Event ID 1056 — DHCP Server DNS Registration

Applies To: Windows Server 2008

You can configure the Dynamic Host Configuration Protocol (DHCP) Server service to impersonate an account to perform Domain Name service (DNS) registrations and secure dynamic updates. The Netsh.exe tool can be used to configure the impersonation credentials. You must create a dedicated user account in Active Directory Domain Services before you use the Netsh.exe tool to configure the use of impersonation credentials.

Event Details

Product: Windows Operating System
ID: 1056
Source: Microsoft-Windows-DHCP-Server
Version: 6.0
Symbolic Name: DHCP_EVENT_NO_DNSCREDENTIALS_ON_DC
Message: The DHCP service has detected that it is running on a DC and has no credentials configured for use with Dynamic DNS registrations initiated by the DHCP service. This is not a recommended security configuration. Credentials for Dynamic DNS registrations may be configured using the command line "netsh dhcp server set dnscredentials" or via the DHCP Administrative tool.

Resolve

Configure impersonation credentials for dynamic updates

To perform these procedures, you must be a member of the Administrators group, or you must have been delegated the appropriate authority.

You can configure the DHCP Server service to impersonate an account to perform DNS registrations. The Netsh.exe tool can be used to configure the impersonation credentials.

  1. Click Start, click Control Panel, and then click User Accounts.

  2. Click Manage user accounts.

  3. Click Add, and then follow the instructions to create a new user account.

  4. Click Start, type cmd in Start Search, and then press ENTER.

  5. At the command prompt, type netsh dhcp server set dnscredentials username domainname password (where username is the new account created in the previous step), and then press ENTER.

  6. At the DHCP server computer, click Start, click Run, type services.msc, and then click OK.

  7. Double-click DHCP Server.

  8. Click Stop, wait for the progress bar to complete, click Start, wait for the progress bar to complete, and then click OK.

  9. On the File menu, click Exit.

  10. Type netshdhcp server delete dnscredentials dhcpfullforce, and then press ENTER.

  11. At the DHCP server computer, click Start, click Run, type services.msc, and then click OK.

  12. Double-click DHCP Server.

  13. Click Start, wait for the progress bar to complete, and then click OK.

  14. On the File menu, click Exit.

Verify

To determine which credentials are being used:

  1. At the DHCP server computer, click Start, click Run, type cmd, and then press ENTER.
  2. Type netsh dhcp server show dnscredentials.
  3. The output of this command displays the credentials being used.

DHCP Server DNS Registration

DHCP Infrastructure