Configure DNS and DHCP in a Windows Workgroup (No Domain Required)

In this lab, you will build a fully functional DNS and DHCP infrastructure on a standalone Windows Server without Active Directory or a domain using multiple subnets, forward and reverse lookup zones, and DHCP scopes.

Windows Networking

Scenario

Many organisations are moving identity, device management and server management to the cloud using Entra ID, Intune and Azure Arc. As a result, traditional on‑premises domain controllers are becoming less essential, but DNS and DHCP still need to exist somewhere on the network.

Your task is to build a standalone Windows Server that provides DNS and DHCP services for multiple subnets, all without a domain. This setup is ideal for organisations that have moved away from Active Directory, as well as labs, training environments, and isolated networks.

Lab Objectives

By the end of this lab, you will be able to:

  • Configure a standalone Windows Server as a DNS and DHCP server.
  • Create forward and reverse lookup zones for multiple subnets.
  • Configure DNS forwarding for internet name resolution.
  • Create DHCP scopes and options for each subnet.
  • Configure DHCP reservations for static devices.
  • Verify dynamic DNS updates from DHCP‑assigned clients.

Prerequisites

  • Windows Server 2025 (or 2019/2022)
  • Server configured in a workgroup, not a domain
  • Static IP addresses for all server NICs
  • Four subnets
  • Windows and Linux clients for testing

Prepare the Standalone Server

Configure the base networking and hostname.

  1. Set the hostname to HQ.
  2. Configure the primary DNS suffix to:
    hq.uk
  3. Assign a static IP address:
    10.0.1.1
  4. Configure additional NICs for the other subnets.
  5. Set the DNS server on all NICs to 127.0.0.1.
Verification
ipconfig /all shows the correct hostname, suffix, static IPs, and DNS pointing to localhost.

Install the DNS Server Role

Enable DNS services on the standalone server.

  1. Open Server Manager → Add Roles and Features.
  2. Install DNS Server.
  3. Confirm the DNS service is running.
Verification
DNS Manager opens and shows the server with no zones yet.

Configure DNS Forwarders

Allow internal clients to resolve internet hostnames.

  1. Open DNS Manager.
  2. Right‑click the server → Properties → Forwarders.
  3. Add public DNS servers (e.g., Google DNS):
    • 8.8.8.8
    • 8.8.4.4
Verification
Forwarders show as validated.

Create Forward Lookup Zones

Each department/subnet gets its own DNS zone.
Create four forward lookup zones:

  • hq.uk
  • it.hq.uk
  • hr.hq.uk
  • sales.hq.uk

For each zone:

  • Zone type: Primary
  • Dynamic updates: Nonsecure and secure
Verification
All four zones appear under Forward Lookup Zones.

Create Reverse Lookup Zones

Enable IP‑to‑hostname resolution.

Instructions
Create four reverse zones matching your subnets:

  • 10.0.1.x
  • 10.0.2.x
  • 10.0.3.x
  • 10.0.4.x
Verification
Reverse zones appear with empty PTR records.

Install the DHCP Server Role

Enable DHCP services on the standalone server.

  1. Install DHCP Server via Server Manager.
  2. Complete the post‑installation wizard.
  3. Create the DHCP security groups.
  4. Skip domain authorisation (not required in a workgroup).
Verification
DHCP console opens without errors.

Create DHCP Scopes for Each Subnet

Define IP ranges and options for each department.
For each subnet:

  1. Create a new scope.
  2. Define:
    • Start IP: 10.0.1.100
    • End IP: 10.0.1.199
    • Subnet mask: based on your design
  3. Configure DHCP options:
    • Router (gateway): 10.0.1.1
    • DNS server: 10.0.1.1
    • DNS suffix: matches the zone ( hq.uk)
Verification
Each scope shows as Active.

Configure DHCP Reservations

Ensure static servers receive consistent IPs and DNS updates.

  1. Identify MAC addresses of servers.
  2. Create reservations in the HQ scope:
    • Server A → 10.0.1.10
    • Server B → 10.0.1.11
  3. Enable dynamic DNS updates for reserved clients.
Verification
Reservations appear under the scope and show as Active once leased.

Test DHCP and DNS with Client Machines

Verify that clients receive correct settings and DNS updates.

  1. Start Windows and Linux clients in each subnet.
  2. Confirm:
    • IP address is within the correct scope
    • Gateway is correct
    • DNS suffix matches the zone
    • DNS server is the standalone server
  3. Check DNS Manager:
    • Forward zones contain new A records
    • Reverse zones contain new PTR records
Verification
All clients appear in the correct forward and reverse zones.

Conclusion

In this lab, you successfully built a fully functional DNS and DHCP infrastructure in a Windows workgroup, without any domain controllers. You created forward and reverse lookup zones, configured DHCP scopes, set up reservations, and verified dynamic DNS updates across multiple subnets.

This solution is ideal for organisations moving away from traditional Active Directory, as well as labs, training environments, and isolated networks where cloud identity and modern management replace domain‑based infrastructure.

Lab Video

Watch On YouTube
Get NordVPN