How to Migrate DHCP Server to Windows Server 2016/2019/2022?

Migrating the DHCP service from the old server to the new Windows Server 2016/2019/2022 host with the saving of all the DHCP scope settings of the old server is quite easy. If the old DHCP server is running Windows Server 2008/R2 or Windows Server 2012/R2, you can directly transfer DHCP settings, zones, and reservations.

Deploying DHCP Server Role on Windows Server 2022/2019/2016

First of all, you need to install the DHCP Server role on a new server that is running Windows Server 2016/2019/2022. You can install the DHCP Server role using the Server Manager console, where you need to run the Add Roles Wizard in the Manage > Add Roles and Features menu and select the DHCP Server.

But it’s much easier to install the DHCP role and role management tools (the DHCP MMC console and PowerShell module to interact with DHCP server) using PowerShell. Run the PowerShell console as an Administrator and run the following command:

Add-WindowsFeature -IncludeManagementTools DHCP

The -IncludeManagementTools parameter must be specified to install the DHCP server management console. By default, the Add-WindowsFeature cmdlet installs only the DHCP server role without the appropriate console.

Next, you need to create local DHCP security groups (DHCP Administrators and DHCP Users):

Add-DhcpServerSecurityGroup

Note. These security groups are used to manage the local DHCP server:

  • DHCP Administrators — these are users with full permissions on the DHCP server (they can change any settings), but without local admin permissions on Windows Server;
  • DHCP Users — users with the rights to view DHCP server settings and statistics (including the DHCP Leases info).

To enable DHCP security settings associated with the local security groups created, restart the DHCP Server service:

Restart-Service DHCPServer

Authorize DHCP Server in Active Directory

Next, you need to authorize the new DHCP server in the Active Directory domain. Authorization in Active Directory is performed under an account with Enterprise Admins permissions and is needed to prevent rogue DHCP servers from working on the network.

The list of authorized DHCP servers in the AD domain can be displayed as follows:

Get-DhcpServerInDC

To authorize the new DHCP server in the Active Directory domain:

Add-DhcpServerInDC host1.contoso.com 192.168.10.35

migrate dhcp from 2012 to 2019

If you want to start a DHCP server without authorization in AD, you need to change the DisableRogueDetection registry parameter with the following PowerShell command:

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\DHCPServer\Parameters" -Name DisableRogueDetection -Value 1 -Force

However, after the DHCP role is installed and the post-installation settings with PowerShell are performed, you can’t connect to the DHCP Server. You can see an alert message in the Server Manager console: a post-installation configuration is required, even though it has already been performed. In this case, even the server reboot won’t help to make this alert disappear.

migrate dhcp server 2012 to 2019

To remove this warning message and notify Server Manager that post-install DHCP configuration is completed, you need to modify the ConfigurationState registry parameter. Use the following PowerShell command to indicate that the actual DHCP server role has already been configured:

Set-ItemProperty –Path registry::HKEY_LOCAL_MACHINE\SOFTWARE\MicrosoftServerManager\Roles12 –Name ConfigurationState –Value 2

After that, you need to restart the DHCP service:

Restart-Service -Name DHCPServer -Force

Moving DHCP Server from Windows Server 2008/R2/2012 to 2016/2019/2022

In Windows Server 2012 special PowerShell cmdlets have been added, allowing you to import/export any DHCP server settings. Note that Microsoft simplified the procedure as much as possible, and we will need to execute only two PowerShell commands: Export-DhcpServer and Import-Dhcpserver, which can work remotely. All commands can be executed on one machine (the one to which the DHCP service migrates).

Create the folder C:\DHCP (New-Item C:\DHCP -type directory) and run the command to export the configuration of the old DHCP server to the XML file named OldDHCPConf.xml.

Export-DhcpServer -ComputerName "oldDhcp.contoso.com" -Leases -File "C:\DHCP\OldDHCPConf.xml" –Verbose

migrate dhcp from 2016 to 2019

Now you can perform a full import of the DHCP configuration on the new server:

Import-DhcpServer -Leases –File "C:\DHCP\OldDHCPConf.xml" -BackupPath "C:\DHCP\Backup" –Verbose

Everything is ready. Run the DHCP console and check that all the DHCP scopes, reservations, and IP leases are in place.

how to migrate dhcp server from 2012 to 2019

After the migration of the DHCP server is completed, do not forget to reconfigure the DHCP Relay (IP Helper) agents on the routing network devices. Reconfigure them to use the IP address of the new DHCP server.

When you run the command Import-DhcpServer -Leases –File…. you may get an errorGet-DhcpServerVersion : Failed to get version of the DHCP server DC3.

In this case, make sure you run your PowerShell console elevated (as administrator). Also, check if your account is a member of the local DHCP Administrators group.

Migrating the DHCP Role on Windows Server Using the Backup/Restore Feature

In Windows Server 2016+, you can backup and restore your DHCP server configuration via the graphical MMC snap-in DHCP Management (dhcpmgmt.msc). You can use these features to migrate your DHCP server.

  1. Open the RSAT DHCP console;
  2. Right-click on the DHCP server and select Backup;
    move dhcp from 2012 to 2019
  3. Specify the directory where you want to save the backup copy of the DHCP server settings.

You can use this backup copy to restore the DHCP server settings on the current or another Windows Server host. However, if you simply copy the DHCP backup files to a new server and try to restore the configuration using the Restore option in dhcpmgmt.msc, an error will appear when importing the DHCP database:

The database was not restored correctly. No changes were made. For more information, please see Event Viewer on the specified server.

dhcp migration 2012 to 2019

To successfully migrate your DHCP server config to a new device, you need to copy your DHCP1 backup to the %SystemRoot%\System32\DHCP\backup directory on the DHCP2 server. Then select the Restore option in the DHCP console and select to restore the configuration from this folder.

migrate dhcp server 2016 to 2019

If everything was successful, the following message should appear:

The database was restored successfully.

transfer dhcp to new server 2019

As you can see, we successfully migrated DHCP from one server to another using a DHCP backup.

Note that by default, Windows backs up the DHCP configuration and leases every 60 minutes to the %SystemRoot%\System32\DHCP\backup directory.

The backup directory is configured in the DHCP server settings.

move dhcp to new server 2019

You can also list the current DHCP backup settings using the PowerShell command:

Get-DhcpServerDatabase

FileName : C:\Windows\system32\dhcp\dhcp.mdb

BackupPath : C:\Windows\system32\dhcp\backup

BackupInterval(m) : 60

CleanupInterval(m) : 60

LoggingEnabled : True

RestoreFromBackup : False

migrate dhcp server 2012 r2 to 2019

This means that if your Windows Server DHCP server fails, you can manually copy the DHCP database files from the backup directory on the failed server’s disk and restore its configuration to the new server.

DHCP Server Migration from Windows Server 2003 to 2016/2019

If you are using a legacy DHCP server on Windows Server 2003/R2, you need to use a different migration method. This is because Windows Server 2003 does not support the PowerShell cmdlets for exporting DHCP settings that are available in newer versions of Windows Server.

Log in to the Windows Server 2003 and open the command prompt. Run the following command to export DHCP server configuration to a binary file:

netsh dhcp server export C:\ps\dhcp2003_config.dat all

Now copy the dhcp2003_config.dat file to the new DHCP server running Windows Server 2016/2019 and import the configurations from a local file or over the network (using a UNC path):

netsh dhcp server import \\winsrv2003dhcp\c$\ps\dhcp2003_config.dat all

Migrating DHCP Failover Configuration

If you are using a DHCP failover or load balancing DHCP configuration, after importing the DHCP settings on the first server, you only need to import only the server configuration on the second Windows Server:

Import-DhcpServer -Leases –File "C:\DHCP\OldDHCPConf.xml" -ServerConfigOnly  -BackupPath "C:\DHCP\Backup" –Verbose

After that, you need to perform the standard DHCP Failover configuration.

Remove the Old DHCP Server

Now you need to disable the DHCP service on the old server:

Stop-Service DHCPserver

Set-Service -Name DHCPServer -StartupType "Disabled"

And unauthorize the old DHCP server from Active Directory using the DHCP console (right-click on the DHCP server name > Unauthorize)

dhcp server migration 2012 to 2019

Or unauthorize your old DHCP Server in AD using the following PowerShell command:

Remove-DhcpServerInDC -DnsName "oldDhcp.contoso.com” -IPAddress 192.168.10.36

Then uninstall the DHCP Server Role:

Uninstall-windowsfeature dhcp -remove

Uninstall-WindowsFeature RSAT-DHCP

And reboot the server:

Restart-Computer -Force
I enjoy technology and developing websites. Since 2012 I'm running a few of my own websites, and share useful content on gadgets, PC administration and website promotion.
Latest posts by Cyril Kardashevsky (see all)

9 comments

  1. Hello,
    We have a situation:
    1. A dhcp1 server with about 25 scopes
    2. a dhcpc2 with about 15 scopes
    3. we need to migrate all scopes, leases and reservations from dhcp1 to dhcp2
    4. We want to merge, so we will have all 40 scopes on dhcp2
    5. dhcp1 will be decommissioned as a dhcp server

    Any suggestions?

    1. You’ll need a 3rd DHCP server so move scope 1 and 2 on to dhcp server 3 which will inherit all scopes and be the new primary dhcp server.

      this ensure that any mistakes made will not effect live dhcp servers and you can use them in the event something goes wrong and redo dhcp server 3.

      if you mess up your scope on server 1 and 2 you have no failsafe so it better to migrate both on a new dhcp server and verify before going live and if there are issues turn on both 1,2 respectively.

      if all is well then shutdown scope 1 and 2 and the newly created server 3 will manage all scopes. this way you can verify all scope are on DHCP3 and use that from now on.

  2. Hello
    i tried your DHCP Failover solution and it failed

    I have a failover dhcp server setup and when i use the failover cmd it fails with the message below! and suggestions?

    Import-DhcpServer : Leases cannot be specified when ServerConfigOnly is specified.
    At line:1 char:1
    + Import-DhcpServer -Leases –File “C:\DHCP\OldDHCPConf.xml” -Serv
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : InvalidArgument: (:) [Import-DhcpSe
    + FullyQualifiedErrorId : InvalidArgument,Import-DhcpServer

  3. You don’t mention de-authorising or stopping DHCP server service on the old server? What is your recommendation for that? I have done this in a lab environment and having two DHCP servers authorised and started on the same subnet has always been a no-no?

    Also, I am running Server 2019 and the reg hack to remove the Post-deployment Config doesn’t remove the Warning for me – maybe a different reg key in 2019?

    1. I have fixed the Server Manager issue, somehow when I copied the command it did not contain \12 before -name?

      I corrected and re-ran the command and restarted server manager and it’s ok now

  4. Hello,

    On 2012R2, there is a limitation : 31 failover maximum for 1 server.
    Is this limitation the same on 2016 ?
    Thx

  5. On the import I get this.

    PS C:\dhcp> Import-DhcpServer -Leases -File “C:\DHCP\OldDHCPConf.xml” -BackupPath “C:\DHCP\Backup” -Verbose
    Get-DhcpServerVersion : Failed to get version of the DHCP server DC3.
    At line:1 char:1
    + Get-DhcpServerVersion 2> $null
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : NotSpecified: (DC3:root/Microsoft/…cpServerVersion) [Get-DhcpServerVersion], CimExcept
    ion
    + FullyQualifiedErrorId : WIN32 1753,Get-DhcpServerVersion

  6. Hi,
    Thank you for this tutorial. Very helpful.
    I just noticed, that on one command you are missing to backslashes:
    Set-ItemProperty –Path registry::HKEY_LOCAL_MACHINE\SOFTWARE\MicrosoftServerManager\Roles12 –Name ConfigurationState –Value 2

    Between Microsoft and ServerManager
    Between Roles and 12

    Cheers Till

  7. Fantastic article. Thanks SO much! You made my DHCP migration to a new domain controller stress-free.

    I missed the comment from Till, but I just manually did the DHCP configuration from Server Manager instead when the Set-ItemProperty command failed for me.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.