🔹 1. Check Scope Utilization and Lease Distribution
Run PowerShell on the DHCP server:
powershellGet-DhcpServerv4ScopeStatistics -ComputerName localhost
This gives:
- Total IPs
- In use
- Available
- Percent utilization
If you’re > 80–90% utilized, that triggers a blue exclamation warning.
Fix: Extend the IP range, or reduce lease duration:
powershellSet-DhcpServerv4Scope -ScopeId <x.x.x.x> -LeaseDuration ([TimeSpan]::FromDays(1))
🔹 2. Verify Exclusion Ranges Are Not Overlapping
Run:
powershellGet-DhcpServerv4ExclusionRange -ScopeId <x.x.x.x>
Then compare with:
powershellGet-DhcpServerv4Scope -ScopeId <x.x.x.x>
If your exclusions are consuming too much of the usable range, DHCP might have too few assignable IPs left.
🔹 3. Scope Options Missing or Misconfigured
Run:
powershellGet-DhcpServerv4OptionValue -ScopeId <x.x.x.x>
Ensure you have at least:
- Option 003 (Router/Gateway)
- Option 006 (DNS)
- Option 015 (DNS Domain Name)
Also ensure there’s no rogue or incorrect DNS (e.g., 127.0.0.1 or public DNS if on internal AD).
🔹 4. BOOTP Configuration Causing the Warning
If BOOTP is enabled but you didn’t configure BOOTP address ranges, DHCP warns.
Check:
powershellGet-DhcpServerv4Binding
And in the DHCP MMC:
- Scope > Advanced > BOOTP table
- Disable BOOTP if unused.
🔹 5. Database Inconsistency or Corruption
Reconcile DHCP database:
- DHCP MMC → Right-click on the Scope or Server → Reconcile
- Or via PowerShell:
powershellInvoke-DhcpServerv4ScopeReconciliation -ScopeId <x.x.x.x>
If leases in the registry and database mismatch, this clears it up.
🔹 6. Check for Conflicts Detected by DHCP
DHCP can perform conflict detection (default is 0 pings = off).
Check settings:
powershellGet-DhcpServerSetting
You’ll see ConflictDetectionAttempts. If it’s non-zero, DHCP is trying to ping before offering leases.
Increase this to catch more conflicts, or set to 0 to reduce delay but lose detection.
🔹 7. Failover Configuration Issues
If you’re using DHCP Failover:
powershellGet-DhcpServerv4Failover
Check:
- Failover state (should be NormalComm)
- Partner state
- Conflict between scopes (e.g., both active in Hot Standby)
A misaligned failover sync can trigger a warning.
Try rebalancing:
powershellInvoke-DhcpServerv4FailoverReplication -ScopeId <x.x.x.x>
🔹 8. Audit DHCP Logs (C:\Windows\System32\dhcp)
Open DhcpSrvLog-*.log (based on the weekday), look for:
- “NO_ADDRESS_AVAILABLE”
- “BAD_ADDRESS”
- “NACK” responses
- Scope full errors
Or grep it with PowerShell:
powershellSelect-String -Path "C:\Windows\System32\dhcp\DhcpSrvLog-*.log" -Pattern "NO_ADDRESS|BAD_ADDRESS|NACK"
🔹 9. Event Logs Deep Dive
Check under:
Event Viewer > Applications and Services Logs > Microsoft > Windows > DHCP-Server > Operational
Filter for:
- Event ID
1041(Scope low on addresses) - Event ID
1020(Scope misconfig) - Event ID
20292(Failover sync issues)
🔹 10. Registry-Level Tuning (Advanced)
Location:HKLM\SYSTEM\CurrentControlSet\Services\DHCPServer\Parameters
Settings you might tweak:
DatabaseCleanupInterval(in minutes; default: 60)BackupInterval(how often DHCP auto-backs up)- Check for rogue or invalid scope entries in subkeys under
DHCPServer\Configuration
Always back up the registry before making changes.
