다음을 통해 공유

Windows Server 2012 - IP Address Management (IPAM) - Part 1: Installing and Configuring

  • 아티클

IP Address Management (IPAM) is a feature which was first introduced in Windows Server 2012 that provides highly customizable administrative and monitoring capabilities for the IP address infrastructure on a corporate network. IPAM provides for administration and monitoring of servers running Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS). IP Address management (IPAM) is a method of tracking and modifying the information associated with a network's IP address space. With IPAM, administrators can ensure that the inventory of assignable IP addresses remains current and sufficient.

IPAM benefits include:

- IPv4 and IPv6 address space planning and allocation.

- IP address space utilization statistics and trend monitoring.

- Static IP inventory management, lifetime management, and DHCP and DNS record creation and deletion.

- Service and zone monitoring of DNS services

- IP address lease and logon event tracking.

- Role-based access control (RBAC).

- Remote administration support through Remote Server Administration Tools (RSAT).

 

In this article I will show how to install and configure IPAM on Windows Server 2012

 

In my LAB I use two computers:

- DC2012: Domain Controller (domain mcthub.local) running Windows Server 2012, this server has been installed and configured DHCP role.****

***- SERVER1: ***Domain Member running Windows Server 2012, I will install IPAM on this server, you should note that the IPAM server must be a domain member, but cannot be a domain controller and IPAM server should be a single purpose server. Do not install other network roles (such as DHCP or DNS) on the same server.

** **

Installing IPAM:

- On DC2012, open Active Directory Users and Computer, add SERVER1 computer account (IPAM Server) to membership of ***Event Log Readers ***group.

http://mcthub.com/images/ContentLab/IPAM-En_files/image001.jpg

http://mcthub.com/images/ContentLab/IPAM-En_files/image002.jpg

- Switch to SERVER1, Open Server Manager and select Manage -  Add Role and Features

http://mcthub.com/images/ContentLab/IPAM-En_files/image003.jpg- On the Select features page, select the IP Address Management (IPAM) Server check box.

http://mcthub.com/images/ContentLab/IPAM-En_files/image004.jpg

- Client Install button to start installation process

http://mcthub.com/images/ContentLab/IPAM-En_files/image005.jpg

- After the installation process is complete, you must Refresh Server Manager, check that you've seen IPAM in left pane of Server Manager

http://mcthub.com/images/ContentLab/IPAM-En_files/image006.jpg

 

Configuring IPAM

You need to do 6 steps to complete the installation process of IPAM

- On SERVER1. Step 1: Select Connect to IPAM Server

http://mcthub.com/images/ContentLab/IPAM-En_files/image007.jpg

- Select server that you want to connect is SERVER1.mcthub.local and click OK button

http://mcthub.com/images/ContentLab/IPAM-En_files/image008.jpg

- Step 2: Select Provision the IPAM Server to prepare for configuration process

http://mcthub.com/images/ContentLab/IPAM-En_files/image009.jpg

- Click ***Next ***button

http://mcthub.com/images/ContentLab/IPAM-En_files/image010.jpg

- Choose the method Group Policy Based to configure using GPO. Type any  GPO name prefix you want (ex: IPAM, this wizard will create the GPOs have names beginning with IPAM) - Click Nextbutton

http://mcthub.com/images/ContentLab/IPAM-En_files/image011.jpg- Click ***Apply ***button. Provisioning will take a few moments to complete.

http://mcthub.com/images/ContentLab/IPAM-En_files/image012.jpg

- Click Close button

http://mcthub.com/images/ContentLab/IPAM-En_files/image013.jpg

- Step 3: Select Configure server discovery.

http://mcthub.com/images/ContentLab/IPAM-En_files/image014.jpg

- Select your domain (mcthub.local)- Click Add button

http://mcthub.com/images/ContentLab/IPAM-En_files/image015.jpg

- Verify your domain is appear then click ***OK ***button

http://mcthub.com/images/ContentLab/IPAM-En_files/image016.jpg

- Step 4: Select*** Start server discovery*** to discover DHCP servers and DNS servers

http://mcthub.com/images/ContentLab/IPAM-En_files/image017.jpg- Discovery may take 5 to 10 minutes to run. The yellow bar indicates when discovery is complete.

http://mcthub.com/images/ContentLab/IPAM-En_files/image018.jpg

- Step 5: When the discovery is complete, select Select or add to manage and verify IPAM Access

http://mcthub.com/images/ContentLab/IPAM-En_files/image019.jpg- Notice that the IPAM Access Status is blocked for both servers. Scroll down to the Details view, and note the status report. The IPAM server has not yet been granted permission to manage LON-DC1 through Group Policy

http://mcthub.com/images/ContentLab/IPAM-En_files/image020.jpg

 

- Open Windows PowerShell, type the following command, and then press Enter. When you are prompted to confirm the action, type Y, and then press Enter. The command will take a few moments to complete.

             

http://mcthub.com/images/ContentLab/IPAM-En_files/image021.jpg

- Check by opening Group Policy Management (GPMC.MSC), you will see 3 new GPOs, the GPOs is linked to ***mcthub.local ***domain

http://mcthub.com/images/ContentLab/IPAM-En_files/image022.jpg

- Right click DC2012 - select Edit Server

http://mcthub.com/images/ContentLab/IPAM-En_files/image023.jpg- Set the Manageability status field to Managed, and then click OK.

 http://mcthub.com/images/ContentLab/IPAM-En_files/image024.jpg

 

- On both DC2012 and SERVER1, update Policy use the command GPUPDATE /FORCE

http://mcthub.com/images/ContentLab/IPAM-En_files/image025.jpg

- On DC2012, type GPRESULT /R to verify  DC2012 is applied 3 GPOs: IPAM_DNS, IP_DHCP and IPAM_DC_NPS.

http://mcthub.com/images/ContentLab/IPAM-En_files/image026.jpg

- Switch back to SERVER1, and in Server Manager, right-click DC2012, and then click Refresh Server Access Status. It may take up a long time for the status to change, you need to be patient and wait …

http://mcthub.com/images/ContentLab/IPAM-En_files/image027.jpg- When completed, refresh IPv4 by clicking the Refresh icon. It may take up to five minutes for the status to change (Unblocked)

http://mcthub.com/images/ContentLab/IPAM-En_files/image028.jpg- Step 6: Select Retrieve All Server Data. This action will take a few moments to complete

http://mcthub.com/images/ContentLab/IPAM-En_files/image029.jpg

 

- At this point you can use to manage the DHCP IPAM and DNS Server in the network. In the next article I will demonstrate how to use IPAM tracking and monitoring of IP space network and manage DHCP, DNS Server from the IPAM Server.

 

Thank you for reading my article.

To view my article in Vietnamese, click the link below
mcthub.com

By Đồng Phương Nam