I recently had to perform the above task and although it has been documented, i thought i would give my view on it and some of the things that seem to be slightly unclear usually.
So you want to migrate DHCP from one server to another (both 2003) maybe for consolidation purposes or to decommission old hardware etc. The first step is to make sure you know the environment, are there multiple subnets, VLAN’s etc, if so chances are you will need to take into consideration the IP helpers for DHCP on the switches (presuming they are layer 3) or routers, these point the DHCP broadcasts in the right direction when looking for an IP address. If these networking points are taken into consideration then the following steps can be followed
- On the current DHCP server run the following command – netsh dhcp server export C:dhcp.txt all
- Move the resulting file to the destination server
- Install DHCP service on the destination server – Start >> Control Panel >> Add or Remove programs >> Add/remove windows components >> Networking services >> DHCP (you may need installation media for this)
- Log onto the destination server with an account that is an Explicit member of the local Administrators group, it cannot be a user account in a group that is a member of Local Administrators (so if on a domain controller which i was, you will need to restart in DSRM mode and use the administrator account this way)
- Make sure that the DHCP service is started on the destination server and then run the following command – netsh dhcp server import C:dhcp.txt all making sure that C:dhcp.txt is the full path to where you copied the file locally
- After receiving the message that the command completed successfully exit the command prompt.
- Using this method of the netsh command migrates the DHCP configuration as well as the current lease configuration which prevents conflicting IP addresses
- You finally must authorize the new DHCP server in AD, This must be done using an account that is a member of the Enterprise administrators group (So if on a DC you will need to reboot normally again to log on with a domain account to do this). You can do this in the DHCP console by Right clicking the server name and selecting Authorize. You should then be able to stop and disable the DHCP server service on the old DHCP server and receive DHCP addresses from the new one!
- Note – If on a DC and you cannot remember or do not have the DSRM password documented you can change it easily from the Command Prompt on the DC by:
- Start >> Run >> ntdsutil >> Ok
- Type Set dsrm password null and press Enter
- Type Reset password on server null and press enter
- enter and confirm the new password
- null indicates it is the local server you are changing this password on, if it was on a remote server you wanted to change the password then you would replace ‘null’ with the server name e.g. ‘set dsrm password server1’