Migrating a Windows DHCP Server

2015-10-01T19:00:00Z

Today's main task was a Domain Controller migration as part of a continued Windows Server 2012 r2 Upgrade. The most enjoyable part of this task was the shortest - migrating the Windows DHCP Service from the old 2008 r2 Server to it's temporary new home on a virtualised 2012 r2 Server.

Initially I installed the DHCP Server role on the new server using Server Manager. Then, from the new server I exported the DHCP configuration with a single PowerShell command:

Export-DhcpServer -ComputerName olddc.biscuit.ninja -Leases -File $env:UserProfile\Documents\olddc_dhcp.exp

The command is fairly self explanatory. Including the "-Leases" switch means all the current DHCP leases are included in the export.

The next step is importing the configuration.

Import-DhcpServer -ComputerName newdc.biscuit.ninja -Leases -File $env:UserProfile\Documents\olddc_dhcp.exp -BackupPath $env:UserProfile\Documents\newdc_default_dhcp_conf

If you are importing the configuration to an already existing DHCP server with an existing scope, you will need to add the "-ScopeOverwrite" switch.

Once our configuration is migrated, all that remains is to deauthorize the old DHCP server and authorize the new one. You can also accomplish this with PowerShell:

Remove-DhcpServerInDC olddc.biscuit.ninja
Add-DhcpServerInDc newdc.biscuit.ninja

The only hitch I've found, is that if you're using DNS dynamic updates, the credentials for the account that you're using (in the DnsUpdateProxy group) for DNS updates do not get migrated. You can either set these manually on your new DHCP server or use PowerShell's Get-Credential and Set-DhcpServerDnsCredential commandlets.

Windows Server 2012 r2 of course supports DHCP clustering/failover, which I've had working in the lab and look forward to implementing in the datacentres. A highly available DHCP service means we can start relying on DHCP for critical nodes within our datacentres, even using PowerShell to create DHCP reservations for new node nodes as part of a completely hands-off deployment mechanism.