UPDATE: DCHP Not Authorized Error in MOM
Ran across another situation with yet another fix (3rd fix) for the "DHCP Not Authorized" error we frequently encounter with the DHCP MP. I've run across this error several times, where a DHCP server shows its not authorized and it actually is, and there are a couple of fixes I've used to beat it. 1st fix 1. Make sure in the Onepoint database, Computer table, that the FQDN is populated for all managed computers. If not, open the table in Enterprise Manager and add the correct DNS suffix to FQDN column, and while you're there, make sure the HOST column is populated with appropriate FQDN of the computer 2nd fix If that doesnt do the trick, try the following: I have seen many people have problems with the DHCP MP in the fact that the state script that runs says that a DHCP server is not authorized even though it actually is. I had this problem in my test environment recently even after it was working successfully for months. Anyway, I was able to fix this with a couple of steps and I can't confirm that each step is necessary, but I know that it worked in my case. I originally tried to reinstall the MP, but I still was seeing the same issue. So, I then took the following steps to resolve the issue: 1. In the MOM Administrator Console , add the problem DHCP server into the "Excluded Servers" list for the DHCP Computer Group (2000 / 2003) and commit changes. 2. Run MOMInfo.exe /clearqueue command on the DHCP server having the problem. (MOMInfo is available in MOM 2005 Resource Kit). 3. Remove the problem DHCP server from the "Excluded Servers" list for the DHCP Computer Group (2000 / 2003) and commit changes 3rd fix A 3rd situation popped up a few weeks ago were a user had stale entries in the directory for servers showing as authorized, but that were no longer in service or had undergone a name change, causing MOM to throw the "DHCP not authorized" error. Steps are as follows: assumes you have the appropriate 1. Open ADSIEdit This will remove entries which are actually not listed within Netservices as authorized DHCP server(s) but which show up in the DHCP MMC as an authorized server. |
Comments on "UPDATE: DCHP Not Authorized Error in MOM"
-
Bryan D. said ... (12:39 PM) :
-
Bryan D. said ... (12:40 PM) :
-
Pete Zerger said ... (1:09 PM) :
-
Bryan D. said ... (1:29 PM) :
-
Pete Zerger said ... (1:34 PM) :
-
Bryan D. said ... (4:57 PM) :
post a comment links to this postI am having the same problem. The common denominator I've noticed for all of my servers that are authorized (but MOM is alerting as not authorized) is that they are all listed in the DHCP snap-in as their NetBIOS name while all other servers are listed by their FQDN. Do you know where the DHCP snap-in is pulling its list of authorized DHCP servers? I'm assuming that whichever attribute its pulling from needs to be reconfigured or something and that would clear up the MOM confusion.
Good blog btw, great info.
It's actually pulling from the Configuration partition in AD (referenced in fix 3). The problems often start there.
I would say begin there, and then if it doesnt improve, jump to the DHCP fix that addresses the MOM agent cache.
Yep, the CN for those particular DHCP servers have the 'cn' and 'Name' attributes listing their NetBios name instead of the FQDN. I attempted to edit and update them, but get a 'The attribute cannot be modified because it is owned by the system' error. I had an Enterprise Admin log in and try and perform the update to those attributes and they received the same error.
Back to the drawing board...
Try de-authorizing and re-authorizing your DHCP Server in AD through the DHCP snap-in to see if that resolves the issue.
Hey Pete,
This 3rd fix worked for me. But in my case, I edited a couple of entries in that DHCPRoot folder for some of my DHCP servers that were listed there by their NetBIOS names. I updated them to their FQDN's and I am no longer getting the 'DCHP is not authorized' MOM alert on them! Thanks for the fix on this one!