How To Configure IPAM in Windows Server 2016

IP Address Management (IPAM) is a feature that allows you to manage infrastructure servers such as DHCP, DNS, NPS, and DC servers from a centralized location. IPAM also supports the automatic discovery of infrastructure servers of your Active Directory forest. Since it supports the DHCP server management, hence you can manage and track your dynamic and static IPv4 and IPv6 address space centrally. In this post, we will explain how to install and configure IPAM server in Windows Server 2016. The same steps can also be used to configure IPAM server in Windows Server 2012/R2.

Understanding IPAM Lab Setup

Before to configuring IPAM server, first, you need to understand the topology we are going to use. We have two servers named DC1.mcsalab.local and Server1.mcsalab.local. Both the servers are running on Windows Server 2016. Server1 is the member of mcsalab.local domain and will be configured as IPAM server. DC1 server has a pre-configured DHCP server that we will add and manage through the IPAM server.

Also read: How to install and configure DHCP Server in Windows Server 2016.

Installing IPAM Feature in Windows Server 2016

To install the IPAM feature on the Server1, you need to perform the following steps:

  1. Launch the Add Roles and Features Wizard using the Server Manager tool.
  2. Navigate to the Select features page and select the IP Address Management (IPAM) Server role.Install IPAM Feature in Windows Server
  3. Click the Next button and complete the installation process.

Configuring IPAM Server in Windows Server 2016

Once you have installed IPAM feature on your server, the next step is to configure IPAM server. As discussed earlier, the IPAM server can manage DHCP, DNS, and DC servers. However, in this post, we will manage DHCP server through the IPAM server. To configure IPAM server in Windows Server 2016, you need to perform the following steps:

  1. Select the IPAM in the left pane and then click the Connect to IPAM server. Select SERVER1.MCSALAB.local if not selected already and then click the OK button.Configure IPAM Server in Windows Server 2016
  2. The next task is to Provision the IPAM server. For this, click Provision the IPAM server and navigate to the Configure database page. Here you need to specify the type of IPAM database. You can either select SQL server or Windows Internal Database. For the testing lab, select the Windows Internal Database (WID) option and proceed to the next.Specify type of IPAM Databse
  3. On the Select provisioning method page, select the provision method for the managed server. You can either select the manual provisioning method or the Group Policy Based provisioning method. For the testing purpose, select the Group Policy Based provisioning method as manual provisioning required the additional configurations. Specify a GPO prefix name and proceed to the next.Selecting Provisioning method for IPAM
  4. Click Next and finish the wizard.
  5. After provisioning IPAM server, the next step is to configure server discovery. For this, click Configure server discovery link.
  6. On the Configure Server Discovery dialog box, click Get forests and wait until the forest name discovered. Click Add to add the discovered domain and then click OK.Configure Server Discovery
  7. After adding the domain, the next step is to start the server discovery process. For this, click the Start server discovery link. Discovery may take 5 to 10 minutes to complete.
  8. After the discovery process, the next step is to add servers that you want to manage. For this, click the Select or add servers to manage and verify IPAM access link.
  9. Notice that IPAM Access Status is Blocked for both servers, as shown in the following figure.Manage DHCP Server to IPAM
  10. Leave the Server Manager console active and execute the following command at the Windows PowerShell prompt.
    Invoke-IpamGpoProvisioning -Domain mcsalab.local -GpoPrefixName IPAMGPO -IpamServerFqdn SERVER1.mcsalab.local -DelegatedGpoUser Administrator

    Invoke-IpamGPOProvisiong cmdlet

  11. If you get the following error as shown in the below figure. To resolve this, switch to other user and sign in to as Domain\Administrator user and try again to execute the command.Current security context is not associated with an Active Directory domain or forests
  12. Switch to the Server Manager tool. Select SERVER INVENTORY, right-click DC1 and then select Edit Server.Refresh Server Access Status
  13. On the Add or Edit Server dialog box, select the server types that you want to manage. For example, select DC, DNS and DHCP options. In the Manageability status drop-down list, select Managed and then click OK.IPAM Manageability Status

Verifying IPAM Configuration

Now you have configured IPAM server with DHCP server. The next step is to verify your IPAM configuration. To do so, you need to perform the following steps:

  1. Switch and sign in to the DC1 server and execute the following Windows PowerShell cmdlet to update the group policy.
    Gpupdate /force
  2. Switch back to the SERVER1, right-click DC1 in the IPAM window and then select Refresh Server Access Status.
  3. Refresh the Server Manager console. Wait for 10-15 minutes. Refresh again until the status changes to unblocked. Now, you can manage your DHCP server through the IPAM server in Windows Server 2016.

That’s all you need to install and configure IPAM server in Windows Server 2016. Don’t hesitate to drop your queries if get stuck anywhere. In the upcoming posts, we will also configure IPAM server with other services such as NPS. Stay connected with us. Do share the article and also subscribe us to get notified for the upcoming articles.

Posted in Windows Server 2016 Tagged with: , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

*