I'm trying to setup DHCP server on a Child Domanin Controller and when I try to authorize the server I get "Access denied".
I was able to configure the Root Domain controller with DHCP however, but also if I try to add the child DC as an authorized server I still get Access denied.

Any ideas why?

Are you logged on with the Enterprise Admin credentials when you try and authorize the DHCP server?

And to ask a silly question, the IP ranges of the two scopes are not overlapping in any way? Try disabling the scope before authorizing the server.

Hey Chuck,
Yes, on the child DC, logging in with Domain administrator.
IP's are not overlapping.

Logon to the DC as your Enterprise Admin for your root domain.

And BTW, did you get your RODC setup to where it is caching credentials?

OK I'll give it a try.

Yes I did get RODC setup to cache credentials, still have some minor issues with it, sometimes it takes the workstations 10-15mins to logon.
When trying to logon to the RODC server with no network available I get "no logon server available" I thought caching credentials would bypass that..
RODC is not setup as GC server though, wondering if it needs to be?

Yes. Set it up as a GC server. This will make logons faster since the GC will be local.

Did you add your DNS zone copies to the RODC? And did you add the RODC to your list of name servers? Look in your DNS zones and make sure that it shows up as an NS.

What is the primary DNS server in the DHCP zone? It should be the local DNS server. Also, on ALL of your DC's that are running DNS, the primary DNS server should be themselves. This will stop circular logging of DNS entries.

Run a daily DCDiags and RepAdmin. If you are into VBScript, then I have just the thing for you.

When trying to logon to the RODC server with no network available I get "no logon server available" I thought caching credentials would bypass that..

To answer this question:
In the properties of the RODCm the server settings for the Managed By, was using a local account not the domain account. Once I changed this and it replicated the problem was resolved.
You can go to the Password Replication tab on the user account and see which RODC's that the account can logon to.