just click ‘Next’. (WINS Sucks…..)

Now you will be asked if you want to activate this scope, choose ‘Yes’ and click ‘Next’ and then ‘Finish’.

You may now turn your clients back on, they should now get addresses from the DHCP server running on your Windows 2003 Box.

(You may also need to run ‘ipconfig /renew’ on some clients if they don’t get an address from the server after the reboot.)

Installing a certificate server

Original post

In this tutorial we will setup Certificate Services on a Windows 2003 server. I am going to use the same server as I did with the Active Directory; Windows 2003 walkthrough, so my installation will be with an already completed Active Directory Domain. If you do not have Active Directory, I recommend you do before using Certificate Services, as they do like working hand-in-hand.

First, let’s load up our server and login as the Administrator. When we are at the desktop, let’s to go Start -> Settings -> Control Panel then open ‘Add / Remove Programs’. On you’re left click on ‘Add / Remove Windows Components’. When it is fully loaded, find ‘Certificate Services’ in the list and check the checkbox next to it. A pop-up dialog will come up informing you that you cannot change the name of the machine and such when you have become an Certificate Authority, so click ‘Yes’ then click ‘Next’.

Now we are given the opportunity to choose what type of CA (Certificate Authority) we want to setup. Since this is a clean install of Windows 2003 and we don’t have any certificate servers I am going to choose the default, ‘Enterprise root CA’ and click ‘Next’.

We now have to enter Identifying Information for this CA. In the Common Name box, put a short name to describe your network or a company name, for my purposes in this document I will use Testing Walkthrough as the ‘Common name for this CA’, and click ‘Next’.

The next area you will have to configure is the Certificate Database Settings, since these are just places to store files; the defaults are good for us. Let’s continue, click ‘Next’.

Windows should start copying files, and you will probably need your Windows 2003 CD in the drive to continue.

During the copy, you may come to a popup stating that Internet Information Services is not installed on this computer, and that we will need it for Web Enrollment Support. Since I think this is usually a good system to use (Web Enrollment) lets do just that.

Click ‘Ok’ on this dialog and let Windows finish the install of Certificate Services, when it is complete you will be able to click ‘Finish’ to close the Windows Components Wizard.

You should now be back at the Add / Remove Programs window and you can once again click on ‘Add / Remove Windows Components’. In the list select Application Server (do not click the checkbox next to it) and click ‘Details’. In this second box choose ‘Internet Information Services (IIS) and it will choose ‘Enable network COM+ access’ for you. Click ‘Ok’ then click ‘Next’ on the Windows Component Wizard. Windows will now copy files from the CD and finish that installation.

Once the Window that is installing the components disappears you can close any other windows that are open, and return to the Desktop.

Let’s check our settings now…

Open; Start -> Programs -> Administrative Tools

You should have some new items! Internet Information Services and Certification Authority.

Open Certification Authority. On the left you will have the normal tree view, click on the item you named your CA when setting up the CA. Mine was ‘Testing Walkthrough’ under here you should have a ‘folder’ called ‘Issued Certificates’, click on it and on the right you should have at least one issued to the CA itself.

Most of what the Certificate Server does it automated through IIS and Active Directory. So, your job is done. Close all Windows and logout.


Tuesday, April 21, 2009

It has been a while

I just wanted every one to know I am still around...just been busy with another project. Sharepoint is still on my mind but a co-worker and brilliant programmer introduced me to NHibernate and it really altered my thinking. I hope to have some new posts for SharePoint in the coming months but I will also be adding other content to this blog that I hope readers will appreciate and learn from .