Creating an AD user account for a DHCP server - BlueCat Integrity - 9.4.0

Address Manager Administration Guide

Locale
English
Product name
BlueCat Integrity
Version
9.4.0

Create a user account for a managed DHCP server in Active Directory and edit the user account properties if necessary.

If you are creating a user account to map the service principal, you will need to use ADSI Edit to find the msDS-KeyVersionNumber attribute for the Windows AD user account created.
Note: The msDS-KeyVersionNumber is equal to the key version number (vno#) that's found when running Ktpass and is needed in Defining a DHCP service principal. For details about ADSI Edit, refer to http://technet.microsoft.com/en-us/library/cc773354(v=ws.10).aspx

To create a user account on Windows AD:

  1. Start the Server Manager. Under Active Directory Users and Computers, add a user account.
  2. Enter the username information for the managed DHCP server in the appropriate fields.
  3. Enter the service principal name in the User logon name field. Use the format DHCP/fully qualified domain name (DHCP/dhcp1.bcn.com) of the DHCP server to map a service principal name to the user account. This is the Kerberos name for the DHCP service.
    Note: Alternatively, you can run the ktpass command to map the service principal name to the user account.
  4. Enter the password for the account.
    Note: Make sure to select the User can't change password and Password never expires options. If they aren't selected, a service interruption will occur when the password expires.