Join Mike Danseglio for an in-depth discussion in this video DHCP overview and installation, part of Windows Server 2012 Active Directory: Network Services.
- If you have more than one or two computers in your network, going around and touching each machine to statically assign an IP address becomes time-consuming and also is a basically a waste of person hours. Because we have services in our environment to allow us to dynamically assign those IP addresses. That service that allows us to configure those IP addresses is referred to as the Dynamic Host Configuration Protocol or DHCP for short. In this session we'll be looking at an overview in the installation of the DHCP server service on a Windows Server 2012 server.
So first of all, all right, what are we gonna be looking at in this session. We'll be looking at what are the problems that we've had in the past with statically assigning IP addresses. We'll also be looking at then the benefits of using a service such as DHCP. Microsoft's implementation of DHCP is an industry standard. It conforms to the RFC for DHCP so, it works just like a Unix, Linus Red Hat or a Cisco DHCP server. We'll look at what happens when the process actually works.
What is the steps that we go through. We'll also look out what happens when it doesn't work. We may run into a situation where our DHCP server may be offline or we may have a computer that's in a network segment that it can't talk to the DHCP server. What happens when it doesn't work and how can we recognize that it didn't work? And then we'll finish up the session with looking at the installation and authorization or authorizing that DHCP server. So to begin with, the problems. As I mentioned a few moments ago if I have three, four, five computers in my environment setting down each one of those machines and using our kids here and their parents as to manually configure an IP address isn't that big of a deal.
But if you take that time of 15, 20 minutes that it takes to do that, to go to the machine, set down the machine, configure it, test it, get off the machine and walk away, if I multiply that times 10 machines, 100 machines, hundreds of machines, thousands of machines that's a lot of hours spent in configuring the TCP/IP address. The other issue that we run into is we're not manually configuring IP addresses with these eight little kids and their parents. We run into situations where we could actually transpose the numbers. Let's say for instance we want to give an IP address of 172.16.10.132 and that's the address I want to give the machine.
And I sit down at the machine, I typed in 172.16.10.123. And I instantly get an IP address conflict. First of all, that's bad. That means that the computer that I'm now setting it can't communicate on the network. Possibly, depending on what other type of machine may have that IP address, you may just knock that machine off the network also. So if that machine were a domain controller or a file server or a web server or some other type of server inside your network you may just knock that server off the network.
The issue we run into is we typed that one, two, three. We look at the piece of paper it says 132, we look at the screen it says 123, we look at the piece of paper 132. We can go back and forth looking at those for quite a long time and not realize that we transposed that two and that three. Until usually a couple things happen. We get up, we walk away, we take a deep breath so we don't have that bad day incident, that video that float around the internet for years, I'm sure you guys have all seen it, right? Where the guy sits there beats up the keyboard with his hand, he knocks the monitor off the desk and then goes around and kicks it.
We don't want to have a bad day incident. So we get up and we walk away. We get a deep breath, we get a cup of coffee, we walk outside, whatever. We come back, we sit down the computer and go ah, there it is. How did I put 123 in it? Why didn't I see that before? Or we call somebody else on we say, "Hey, what's wrong with my configuration here?" They've got, you got 123 there instead of 132 and you're like oh, wow! Thanks and you correct it. So those were usually the big issues that happen. The other problems that we had was we never ever document it, right? And it was basically, it was just a pain.
You had to have a spreadsheet, you had to make sure that you kept documentation of what IP address is with what machine, what MAC address did the machine have, what was its name. And it was just something that we all went (puffs) and then it was never done. So we never really documented. So that also added to the administrative overhead of trying to figure out who had what IP addresses and where were they at. The advantage of DHCP is all those issues I just talked about virtually go away. All of our IP address even, all the configuration of that IP addressing is all gonna be done dynamically.
So when a computer turns on the computer will get its IP address, it will get its subnet mask. If we configured the options you'll get the gateway address, you could get the DNS server address, the WINS server address. Every piece of configuration that you can configure in the TCP/IP settings will now be configured through that response from the DHCP server. For the most part, conflicts go away and you're saying to yourself, "Rick, what do you mean the conflicts "for the most part go away?" DHCP by default does not do any type of conflict resolution.
So, if Sam, you were to create a server with a DHCP address and set of pools and Mike you were to do the same thing, if you both or your computers are on the same network segment the two of you could be handing out IP addresses out to the corporate network and you're gonna end up with possibly an IP address conflict. It will be pure luck if the two machines or the two servers never handed out that conflict because we don't do conflict resolution. So that could still happen if we're not being astute with configuring the DHCP server in their pools.
We also get inherent, inherent, this is cool. Inherent automatic record keeping. If I go to my DHCP server, I go to the pool or the scope, I go down to the leases. I can look in the leases it will tell me what computer got the lease, what its IP address is, what its name is, what its MAC address is, when the lease was acquired and when the lease is due to be re-leased. So all that information is gonna be automatically maintained for me.
That burdens off for me so that means I can go home earlier. I can go ride my motorcycle early. I don't have to worry about going configuring all those IP addresses. So how does this work when the process actually works? Let's assume for this demonstration we're in a single network segment. We don't have any routers in the environment. We have a different situation occurs when we have a router and we'll discuss that a little bit later but for now, let's assume we don't have any routers whatsoever in our environment. So what happens is when our client computer turns on and this is our client computer over here.
When our client computer turns on it's gonna broadcast. Yes, I said that B word. It's going to broadcast looking for an IP address. It's gonna go, "Hey, is there anybody out there "that's got a DHCP server service running? "I need an IP address." Well, how does the DHCP server now first of all that A, it's a DHCP server and B, it's supposed to respond to that request? That request is gonna be made on Port 67. The only computer in the environment that's gonna have Port 67 open will be the DHCP servers.
So these other six computers that are set in here don't have Port 67 open so when that packet goes all the way up through the, well I'm gonna say a really, really bad term here. All right, don't cringe too bad on me and don't run out the door. The OSI model. Remember that? The Open Systems Interconnect. At the application layer of the OSI model is where all of our ports reside. Where all the application reside. On these other six machines here the OSI model has Port 67 closed or Port 67's closed because they're not DHCP servers.
So as a result, when that packet gets up there it looks at it and goes, oh, Port 67's closed and it tosses the packet away. These other two machines sitting out here on the far end of my network have Port 67 open. These two machines are going to be my DHCP servers. I have two of them on the network. So what will happen is is both DHCP servers will receive that request and it will broadcast out on the network back to the client.
Well first of all, how does the client know that it's a DHCP offer coming back. It's gonna be broadcast on Port 68 back to the client. And again, these other machines that are in the corporate network when that packet gets up to the application layer of the OSI model, the application layer of the IO manager. It goes, oh, Port 68 is closed, it discards the packet and the only machine that's gonna have Port 68 open will be this machine out here that initially requested the IP address from.
Then what will happen is, is my client will then broadcast back out. Again on Port 67 thank you very much for that IP address. When I broadcast back out thank you very much for the IP address, I'm gonna include in the packet what IP address I selected. As a result if I had these two DHCP servers in my network, one knows what IP address, they both know what addresses they issued to you or offered you.
One of them will not be the address that you took. So as a result, if I did not take the address from this machine here it goes oh, you didn't take my IP address. It puts it back into its scope of address where it's pulled the addresses. The DHCP server that took the address from goes oh, you took my address? It's then gonna broadcast back out on Port 68. What's referred to as the DHCP Acknowledgement. In the Acknowledgement it will include things like your gateway address.
It will include your DNS server address, it will include your WINS server address if you're using WINS. It will include your netBIOS node type if you're using netBIOS server TCP/IP. It could include your PXE server address, all right? All the different types of options that could be configured in the DHCP server which we'll look at a later time will be sent out as part of that acknowledgement. The other two components that are very, very important in the acknowledgement is is the lease period. The DHCP server is going to lease you that address So you have to be told how long that lease is because you're gonna have to come back and renew your IP address at whenever that lease is up.
So, that's also gonna be part of the acknowledgement. So, when we're looking at this, all right, I used a couple terms, all right. Discover and offer in a selection. Depending when you're talking to someone in the DHCP environment you may hear the term ROSA or the term DORA interchangeably. Kind of like sometimes you'll hear the term a Ford and a term car and the term automobile intermingled, right? I drive a Ford or I ride in a car or I'm gonna take the automobile to the store.
For me personally, that's not in my vocabulary, all right? You guys all know that I'm a diehard motorcyclist so for me it would be Harley Davidson, Harley Davidson, Harley Davidson or motorcycle all mean the same thing. But when you're looking at this, DORA and ROSA could all mean exactly the same thing. DORA stands for the DHCP and discover packet. That packet coming from the client machine. It can also be known as the DHCP request packet.
Both of these are going to occur on Port 67. These are coming from the client. From the server back to the client it's going to be on Port 68. That's gonna be the offer. So whether we're doing DORA or we're doing ROSA, it's always the offer. Going from the server to the client, going from the client back to the server. On Port 67, we have if you're doing DORA it's called the DHCP request packet.
If you are just talking DHCP acquisition process a lot of times they refer to as the selection. And then finally going back from the DHCP server, back to the DHCP client you have the acknowledgement. So from the client to the server it's always in Port 67. From the server back to the client it's always on Port 68. So again, we have DORA. Don't confuse DORA with the Dora the Explorer. And we have ROSA. We have DORA and ROSA. Those are the two different terms you're gonna hear when you're talking to someone when you're talking about DHCP.
Normally DORA is someone that's doing network analysis because that's the name of the packets. Now when someone's talking about the process they usually use the term ROSA. So, what if this doesn't work? What if the DHCP server doesn't work? Well first of all, we have our DHCP client. Our DHCP client is gonna broadcast and the DHCP client is going to broadcast on the network going, "Hey, is there a DHCP server out there anywhere? "I need an IP address." Well if the DHCP server does not respond let's do this.
Let's say it does respond. I'll configure myself with whatever IP address the DHCP server gives me. Now I say whatever address it gives me. If the DHCP server has been built and there's not been any pool of addresses put into it it's kind of like if you watch Seinfeld and you had the soup kitchen, and you had the guy in the soup kitchen, "I have no soup for you today." If I've turned and I built the DHCP server but I've not put any addresses in it for handing out, the DHCP server will come back with I have no address for you and we'll issue you a 0.0.0 address.
I don't have one to give you. If I am in another network segment and the DHCP server has not been configured with the scope of addresses for my segment and I get to that server, it will also give me a 0.0.0 address. So I'll be either issued an address from this server or 0.0.0.0. If it doesn't respond and by the way, one of the things it does which is kind of interesting, everything in IP is in three's. Everything we do is in three's. I go and I try to connect a machine it's the one back and forth a three-way handshake.
When I try to resolve to somebody it's always I try three times before I go to the next name resolution process. The same thing here is if I go to the DHCP server and go, "Hey "is there a DHCP server out there anywhere?" And the DHCP server doesn't respond I'm gonna wait two seconds. I broadcast again. If it doesn't respond I wait four seconds. If it doesn't respond I broadcast again and then I wait eight seconds. So there's gonna be some time here that's going to lapse. This is not gonna be immediate so it's gonna be two seconds, four seconds and eight seconds.
If after that third attempt the DHCP server doesn't respond I'm then gonna come down and look to see if there's been what's called an automatic or an alternate IP address configured. So the question comes up is what do you mean by an alternate IP address? I'm gonna go forward just a little bit to clear this slide out. But if I come down here to this computer here and I bring up its networking configuration, the networking sharing center, and I just come into my TCP/IP configuration, for IBV4.
This computer has been configuring an IP address automatically. Notice with the address being configured automatically there's this thing that says alternate configuration. If I do this, notice alternate configuration goes away. What an alternate configuration is if I have let's say a user with a laptop and this user travels from a corporate headquarters where we've got a DHCP server, they traveled at nine out of 10 of the remote offices they go have a DHCP server. They go to a hotel for a conference. They go home, they go to a tech ad or tech mentor or a conference like that.
There's a DHCP server. But let's say they go to this one remote office. And let's say at this remote office there's only two or three servers and as a result we've determined that it doesn't want to have a DHCP server there. The two or three computers that sit there can all be statically configured. So when that user goes there with their laptop they're not gonna get an IP address because there's no DHCP server. They're gonna end up with what happens when nothing's configured. So what we can do is we can come down here where it says alternate or user configuration.
We can actually configure in here an alternate IP address for when they take their laptop and they go to this remote location they can use the IP address that's configured here for their computer so they can connect to resources while they're at that organization. They can get to the internet while they're at that organization or that facility or whatever. Notice the radio buttons. We're either using alternate configuration or we're not. And notice if we're not using alternate it's automatic private IP address. Remember that alternate private IP address. We're gonna see that again here in just a few moments.
So again, because it is IP, I'm gonna attempt three times to try to look to see if there's an alternate configuration. If there is an alternate configuration I'll configure myself with whatever that alternate configuration is. If there is not an alternate configuration I'll then come out and look at what's called a APIPA. Automatic Private Internet Protocol Address. What I just showed you on that tab.
APIPA is 169.254.X.X. It's a class B address which means there's 65,534 possible combinations for these last two octets. That's gonna be very, very important because when we attempt to get an IP address we're gonna randomly generate this last two octets and if those are gonna be in use then I'm going to regenerate two new address or two new numbers.
If they're in use I regenerate two new numbers. But here's what's interesting. If I generate this APIPA signed address and no one is using the address, I will assign myself that address for 10 minutes. At the end of 10 minutes, I start the entire process all over again. Maybe the DHCP server is rebooting, maybe just got updates. Someone did updates outside of a prescribed maintenance window or maybe the DHCP server was restarted for whatever reason or someone kicked the cable out.
What happened in a facility I was at, the cleaners came in during business hours and they needed an outlet, so they unplugged a power plug to plug in a vacuum. It turned out to be the power plug to the UPS which UPS didn't realize the batteries were dead and the UPS when wham. And since it went down the DHCP server went down. So as a result, no DHCP server handing out addresses. We actually found out that our UPS didn't have good battery in it.
So it turned out to be a good thing. So, we'll get this APIPA signed address but if I go out and I attempt this 10 times, and 10 times in a row I get exactly ... Someone comes back and says, "I'm using that address." Or the next time I'm using that address or the next time I'm using that address, the next time I'm using that address. And ten times in a row someone says they're using that address, fine. I'm gonna go sit in the corner, I'm gonna drink my coffee, I'm gonna pout and you can't talk to me.
I can't talk to you, I don't have an IP address. Leave me alone. And I pout for two whole minutes. At the end of those two whole minutes I will start this entire process over again. During that two-minute period, all right, if I were to do an IP config on the computer that's in its pouty fit face, we'll have a blank dot blank dot blank dot blank IP address. There's only two ways to get that IP address.
A user released the IP address and has never renewed it or I'm in my two-minute pouty face because APIPA attempted 10 different addresses and 10 different times it got to say someone said they're using it. Folks, if this happens it's time to play power ball. It's time to go to Vegas. It's time to play the lottery. So if you think about this, this is a one in 65,534 chance that you're gonna see that.
Because 10 times in a row you generated a number randomly that someone else was using. I've been in the industry since APIPA before APIPA was every generated. APIPA came about in Windows 98. I've never ever seen an APIPA signed address that gave me blank, blank, blank, blank as a result of the addresses being used. It's virtually impossible but it's there. It's virtually impossible. So this is what happens, all right? Again, two-minute pouty face and then I come back and I start to process all over again.
That's if it doesn't work. The lease renewal. Once I've got that IP address, one of the part of the acknowledgement was is I have to renew the IP address. So what happens is whatever the renewal period is at 50% of the period my client machine is gonna broadcast on Port 67, "Hey I want to renew my IP address." And if there's only the DHCP server that offered me the address, it's the only DHCP server that can respond back to me with here's your renewal.
Once I renewed the address, I'm now good for whatever the lease period is again and then 50% of that lease I'll come back and renew. If this DHCP server did not respond at 87.5% of the lease period I will come in, I will broadcast again. I will renew my IP address. Again, maybe the server was offline. Maybe the server was doing updates. For whatever reason it didn't respond.
So the 87 1/2 spot I will attempt to renew again. If for whatever reason the 87 1/2 spot I don't renew, I will go out every two minutes until 100% of my lease has been expired or used and at which point I will release the IP address and I'll attempt a new IP address. That's the process of a renewal. Microsoft's default renewal or default lease period for Server 2012 is eight days. So at 50% of the lease which is four days I'll attempt to renew and I'll attempt to renew again on day seven if I don't renew on day four.
So, how do we install the DHCP server role? First of all, the DHCP server role can be installed on any server product. Any server product. Both a graphical version of the server or a core version of server. If I'm going to install the server on a core box, I can install it using PowerShell and then I'm going to maintain it using the netsh command, the netsh command. If I install it on my graphical machine I can install it using server manager or PowerShell and then I can administrate it with the DHCP console or with the netsh command.
We also have to have administrative rights just like anything else we install on any Microsoft machine we have to have administrative rights. It's the same thing if I install it on my server for DHCP. So let's go into my server here. And on my first server here I'm gonna go to my server manager. And I had DHCP on here a few minutes ago, I remode it so I'll go ahead and just clear that result.
I want to install DHCP so I come under my manage. Come down to add and remove features. Again, in server manager they're gonna ask you, make sure you have administrator account with a strong password, statically assigned IP address. Make sure your updates are turned on and your machine is up to date. Next, I then get asked am I installing a role or feature and one of the changes Microsoft made in server 2012 from server 2008 and 2008 R2 is roles and features were installed separately in those operating systems.
They're now installed as one line item in 2012 but the thing they added in 2012 is the ability to configure this server to support the virtual desktops or VDI. We're not going to be doing VDI, we'll do role or feature-based, hit next. The other cool thing that we've done in Sever 2012 is in previous operating systems, if you want to install a role or feature on that box you had to go touch that machine. Or you had to do it through a remote desktop session. I cannot install roles and features through server manager on previous operating systems. In Server 2012, I can actually over here create a server pool, and once I create the server pool and server manager, I can then when I'm inside the add roles or features wizard, I can select other servers or an entire pool of servers and add the same role and roll of them at the same time.
So let's say for instance I was configuring a web form. I can install IOS on six, seven, eight machines at the same time. I hit next. I then come down, I will choose DHCP and it's gonna ask me if I want to install the RSAT tools. If you choose not to install the RSAT tools, the DHCP installation will actually stop. So we'll go ahead and install the RSAT tools specifically for DHCP. We'll hit next. We'll then get asked are there any features you want to install? And we're not gonna install any additional features currently.
So we hit next. It gives us the options and tells us exactly what we're installing. We get our confirmation on what we want to install and we click install. Now what we can do is we actually can now come in here and we can actually close this. And what will happen is is when the installation is done we will get a prompt up here, our notification box will go yellow. When the notification box goes yellow it will tell us that DHCP has been installed and at the same token, it will tel us that we need to confirm the installation so it will create the DHCP admins group and the DHCP users group.
So while the installation is running on this computer here, I'm gonna go over here to my server two and we're gonna install DHCP on this server also but on this server instead of using a graphical interface I want to use PowerShell. So, I'm gonna click on the PowerShell icon and I'll go and go to the root of the drive to make it a little bit easier to see. If I want to get a listing of what features have been installed on this computer already, get dash windows the feature and then I'll do my tab complete and hit enter.
This will show me all the features that are installed. So if I scroll up here, any role or feature that's got an X on it has already been installed on the machine. One of the things I want you to point out right off the bat is if you're familiar with the add dash Windows feature or the get dash Windows feature or the remove dash Windows feature in Server 2008 or 2008 R2, we no longer highlight what's been installed with green. We don't change the color by default. It stays the white on the blue background.
If I scroll up, one of the reasons why I want to come in here is when I use the add dash Windows feature, I have to know the argument for installing the Windows feature. So here's my DHCP server and I want to install it, my argument's gonna be DHCP. That's pretty obvious. The DHCP server, DHCP. What might not be obvious sometimes is for instance, let's say I want to install the file server role. I want to make this machine a file server. I want to be able to share resources on it.
Because remember by default, no roles or features are installed on this server by default. If I want to be a file server it would be add Windows feature space file services. That one makes kind of sense but look at some of these others. If I want to do DFS, it's FS-DFS-namespace or if I were doing an IS server and I only want the web services. I have to browse that and look and see what the actual argument is for installing that service. So for us here in this demonstration we're just gonna go down.
Maybe. Let's open this back up. CD backslash. And we're gonna do an add-windows feature and also I do the tab. My tab complete doesn't want to work now. Add-windowsfeature. I'll spell Windows right. That's why tab complete wasn't working. Still not spelled right.
Remember what I said about these little kids and their parents. They don't always want to pay attention. DHCP, hit enter. And notice now it's installing the DHCP server service. And again, this will automatically will install the DHCP console for me. So let's minimize this. Let's go back to our first server. And notice we now have the gold or yellow notification that something has happened. We click on that and it says post configuration for DHCP.
Complete the DHCP configuration, I click on that. And notice it's gonna ask me do you want to create the DHCP administrators group and the DHCP users group? We'll go ahead and commit the change. And close. It just went out and created two local groups on this machine. DHCP admins and DHCP users. The DHCP users is populated with domain users and (mumbling) authenticated users and the DHCP admins has been populate with domain admins. I've now installed DHCP on this box.
That's all that's involved in the installation. One of the issues you might run into though is if you have a DHCP server in your environment, one of the issues we had back in the days of NT 4.0, someone would take a class. They would then come back to the office, they were given a Windows NT 4.0 server CD. Last night at class or yesterday at class, over the weekend at class, they learned about the Windows NT 4.0 D CD server service. Because they didn't have a computer at home that would support installing the server product on, they'd install the server product on a computer at work.
And then they would want to practice what they learned over the weekend or learned last night so they built a DHCP server, and went and started handing out IP addresses. And if they just happened to make it the same scope of address as the corporate network was using, we ended up with duplicate IP addresses, and people started getting knocked off the network. Or if they didn't duplicate the scope we're starting to get this rouge or bad IP addresses handed out. As soon as they get the word out that someone had a rouge DHCP server on the network, they would shut it down. Well, one of the things we can do to locate the DHCP servers on the network is on a Microsoft download center is a utility called DHCPLoc.exe.
What this allows us to do is it will actually go out, you run it, and they'll come back and give you a listing of all the DHCP service they found in the network segment that the DHCP was running in. Or where I ran the command at. This helps us locate the rouge DHCP servers. If I have non-Microsoft DHCP servers in my environment, this will report them to us. If I have workgroup-based DHCP servers in the environment, a workgroup-based DHCP server cannot be authorized. Only a DHCP server that's running on a computer that's either the member of the domain or a domain controller can be authorize.
To authorize that DHCP server you must be a member of the domain admins group if you're running Windows 2000 or later, or the Enterprise admin group if you're running Windows 2000. So 2003 or later is domain admins. Enterprise admins where the only people who could authorize a DHCP server in Windows 2000. So it has to be authorized. What happens in our network is something that's actually quite interesting is let's say for instance I have my workgroup-based computer out here and its been my DHCP server all along.
And in my environment all of a sudden, all right, here's a domain member and someone installs DHCP services on this domain member. When they install the service on this domain member as a DHCP server it won't hand out addresses. Never will it hand out addresses until it's been authorized. Once it's been authorized by either domain admin or an enterprise admin, it becomes authorized. Then it's gonna go, "Hey! "Is there any other DHCP servers "out there on the network?" This DHCP server is gonna say, "Yeah, I'm right here." And that DHCP server is going to again say, "Are you authorized?" And that DHCP server is going, "What are you talking about?" "Well, are you authorized?" "I have no idea what authorized is." Your DHCP server that's an authorized DHCP server in the domain will use its DHCP system service and it will shut down the DHCP server service on that box.
Whether that's a valid DHCP server in the environment or not, it will shut it down. The issue you're gonna run into now is you can't even bring up the console to bring up the DHCP server to tell it to authorize. If this were a domain-based machine and it was never authorized. First of all, if it was a domain-based machine it would be on deauthorized the moment you brought it up. So you're not gonna be able to authorize it. So the question is how do you authorize the DHCP server? If I bring back up my DHCP console here.
And because this is in a workgroup but I'm not actually going to see the option, if I right click on the server, I've got where it says backup and restore, authorize would be located right here. This is where I would authorize the server. If I want to authorize another server in the environment, I could actually right click on DHCP and there's an option here to manage authorized servers and what will happen is all the other DHCP servers are in the network that are out there that responds will show up here.
Even though they haven't been authorize. I then highlight it, click authorized. Then the other DHCP servers now are gonna be authorized and it will be able to hand out IP addresses. So if you're in a domain environment a DHCP server will not hand out IP addresses until it's been authorized. And it has to be authorized either by domain admin or an enterprise admin. So what have we talked about in this session? We talked about what were the problems we had with statically assigned IP addresses and how we overcame those problems with the DHCP server service.
We looked about how DHCP works and what the process is when it actually works, and what the process is when it actually does not work. We also compared the DORA and the ROSA commands or processes. And then we finished up talking about the installation of the DHCP server service using both the graphical utility and the PowerShell environment, and we talked about authorizing an ... How an authorized DHCP server running in the domain will interact with a DHCP server that's in a workgroup and will shut that workgroup-based DHCP server off.