Configuring IPAM and Server Discovery
Configure the IPAM server
In this part, we’ll see how to configure the IPAM server and DHCP servers to retrieve the organization’s addressing information.
Go back to the server manager, the administration of IPAM is accessible through the menu on the left 1 , click on it.
On the new page, click Configure IPAM Server 1 to launch the wizard.
The first page of the wizard explains the information that IPAM can collect and the way it is used. Click Next 1 .
Configure the database: if necessary change the IPAM database storage path A and click Next 1 .
IPAM does not work with a SQL Express database.
Choose Supply: select the option Based on Group Policy 1 , specify the prefix for GPO 2 and click Next 3 .
Summary: Confirm the configuration by clicking Apply 1 .
Wait while the wizard applies the configuration …
Leave the wizard by clicking on the Close button 1 .
From the server manager, we can see that the action is complete and the date when it was done 1 .
Open a PowerShell command prompt in administrator mode and enter the command below to create the GPOs:
Invoke-IpamGpoProvisioning -domain rdr-it.intra -gpoprefixname IPAM -Ipamserverfqdn lab-ipam
Log on to a domain controller, launch the MMC Group Policy Management Console, and verify the creation of the 3 GPOs.
Configure server discovery
Go back to the server manager and click on Configure Server Discovery 1 .
Select domain 1 and click on Add 2 .
Select the roles to be inventoried A then click on OK 1 .
The configuration is complete, we see the number of managed domain 1 and the list of scheduled tasks 2 .
Now that the IPAM service is configured and functional, we will see how to populate the database with the servers in the organization.
Manage servers from IPAM
From the IPAM overview, click Start Server Discovery 1 .
A yellow banner appears in the box, wait while the task is running. You can have more information by clicking on More … A .
Detail of tasks …
When the task is complete, click Select or add servers to manage and check IPAM access 1 .
Since this view appears the servers discovered by the IPAM service, for the moment they are just inventorier in the console.
Right click on a server to manage and click on Edit server 1 .
Change the Manageability Status field to Managed 1 and click OK 2 .
Back to the list of servers, we see that the state of management facility has been changed to “Managed” but access to IPAM is still blocked 1 . This is because the server still has not applied the GPOs.
Still on the IPAM server, open a PowerShell Administrator window and enter the commands below to force the Group Policy update.
Enter-PSSession nom-fqdn-du-serveur-modifier-dans-IPAM gpupdate exit
Wait a moment (30min to 1H), the time the server is updated that information is reported. Regularly refresh the task manager to check the server status change.
Repeat for all servers whose information must be present in the IPAM database.
When the servers are unblocked, they are displayed as below, so that the data is available in IPAM, the state of the data recovery must be “Done”.
Now that IPAM services are able to trace network information, we will see an overview of possible actions.