Wednesday, April 7, 2010

Windows Server 2008, DHCP, AD, and WDS

Ok, this has been RiDiCuLoUs!!!! After fighting, and fighting, and fighting, I have finally gotten this to work. It should've been easy, especially considering Microsoft provides so many menus, but it wasn't, so I'll pass along what I've learned.

First off, on a completely separate topic, if you ever lock out a Windows XP (Pro) user, right-click on My Computer, go to Manage, scroll down to Users and Groups, find that user, right-click, Properties, clear the "Account locked out" checkbox, and hit apply, then OK. That took up an hour of my day right there, since I was in AD mode, and forgot about the stand-alone computer management.

Second, when setting up Server 2008 as an AD server for a new domain in an existing forest, your typical enterprise network setup, BEWARE! What you may not know is that even if you are the local admin, or a domain admin, if your user is not a member of the Enterprise Admins group of the PARENT domain (ex: new domain is; parent domain is then you will NOT be able to configure several items. For example, you can add the DHCP server role, but if you're not an Enterprise Admin of the parent domain, you cannot Authorize the DHCP server....Interesting, not sure why that is, but it is. Also, for WDS to work, you must authorize it with the DHCP server. You need to be a parent domain enterprise admin to do this as well.

Also, AD automatically adds the DNS role as well. However, for WDS to function correctly, you also need a REVERSE DNS zone, which is not added by default. Adding one is simple, just go the the Server Manager, Roles, DNS, and right-click on the server name. Select "Add Zone" from the menu, select "Reverse Zone" and follow the prompts.

Last, if you set up the WDS role on the same server that is running the DHCP role, watch out! You MUST select the "Don't listen on port 67" option in the WDS setup wizard. This is because DHCP is already listening (has already bound) UDP port 67, so your WDS service will fail to start. Last, before you can actually get WDS to run, you have to configure it (yeah, sounds like common sense, I know). But, what's funny, is configuring it is not part of the setup wizard. First you have to install it, then go to Start -> Administrative Tools -> WDS. In the window that pops up, right-click on your server name, and select "Configure Server." After this, it should run.

This took a LOT of googling, but that's the final result.

Now that all this runs, I can figure out how to use the MDT 2010 software to dump my master images to the server so I can deploy these to new clients.


  1. Just found a pretty good walk-through for using WDS to deploy windows xp.

  2. And this was a decent link on injecting the necessary network drivers to PXE boot the clients:

  3. Good walkthrough using the Microsoft WAIK tools to modify the boot.wim file (network boot installation environment). Specifically, step 6 is key because it shows how to add drivers to the boot.wim file using the new dism.exe tool (AIK 3.0) instead of the peimg.exe tool (AIK 1.0 & 2.0) that is used in the link I pasted in my above comment.

  4. Wow, there is ALWAYS something wrong. BEWARE: If you use the new version of the WAIK (version 3.0, new for windows 7) it does NOT support working with WIM files from Vista... So, you'll need WAIK 2.0 that still uses the peimg.exe tool if you want to work with Vista WIM files.

  5. Nice Article, Many Thanks, I've dome something similar here