I have a domain-joined test machine running W2K8 R2 with two NICs, one connected to the enterprise network, the other one to a private network with a static IP (192.168.0.1). The machine should act as a DHCP server for the other machines on the private network (not for machines on the enterprise network, though).
After adding the DHCP role, I checked that the service only has a binding to the LAN connection on the private network.
The domain controller won't allow to authorize another DHCP server, and the DHCP service throws an error when starting up (event ID 1046): http://technet.microsoft.com/en-us/library/cc726914(WS.10).aspx
My question is: is there a way to tell the DHCP service that it'll only serve a private network and therefore doesn't have to ask the DC for authorization?
Thanks Max
No. If you want to do that you'll have to use a non-MS DHCP server. The DHCP server built into windows will (correctly in my opinion) require you to be an admin in the domain to setup an additional DHCP server.
You can use a DHCP server like http://ruttkamp.gmxhome.de/dhcpsrv/dhcpsrv.htm to setup a DHCP server and side-step your companies restrictions, but keep in mind there are very good reasons to not trust people with rogue DHCP servers.
As long as the server is a domain member, it will require authorization from a domain admin in order to work.
You can remove it from the domain, or even make it a domain controller for its own domain; but you can't make it work without authorization while it is a domain member.