Tuesday, February 25, 2014

Fixed: DHCP Server won't start with error "The DHCP/BINL service is not authorized in the directory service domain "2A040000" "

In my Lab I've been having some trouble with the DHCP server.  Today I finally got around to working on it.

On my freshly installed DHCP server I got the following 3 events.

DHCP Event ID 1004
Event ID: 1004
The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.

Event ID: 1018
The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.



DCHP Event ID 1008

Event ID: 1008
The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain "2A040000" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain "2A040000" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain "2A040000" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain "%2" (Server IP Address %1)
)
)
)




It's worth mentioning here that my AD domain is contoso.com, NOT 2A040000.  That error looks like an unhanded exception that is falling through to the wrong error message.  The only explanation I could come up with for this was that my DHCP database was corrupt.  I tried removing and reinstalling the DHCP Role, but that did not fix it.  My solution was to delete the DHCP database and recreate it as follows.

Warning: This will lose information about all of your active scopes, options, and leases.

  1. Stop the DHCP Service.
  2. Use the DHCP MMC to de-authorize the dhcp server.
  3. Move the contents of  c:\windows\system32\dhcp to a temporary folder.
  4. Start the DHCP Service.
  5. Authorize the DHCP Service in the DHCP MMC.
  6. Create the DHCP scopes.
Cross-posted on the Microsoft forums here.

2 comments:

Anonymous said...

Good grief! Can you believe it took me nearly an hour to locate this!? I knew what I wanted to do but couldn't remember what to call it or look for. Unauthorize *facepalm* Thanks!!!!

Anonymous said...

I've been banging my head against a wall fighting with this exact issue. I kept deleting and re-adding the role, but the service refused to start. I removed the DHCP role, cleared out that folder and re-added the role without issue.

Thanks!