Tag Archives: server 2012

Configuring external time source on your Primary Domain Controller

Here we will configure your primary domain controller (PDC) to connect to an external source to keep your time synchronized up with the rest of the world.  By changing the primary DC's time source to an external source, the changes will be replicated from the PDC to other clients in your domain; limiting the amount of bandwidth needed to synchronize with an external source.  First, I am going to reference much of the information provided by .  I would highly recommend you check out his blog post as it contains a ton of valuable information on the subject as well as more information/best practicies in regards to keeping time in your organization's infrastrucutre: http://binarynature.blogspot.co.uk/2012/04/configure-active-directory.html

  1. Find out what your primary domain controller (PDC) is for your domain by executing the following powershell commands from any machine in the domain
    1. [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest().RootDomain.PdcRoleOwner.Name
      PowerShell - PdcRoleOwner
  2. Login to your primary domain controller
  3. Open up a command prompt/powershell window with administrative privilegesServer 2012 - PowerShell - Run as Administrator
  4. Execute the following command to configure the domain controller to look at an external time source
    1. w32tm.exe /config /manualpeerlist:"0.us.pool.ntp.org 1.us.pool.ntp.org 2.us.pool.ntp.org 3.us.pool.ntp.org" /syncfromflags:manual /reliable:YES /update
      w32tm config manualpeerlist syncfromflags manual ntp

      1. Notes: You can find the closest time server near you by browsing the following page and clicking on the nearest zone: http://www.pool.ntp.org/zone/@
  5. Execute the following command to actually perform a time synchronization with the external source
    1. w32tm.exe /config /update
      w32tm config update
  6. Execute the following command for the changes to take effect
    1. Restart-Service w32time
      Restart-Service w32time

That's all that is to it!

Configuring DHCP Failover for Server 2012 R2

In this tutorial, we will implement one of Server 2012's newest features, DHCP Failover.  Before Server 2012, DHCP failover was achieved through Windows Failover Cluster. Now, Server 2012 has native tools built into the DHCP role to support failover without the need to setup clustering services.  It is nice to note that DHCP failover is fully supported in all server editions of Windows Server 2012 (Foundation, Standard, Data Center), allowing everyone to provide this role in high availability.

Before beginning, this tutorial assumes the following prerequisites to this tutorial:

  • Two Server 2012 servers have been installed and joined to your domain as member servers
  • Both servers have installed the DHCP role
  • One of the servers has been configured with your desired DHCP scopes
  1. Login to your primary DHCP server that has been configured with the DHCP scopes
  2. Open up the DHCP program
    1. Launch Server Manager
      Server 2012 R2 - Server Manager
    2. Click Tools->DHCP
      Server Manager - Tools - DHCP
    3. Expand your DHCP server and right click on IPv4 and select Configure Failover...
      DHCP - IPv4 - Configure Failover
    4. On the Introduction to DHCP Failover page, click Next to allow failover of all DHCP scopes.
      Optionally, uncheck Select all and select the specific scopes you would like to allow to failover and then click Next.
      Configure Failover - Introduction to DHCP Failover
    5. Click on the Add Server button
      Configure Failover - Specify the partner server to use for failover - Add Server
    6. Check This authorized DHCP server, select the server you would like to use to allow failover, and then click OK
      Configure Failover - Specify the partner server to use for failover - Add Server - Authorized DHCP server
    7. Click Next
      Configure Failover - Specify the partner server to use for failover - Partner Server
    8. Enter in the settings you wish to use and then click Next.  I would recommend entering a Shared Secret and checking the State Switchover Interval to failover in the event a server fails unexpectedly.
      If you are failing over to another DHCP server on the same subnet, it is recommended to setup loadbalancing.  If you are failing over your DHCP server to another network, set the mode to Hot standby.  Additionally, here is a list with more indepth details on what each option does.

      • Relationship Name: Descriptive name to describe this DHCP Failover relationship.  This can be named anything to help you understand the server relationship.
      • Maximum Client Lead Time: Specifies the amount of time for which a DHCP lease may be renewed by either failover peer without contacting the other.  It also specifies the amount of time that either DHCP server will wait in a “partner down” state before assuming control of the entire IP address range within the scope.  ( default = 1 hour ).
      • Mode: Select Load Balance ( default – Active / Active ) or Hot Standby ( Active / Passive )
      • Load Balance Percentage: Specifies the percentage of the IP Address range to reserve for each server in the failover relationship.  Each server will use their assigned range of addresses prior to assuming control over the entire IP Address range of a scope when the other server transitions into a “partner down” state and the Maximum Client Lead Time ( specified above ) passes.
      • Auto State Switchover Interval: When selected, specifies the amount of time that elapses before a DHCP Server is automatically transitioned to a “partner down” state when network communication is interrupted to a DHCP Server.  If this option is unchecked, an administrator must manually transition the status of a DHCP Server into a “partner down” state using the DHCP Management console or PowerShell. ( when checked, the default = 60 minutes )
      • Enable Message Authentication: check this checkbox option to enable authentication of failover replication traffic between servers
      • Shared Secret:  Type a “Shared Secret” ( ie., a Password ) to be used to authenticate the failover connection between servers

      Configure Failover - Create a new failover relationship

    9. Click Finish
      Configure Failover - Summary
    10. Click Close on the results dialog, confirming the failover configuration was properly setup.
      Configure Failover - Progress of failover configuration
    11. Optionally, you can login to your secondary DHCP server to confirm failover has successfully been setup.
      1. On the secondary DHCP server, right click on one of your DHCP scopes and select Properties
        DHCP - IPv4 - Scope - Properties
      2. Select the Failover tab and you should see your failover settings in effect.
        DHCP - Scope Properties

That's all that's to it!  Hurray for high availability! 🙂


Descriptions of each of the failover options were found on the following technet article: http://blogs.technet.com/b/keithmayer/archive/2012/10/28/step-by-step-scoping-out-the-new-dhcp-failover-in-windows-server-2012-31-days-of-favorite-features-part-28-of-31.aspx

An offial Microsoft KB article on configuring DHCP failover can be found here: http://technet.microsoft.com/en-us/library/hh831385.aspx

Migrate DHCP Role from Server 2008 R2 to Server 2012 R2

After doing a quick google search, it appears you can easily migrate your DHCP server as long as you have both your current DHCP server (running Server 2008 R2) and a new Windows Server 2012 server you are going to designate as a DHCP server.

  1. Login to your new Server 2012 R2 machine with the DHCP role installed
  2. Open up a Powershell shell
    Server 2012 - Powershell
  3. Execute the following command to export the configuration from the Server 2008 R2 DHCP Server
    1. Export-DhcpServer –ComputerName win2k8r2-dhcp.corp.contoso.com -Leases -File c:\users\yourusername\Desktop\dhcpexp.xml -verbose
      Export-DhcpServer Server 2012
  4. Execute the following command to import the configuration into your new Server 2012 R2 DHCP Server; must be an Administrator running this PowerShell command.
    1. Import-DhcpServer –ComputerName win2k12r2.corp.contoso.com -Leases –File C:\users\yourusername\Desktop\dhcpexp.xml -BackupPath C:\users\yourusername\Desktop\backup\ -Verbose

Notes: Credit goes to the following technet article for the powershell commands and a more in-depth explanation: http://blogs.technet.com/b/teamdhcp/archive/2012/09/11/migrating-existing-dhcp-server-deployment-to-windows-server-2012-dhcp-failover.aspx