Authorizing RIS Servers in Active Directory

To manage and control the way a RIS server interacts with existing and potential clients, you can configure the server properties, which allow you to determine how this RIS server responds to clients requesting service. You can administer the majority of the RIS configuration settings from a Windows 2000 Professional client by installing the Administrative Tools (Adminpak.msi) package that is included with Windows 2000 Server.

Note

The Administrative Tools package (adminpak.msi), can be installed from the directory %Windir%\System32 where %Windir% is equal to the WINNT directory created during Windows 2000 Server installation. To install the Administrative Tools package on a workstation, run the file adminpak.msi that is located on the Windows 2000 Server operating system CD.

By using RIS you can designate which RIS servers can accept and process requests and designate which RIS servers can only service clients on the network. Before a RIS server can accept requests, it must be authorized to run in Active Directory.

Before a RIS server can accept requests, it must be authorized to run. To authorize a RIS server in Active Directory, you must log on with an account that is a member of the Enterprise Admins group in the forest where you want the RIS server to be authorized. By default, members of the Enterprise Admins group are the only users who can authorize DHCP/RIS servers. You can perform the procedure in this section on a domain controller, member server of the domain, or a Windows 2000 Professional–based computer that has the Administrative Tools package installed.

If the RIS server is not authorized in Active Directory, the RIS server cannot respond to clients requesting service. If you install RIS on a server that is not an authorized DHCP server, or if you add it to a DHCP server that is not authorized in Active Directory, perform the following procedure.

Note

If RIS is installed on a DHCP server that is already authorized in Active Directory, you do not need to perform the following procedure.

To authorize a RIS server in Active Directory

1. Log on to the domain where the RIS server resides. (The account used must be a member of the Enterprise Admins group.)
2. From the Start menu, point to Programs and Administrative Tools, click DHCP from the list. This starts the DHCP Management snap-in.
3. Right-click the DHCP root node in the scope pane, and then click Manage Authorized Servers.
4. Click Authorize, enter the IP address or name of the RIS server, and then click OK. When prompted, to ensure that this is the correct RIS server to authorize, click Yes.

Now your RIS server is authorized in Active Directory and can respond to clients requesting service. If your server is not responding to requests, the changes to Active Directory might not have taken effect. For these rights to apply immediately, on the domain controller on which you set the user rights, from the Start menu, click Run, type CMD, and at the command prompt, type:

secedit /refreshpolicy /MACHINE_POLICY

Or, if applicable in your network environment, you can restart the server so that Active Directory and Group Policy settings take effect.

© 1985-2000 Microsoft Corporation. All rights reserved.