Anavem
EnglishFrancais
Anavem
Languagefr
How to Install and Configure DHCP Server on Windows Server 2025

How to Install and Configure DHCP Server on Windows Server 2025

Install the DHCP Server role on Windows Server 2025, configure IP scopes, authorize in Active Directory, and automate network IP assignment for client devices.

Evan MaelEvan Mael
March 17, 2026 15 min
mediumdhcp 8 steps 15 min

Why Deploy DHCP Server on Windows Server 2025?

Dynamic Host Configuration Protocol (DHCP) automates IP address assignment and network configuration for devices on your network. Instead of manually configuring each device with static IP addresses, DNS servers, and gateway information, DHCP handles this automatically when devices connect to your network.

Windows Server 2025 includes a robust DHCP Server role that integrates seamlessly with Active Directory and provides enterprise-grade features like failover clustering, policy-based assignment, and comprehensive logging. This eliminates the tedious task of tracking IP address assignments and reduces configuration errors that can cause network connectivity issues.

What Makes Windows Server 2025 DHCP Different?

The DHCP implementation in Windows Server 2025 builds on the proven foundation from previous versions while maintaining compatibility with modern network requirements. Key capabilities include support for IPv4 and IPv6 addressing, vendor-specific options for different device types, and integration with DNS for dynamic record updates.

Authorization in Active Directory prevents rogue DHCP servers from disrupting your network, while scope policies allow you to assign different configurations based on device characteristics like MAC addresses or user classes. The PowerShell integration provides scriptable management for large-scale deployments.

What Will You Accomplish?

By following this tutorial, you'll have a fully functional DHCP server that automatically assigns IP addresses to network devices. You'll understand how to create and manage IP address scopes, configure essential network options like DNS and gateway settings, and implement security best practices. The server will integrate with your Active Directory environment and provide reliable IP address management for your entire network infrastructure.

Implementation Guide

Full Procedure

01

Install the DHCP Server Role via Server Manager

Start by installing the DHCP Server role through the graphical interface. Open Server Manager from the taskbar or Start menu.

Navigate to Manage > Add Roles and Features. The Add Roles and Features Wizard will launch.

Select Role-based or feature-based installation and click Next. Choose your target server from the server pool and click Next.

In the Server Roles section, scroll down and check DHCP Server. A popup will appear asking to add required features. Click Add Features to include the DHCP management tools.

Click Next through the Features page, then Next on the DHCP Server information page. Review your selections and click Install.

Pro tip: The installation includes PowerShell cmdlets for DHCP management, which you'll use later for advanced configurations.

Verification: Wait for the installation to complete. You should see "Installation succeeded" in the Results page. The DHCP Server role will now appear in Server Manager's left navigation pane.

02

Complete Post-Installation Configuration and Authorization

After installation, you must complete the DHCP configuration and authorize the server. Look for a yellow warning flag in Server Manager's notification area (top-right corner).

Click the notification flag and select Complete DHCP configuration. The DHCP Post-Install Configuration Wizard will open.

Click Next on the Description page. On the Authorization page, select Use the following user's credentials if you're in a domain environment. Enter domain administrator credentials if prompted.

Check Authorize this DHCP server in Active Directory and click Next. Review the summary and click Commit to apply the configuration.

After successful completion, click Close. Now restart the DHCP service to ensure proper initialization.

Open Tools > Services from Server Manager. Locate DHCP Server in the services list, right-click it, and select Restart.

Warning: Without proper authorization in Active Directory, your DHCP server will be detected as a rogue server and may not function correctly.

Verification: Open Tools > DHCP from Server Manager. Your server should appear in the DHCP console without any red error indicators.

03

Configure Your First IPv4 DHCP Scope

Create a DHCP scope to define the range of IP addresses your server will distribute. Open the DHCP management console from Tools > DHCP in Server Manager.

In the DHCP console, expand your server name in the left pane. Right-click on IPv4 and select New Scope. The New Scope Wizard will launch.

Click Next on the welcome page. Enter a scope name like "Main Office Scope" and an optional description. Click Next.

Configure the IP address range. For example:

  • Start IP address: 192.168.1.100
  • End IP address: 192.168.1.200
  • Length: 24 (subnet mask 255.255.255.0)

Click Next. On the Add Exclusions page, you can exclude specific IP addresses from the range. For example, exclude 192.168.1.150 to 192.168.1.160 for static servers. Click Next.

Set the lease duration. The default 8 days works for most environments. Click Next.

Select Yes, I want to configure these options now to set up DHCP options immediately. Click Next.

Pro tip: Plan your IP ranges carefully. Reserve the first 50-100 addresses for static assignments like servers, printers, and network equipment.

Verification: The scope should appear under IPv4 in the DHCP console, but it won't be active yet until you complete the options configuration.

04

Configure Essential DHCP Options

Configure the essential DHCP options that clients need for network connectivity. You should be in the Configure DHCP Options section of the New Scope Wizard.

On the Router (Default Gateway) page, enter your network's default gateway IP address. For example, enter 192.168.1.1 and click Add. Click Next.

On the Domain Name and DNS Servers page, enter your domain name if applicable. Add DNS server IP addresses - for example, 192.168.1.10 for your domain controller or 8.8.8.8 for Google DNS. Click Add after each entry, then Next.

On the WINS Servers page, add WINS server addresses if your network uses them (most modern networks don't). Click Next.

On the Activate Scope page, select Yes, I want to activate this scope now to make it immediately available to clients. Click Next.

Review the summary and click Finish to complete the scope creation.

Your scope is now active and ready to serve IP addresses to clients. You'll see a green checkmark icon next to the scope name in the DHCP console.

Warning: Ensure your DHCP server has a static IP address outside the scope range to prevent conflicts.

Verification: In the DHCP console, expand your scope and check the Address Pool. You should see your configured IP range. The scope icon should have a green arrow indicating it's active.

05

Test DHCP Functionality with a Client Device

Test your DHCP server by configuring a client device to obtain an IP address automatically. Use a Windows 11 client or any network device for testing.

On the client device, open Settings > Network & Internet > Ethernet (or Wi-Fi). Click on your network connection.

Click Edit next to IP assignment. Select Automatic (DHCP) if it's not already selected. Ensure DNS server assignment is also set to Automatic (DHCP).

Open Command Prompt as administrator and release the current IP configuration:

ipconfig /release

Request a new IP address from your DHCP server:

ipconfig /renew

Check the new IP configuration:

ipconfig /all

Look for the following in the output:

  • IP address within your configured scope range (192.168.1.100-200)
  • DHCP Server showing your server's IP address
  • Default Gateway and DNS servers matching your configured options
Pro tip: Use ipconfig /all to see detailed DHCP information including lease obtained time and lease expires time.

Verification: The client should receive an IP address from your scope range. In the DHCP console, expand Address Leases under your scope to see active leases.

06

Monitor DHCP Server Performance and Leases

Monitor your DHCP server's performance and manage active leases through the DHCP console. This helps you track IP address usage and troubleshoot connectivity issues.

In the DHCP console, expand your scope and click on Address Leases. Here you'll see all currently active IP address assignments, including:

  • Client IP addresses
  • Client names and MAC addresses
  • Lease expiration times
  • Lease type (DHCP or reservation)

To view scope statistics, right-click on your scope and select Display Statistics. This shows:

  • Total addresses in scope
  • Addresses in use and available
  • Percentage of scope utilization

Check the server-level statistics by right-clicking your server name and selecting Display Statistics. This provides overall server performance metrics.

To create an IP address reservation for a specific device, right-click Reservations under your scope and select New Reservation. Enter:

  • Reservation name
  • IP address (within scope range)
  • MAC address of the target device
  • Description (optional)
Pro tip: Create reservations for servers, printers, and other devices that need consistent IP addresses while still benefiting from DHCP options.

Verification: Run Get-DhcpServerv4Statistics in PowerShell to view detailed server statistics and confirm proper operation.

07

Configure Advanced DHCP Options and Policies

Configure advanced DHCP options to customize network behavior for different types of devices. Access advanced options through the DHCP console.

Right-click on Server Options under your server name and select Configure Options. Common advanced options include:

  • Option 15 (DNS Domain Name): Set your domain name
  • Option 42 (NTP Servers): Configure time servers
  • Option 119 (Domain Search): Set DNS search suffixes

To create vendor-specific options, right-click Server Options and select Configure Options. Click Advanced and select a vendor class.

Configure DHCP policies for different device types. Right-click your scope and select New Policy. Create policies based on:

  • MAC address patterns (for specific device types)
  • User classes
  • Vendor classes
  • Client identifiers

For example, create a policy for wireless devices:

  • Policy name: "Wireless Devices"
  • Conditions: MAC address starts with specific vendor prefixes
  • IP range: Subset of your main scope
  • Different lease duration or DNS servers

Configure DHCP failover for high availability. Right-click your scope and select Configure Failover. Enter:

  • Partner server IP address
  • Relationship name
  • Shared secret for authentication
  • Load balance percentage
Warning: Test advanced configurations in a lab environment before implementing in production to avoid network disruptions.

Verification: Use Get-DhcpServerv4Policy in PowerShell to list configured policies and verify they're working as expected.

08

Implement DHCP Security and Best Practices

Secure your DHCP server and implement best practices to prevent unauthorized access and ensure reliable service.

Enable DHCP audit logging to track all DHCP activities. In the DHCP console, right-click your server name and select Properties. On the General tab, check Enable DHCP audit logging.

Configure conflict detection to prevent IP address conflicts. In server properties, set Conflict detection attempts to 1 or 2. This makes the server ping addresses before assigning them.

Set up proper DNS integration. In server properties, go to the DNS tab and configure:

  • Enable DNS dynamic updates
  • Dynamically update DNS records for DHCP clients that do not request updates
  • Always dynamically update DNS records

Configure DHCP server security through Group Policy or local security settings:

Add-DhcpServerSecurityGroup -ComputerName "YourServerName"

Implement network access protection (NAP) if available in your environment. Configure health policies and remediation servers.

Regular maintenance tasks include:

  • Monitor scope utilization (keep below 80%)
  • Review and clean up expired reservations
  • Backup DHCP configuration regularly
  • Update exclusion ranges as needed

Backup your DHCP configuration using PowerShell:

Backup-DhcpServer -ComputerName "YourServerName" -Path "C:\DHCPBackup"
Pro tip: Schedule automatic DHCP database backups and test restoration procedures regularly to ensure business continuity.

Verification: Check audit logs at %SystemRoot%\System32\Dhcp and verify security group membership with Get-DhcpServerSecurityGroup.

Frequently Asked Questions

How do I authorize a DHCP server in Active Directory on Windows Server 2025?+
After installing the DHCP Server role, complete the post-installation configuration wizard by clicking the notification flag in Server Manager. Select 'Authorize this DHCP server in Active Directory' and provide domain administrator credentials. This prevents the server from being detected as a rogue DHCP server and ensures proper integration with your domain environment.
What IP address range should I use for my DHCP scope on Windows Server 2025?+
Choose an IP range that matches your network subnet and doesn't conflict with static assignments. For example, if your network is 192.168.1.0/24, you might use 192.168.1.100-200 for DHCP, reserving 192.168.1.1-99 for servers, routers, and other static devices. Always exclude your DHCP server's own IP address and any other static devices from the scope range.
Why are clients getting APIPA addresses instead of DHCP addresses from Windows Server 2025?+
APIPA (169.254.x.x) addresses indicate DHCP failure. Common causes include: unauthorized DHCP server in Active Directory, inactive scope, firewall blocking UDP ports 67/68, or network connectivity issues. Verify the server is authorized, the scope is activated with available addresses, and the DHCP Server service is running. Check Windows Firewall exceptions for DHCP.
How do I create IP reservations for specific devices in Windows Server 2025 DHCP?+
In the DHCP console, expand your scope and right-click 'Reservations', then select 'New Reservation'. Enter the device's MAC address, desired IP address within the scope range, and a descriptive name. Reservations ensure specific devices always receive the same IP address while still getting DHCP options like DNS and gateway settings automatically.
Can I configure DHCP failover between two Windows Server 2025 DHCP servers?+
Yes, Windows Server 2025 supports DHCP failover for high availability. Right-click your scope and select 'Configure Failover'. Enter the partner server's IP address, create a shared secret for authentication, and configure load balancing or hot standby mode. Both servers must be authorized in Active Directory and have the same scope configuration for failover to work properly.
Evan Mael
Written by

Evan Mael

Microsoft MCSA-certified Cloud Architect | Fortinet-focused. I modernize cloud, hybrid & on-prem infrastructure for reliability, security, performance and cost control - sharing field-tested ops & troubleshooting.

Tags
#dhcp#windows-server#networking

Further Intelligence

Deepen your knowledge with related resources

How to Get Windows 11 26H1: What It Is, Who It's For, and How to Install It
tutorial
Windows

How to Get Windows 11 26H1: What It Is, Who It's For, and How to Install It

Deep Dive
How to Deploy Network Locations via Group Policy in Windows Server 2025
tutorial
Networking

How to Deploy Network Locations via Group Policy in Windows Server 2025

Deep Dive
How to Configure Default Inbound Action for Public Profile in Windows Defender
tutorial
Cybersecurity

How to Configure Default Inbound Action for Public Profile in Windows Defender

Deep Dive

Discussion

Share your thoughts and insights

Sign in to join the discussion

Sign inCreate account