Creating an AD user account for a DHCP server - BlueCat Address Manager - 8.3.2

Address Manager Administration Guide

prodname
BlueCat Address Manager
version_custom
8.3.2

Create a user account for a managed DHCP server in Active Directory and edit the user account properties if necessary.

If you are creating a user account to map the service principal, you will need to use ADSI Edit to find the msDS-KeyVersionNumber attribute for the Windows AD user account created.
Note: The msDS-KeyVersionNumber is equal to the key version number (vno#) that is found when running Ktpass and is needed in Defining a DHCP service principal. For details about ADSI Edit, refer to http://technet.microsoft.com/en-us/library/cc773354(v=ws.10).aspx

To create a user account on Windows AD:

  1. Start the Server Manager. Under Active Directory Users and Computers, add a user account.
  2. Enter the user name information for the managed DHCP server in the appropriate fields.
  3. Enter the service principal name in the User logon name field. Use the format DHCP/fully qualified domain name (DHCP/dhcp1.bcn.com) of the DHCP server to map a service principal name to the user account. This is the Kerberos name for the DHCP service.
    Note: Alternatively, you can run the ktpass command to map the service principal name to the user account.
  4. Enter the password for the account.
    Note: Make sure to select the User cannot change password and Password never expires options. If they are not selected, a service interruption will occur when the password expires.