← Previous Active Directory Explained: Users, Groups, and Policies
Chapter 4 of 15 Windows Server ↑ Index
Next → Windows Server Performance Monitoring: Resource Monitor, PerfMon, and More
Windows Server Chapter 4 of 15 by Administrator 4 min read

DNS and DHCP Setup on Windows Server 2025: Step-by-Step Guide

DNS and DHCP are the two services that make a Windows network function at its most basic level. DNS translates hostnames to IP addresses; DHCP hands out IP addresses automatically to clients. Setting both up correctly on Windows Server 2025 is a foundational skill — this guide walks you through every step.

Installing the DNS Server Role

Open Server Manager and navigate to Manage > Add Roles and Features. Select DNS Server from the role list. If this machine is also your domain controller, DNS was likely installed automatically during AD DS promotion. Confirm with PowerShell:

Get-WindowsFeature -Name DNS

If not installed, add it now:

Install-WindowsFeature -Name DNS -IncludeManagementTools

Creating a Forward Lookup Zone

A forward lookup zone resolves hostnames to IP addresses. Open DNS Manager from Server Manager > Tools. Expand your server, right-click Forward Lookup Zones and choose New Zone.

  • Zone type: Primary Zone
  • Zone name: your Active Directory domain name, e.g., corp.local
  • Dynamic updates: Allow only secure dynamic updates (recommended in AD environments)

Active Directory-integrated zones store zone data in AD itself, which replicates automatically to all domain controllers. This is the preferred configuration — avoid file-backed primary zones in AD environments.

Adding DNS Records

Within your forward lookup zone, right-click to add records. The most common types:

  • A record: Maps a hostname to an IPv4 address. Right-click > New Host (A or AAAA).
  • CNAME record: An alias pointing to another hostname — useful for services like mail.corp.local pointing to srv-exchange.corp.local.
  • MX record: Mail exchanger record. Required if you run an on-premises mail server.
# Add an A record via PowerShell
Add-DnsServerResourceRecordA -ZoneName "corp.local" -Name "webserver" -IPv4Address "192.168.1.50"

# Add a CNAME
Add-DnsServerResourceRecordCName -ZoneName "corp.local" -Name "intranet" -HostNameAlias "webserver.corp.local."

Creating a Reverse Lookup Zone

Reverse lookup zones resolve IP addresses back to hostnames (PTR records). They are essential for email deliverability and many network tools. Right-click Reverse Lookup Zones and choose New Zone. Enter your network ID — for a 192.168.1.x network, enter 192.168.1 and Windows will create the zone 1.168.192.in-addr.arpa.

# Add reverse lookup zone
Add-DnsServerPrimaryZone -NetworkId "192.168.1.0/24" -ReplicationScope "Forest"

# Add a PTR record
Add-DnsServerResourceRecordPtr -ZoneName "1.168.192.in-addr.arpa" -Name "50" -PtrDomainName "webserver.corp.local."

Installing and Configuring DHCP

Install the DHCP Server role:

Install-WindowsFeature -Name DHCP -IncludeManagementTools

After installation, a yellow warning appears in Server Manager — you must authorise the DHCP server in Active Directory to prevent rogue DHCP servers from issuing addresses. Click the warning and choose Complete DHCP Configuration, or run:

Add-DhcpServerInDC -DnsName "dc01.corp.local" -IPAddress 192.168.1.10

Creating a DHCP Scope

A scope defines the range of IP addresses DHCP can lease to clients. Open DHCP Manager from Server Manager > Tools. Expand your server, right-click IPv4 and choose New Scope.

  • Start IP: 192.168.1.100
  • End IP: 192.168.1.200
  • Subnet mask: 255.255.255.0
  • Exclusions: Reserve a range for static devices (printers, servers)
  • Lease duration: 8 days for desktops, 4 hours for guest networks

On the DHCP options page, set scope options 003 (Router/Gateway), 006 (DNS Server), and 015 (DNS Domain Name). These are sent to clients alongside the IP address.

Add-DhcpServerv4Scope -Name "Office LAN" -StartRange 192.168.1.100 -EndRange 192.168.1.200 -SubnetMask 255.255.255.0 -LeaseDuration 8.00:00:00
Set-DhcpServerv4OptionValue -ScopeId 192.168.1.0 -Router 192.168.1.1 -DnsServer 192.168.1.10 -DnsDomain "corp.local"

DHCP Reservations

For devices that must always get the same IP (printers, IP cameras, NAS devices), create a reservation. This ties a specific IP address to a device's MAC address:

Add-DhcpServerv4Reservation -ScopeId 192.168.1.0 -IPAddress 192.168.1.150 -ClientId "AA-BB-CC-DD-EE-FF" -Description "HP LaserJet 3F"

Reservations beat static IPs for most devices because DNS dynamic updates still work and you manage everything from one place — the DHCP server.

Testing Your Configuration

From a client machine, run ipconfig /release followed by ipconfig /renew and confirm the client receives an address in your scope range. Test DNS resolution with:

Resolve-DnsName webserver.corp.local
nslookup 192.168.1.50

Both should return correct results. If DNS fails, check that the client's DNS server points to your Windows DNS server, and verify the zone and record exist in DNS Manager.

Tags: Tutorial Step by Step Sysadmin Windows Server Windows Server 2025 DNS DHCP

Related Articles

Windows Server Windows Server Performance Monitoring: Resource Monitor, PerfMon, and More Windows Server performance monitoring with Resource Monitor, PerfMon, Data Collector Sets,... Windows Server Group Policy Explained: How to Create and Apply GPOs in Windows Server Group Policy Objects (GPOs) let you configure hundreds of machines from one place. This gu... Windows Server PowerShell for Windows Server Admins: 10 Essential Scripts Ten essential PowerShell scripts for Windows Server admins: inventory reports, bulk AD use... Windows Server Windows Admin Center vs RSAT: Which Management Tool Should You Use? Compare Windows Admin Center and RSAT to understand which tool suits each task. Covers str...
← Previous Chapter Active Directory Explained: Users, Groups, and Policies
View All Chapters
Next Chapter → Windows Server Performance Monitoring: Resource Monitor, PerfMon, and More