Fixing a backup or failover DHCP Server in Active Directory

I had an experience where an active directory controller was forcibly removed from the domain, fortunately it didn't have any FSMO Roles associated to it but it was setup as a backup/failover DHCP server.   This assumes you have a backup or secondary AD Server and it is authorized to be a DHCP server.

First you have to create all scope options from your primary DHCP server to the backup/failover dhcp server.  If you try to run failover without setting up custom options then you will get Error 20010. The specified option does not exist.

Active Directory DHCP Error 20010. The specified option does not exist

You will have to login to your failover (or secondary) AD controller and replicate the options.  This is pretty straight forward except for the Mitel Phone Config on option 43.  On my post about Setting up Mitel Phones with PFSense I have all the info here for doing that but with AD it's a bit trickier.

Replicate DHCP Scope options from the primary DHCP server to the backup.  Must be done by hand.

Select your IPv4 and right click and select "Define Vendor Classes..."

Define Vendor Classes...

Select Add

Display Name - "Mitel IP Phone Options"

Description: Mitel Specific Options for IP phone provisioning

in the ASCII type without quotes

"ipphone.mitel.com"

in the binary add 00 after the 6D.  If you don't you'll have problems because the phone is looking for that null value.

Create Mitel IP Phone Class

Next go back to your IPv4 and right click and select predefined options as shown below.

Set Mitel Predefined options

In "Option class", drop down "Mitel IP Phone Options"

"Option class", drop down "Mitel IP Phone Options"

Click [Add]

For name, enter "Mitel Phone Config"
For data type, choose String
For Code, enter 43

For description, enter "Mitel configuration string"

Mitel Predefined Options and Values

Click [OK] to commit

You can now add the Mitel Scope Options to the scope by going to "scope options" right click select "Configure Scope Options" then go to advanced and select the vendor class we created called "Mitel Phone Options" and make sure it is checked and add your Mitel Configuration String.

Mitel Scope Options

Once we setup all our scope options on the failover/secondary AD controller we can then run the failover and it should succeed.

Now in this instance I had an issue with the reconcile database but if you didn't have a failover dhcp server before you should be good to go.  Below I go over how to fix the an issue with the DHCP database where it is not reconciling properly.

Fixing the Reconcile Database

The Primary DHCP server was still trying to reconsile to the old failover DHCP server, as shown below.

Reconcile DHCP Database

DHCP Reconcile IP

To fix this (because our scope won't properly reconcile) we need to use netsh.

go to the netsh prompt by typing "netsh" without quotes then press enter.

netsh list command

Once you verified the list and you can then remove the offending ip by using

netsh> dhcp server scope $youripscope delete lease $ipaddress

netsh delete cmd

now do a netsh list command to verify the offending IP is gone

Once verified you can go to your DHCP server and reconcile your DHCP and you should get a message "The database is consistent"

Error is removed database reads on consistent.

Sources:
http://blog.solar.co.uk/dhcp-options-for-mitel-phones
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-xp/bb490941(v=technet.10)
http://www.unixwiz.net/techtips/mitel-ipphone-networking.html