Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
The DHCP/BINL service has determined that it is not authorized to service clients on this network for the Windows domain: <domain>.
|English: Request a translation of the event description in plain English.|
As per Microsoft: "When configured correctly and authorized for use on a network, Dynamic Host Configuration Protocol (DHCP) servers provide a useful administrative service. However, a misconfigured or unauthorized DHCP server can cause problems. For example, if an unauthorized DHCP server starts, it might begin either leasing incorrect IP addresses to clients or negatively acknowledging DHCP clients that attempt to renew current IP address leases". See the link to "Event ID 1051 - DHCP Authorization and Conflicts" for more details.
As per Microsoft: "This event message indicates the possibility of an unauthorized server on the network. For the directory authorization process to work properly, it is assumed and necessary that the first DHCP server introduced on to your network participate in the Active Directory service. This requires that the server be installed as either a domain controller or a member server. Where you are either planning for or actively deploying Active Directory services, it is important that you do not select to install your first DHCP server computer as a stand-alone server". See MSW2KDB for more details on this event.
|Private comment: Subscribers only. See example of private comment|
|Links: Event ID 1051 - DHCP Authorization and Conflicts, MSW2KDB|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated