View Full Version : Assign IP based on AD group membership?

08-04-2010, 04:20 PM
HI all,

Is there a way to set up DHCP in a WS2003 domain environment so it assigns IPs based on a PCs group membership in AD?

Thanks :)

08-04-2010, 10:09 PM
NO. You could use reservations but this is normally used for certain devices only. Why would you want to anyway?

08-04-2010, 10:28 PM
I'm not overly familiar with AD, but doesn't a PC have to have already retrieved an IP address from the DHCP server (or have a static IP set within the network's IP range) in order to authenticate against AD in the first place - i.e. log into the domain?

I guess you could possibly use a netsh script on login to change the PC's IP address, but that could get messy.

08-04-2010, 10:50 PM
The problem is changing the IP address via start up script will interfere with domain startup settings and the same with a login script. Get into all sorts of bother here.

09-04-2010, 12:46 AM
I think the most obvious question is why?

09-04-2010, 10:41 AM
The short answer is no - this is not simply a tickbox type option on Windows DHCP / AD configuration. The long answer is, what do you need to accomplish here? There's probably a better way to do it, but if you really want to do it via DHCP lookups to AD and are prepared to throw the necessary time & resources at it, then, well... there's still probably a better way to do it. But it's doable.

09-04-2010, 12:12 PM
As a general rule, you want less administrative work, not more, if you are assigning IPs to machines that is a lot more work than setting up a DHCP server, I'd say 5 PCs is the threashold for static IPs (that is 5 client PCs on your whole network), after that it is a lot less effort to set up a DHCP server, and if you want to assign a specific IP to a machine the only way to do it is either statically, or through DHCP reservation, both require extra work.

I can't really see a point, and without further information no one here is going to be able to help you...