Problem solve Get help with specific problems with your technologies, process and projects.

Moving DHCP without interruption during an Active Directory migration

In a recent migration project, the need arose to move DHCP services from the original domain to the newly created domain. Here are the lessons learned.

In my last article, I covered how to migrate a print server during an AD migration. In this article, I want to...

continue the topic of moving services to a new AD environment. In one of my recent migration projects, the need arose to move DHCP services from the original domain to the newly created domain (for the obvious reason that the original servers were being retired). You can, of course, simply choose to create a brand new DHCP server in your new AD environment and shut the entire company down. But most companies want to maintain service availability, as well as not need to recreate lease reservations, scopes, etc.

There are two parts to your DHCP server that need to be moved: the DHCP server configuration and the lease database. Migrating the configuration only would fall into the "shut the entire company down" scenario, as every client would need to shut down at the same time to properly ensure no two computers have the same IP address (one computer having already obtained its address from the original DHCP server and a second computer obtaining its address from the new server). So, it stands to reason that the best solution to move DHCP services to a new AD environment while allowing clients to remain running is to migrate both the configuration and lease database.

The first step is to install DHCP in the new AD forest and authorize it. (See MSKB 300429 for more information on installing DHCP) The next step, the actual migration, can generally be accomplished during business operations, as most clients receive their leases at the beginning of the business day. To date, I have not had a simple support call due to the migration of DHCP services during business hours. Your call, of course.

If you are moving from one Windows 2003 AD environment to another, you can use the netsh command to both export the original DHCP data and import it into the new server. It's a simple three-step process

1) On the original DHCP server, run the following command:
netsh dhcp server export <filename> all
2) Shutdown and disable DHCP Server services
3) Move the file to the new DHCP server and run the following command: netsh dhcp server import <filename> all

For those of you not migrating from a Windows 2003 environment, you still can accomplish this task. Microsoft has created the DHCP Export Import utility (DHCPEXIM), first released with the Windows 2000 Resource Kit, Supplement 1. You will run this utility on the original DHCP server to both export and disable the scopes you want migrated (this is a huge plus over the NETSH method – selective scope migration allowing you to migrate multiple scopes from a single server to many servers). A single binary file is created containing the configuration and lease databases of the scopes you choose. Move this file to the new DHCP server (again, already installed and authorized) and run DHCPEXIM there. Import the information in the export file and you are left with a running DHCP server, complete with active scopes, active client leases, and no duplicate IP configurations to worry about.

You can find DHCPEXIM on Microsoft's website at

Nick Cavalancia (MCSE, MCT, MCNE and MCNI) is the owner and principal consultant at Exchange Consultants (, a consulting firm specializing in the architecting of Active Directory and Exchange solutions.

Dig Deeper on Windows systems and network management