Thank you for posting this, but apparently they changed it in NSX 4.
I found it in Networking, Segments, Profiles.
I could not clone the default profile, so I created a new profile. Add Segment Profile, Segment Security, turned the Server Block turned off.
Then went to the Distributed Port Groups tab, and on each Distributed Port Group, changed the segment security profile to the new one I created.
I hope this helps, because it's panic time when you implement NSX and suddenly users are not getting DHCP addresses.