DHCP Authorization Delegation

If you are a Domain Administrator or Enterprise Administrator, you can authorize DHCP servers without any hassle. If we need to delegate other user to authorize DHCP servers then we can follow the procedure below.

Create a Active Directory security group> add user/s who you want to authorize DHCP servers. The group I created named DHCPAdmins.

Open Active Directory Sites and Services while logged on as an enterprise administrator or Domain Administrator.

Click View> Filter Options>Show all type of objects

Right click NetServices folder and choose Delegate Control

Click Add

Add the group you created for DHCP Admins

Choose "Create a custom task to delegate"

Select "This folder, exisiting objects in this folder, and creation of new objects in this folder"

Select Full Control

Finish the wizard.

The group members can add, modify, or delete new objects of DHCP class type in the NetServices folder now. That's it. For this delegation we used the wizard.

Alternative Way:

The same thing could be done from ADSIEdit Security settings, too.

Open and Right click ADSI Edit>connect to: Configuration Naming Context.
Right click Netservices> Select Properties> in the security tab choose Advanced and then Add.
Select the security principal DHCPAdmins and on the object grant Create/Delete dHCPClass objects.
Grant Full Control on descendant dHCPClass objects.