I suppose a more correct title for this article might have been, “I manage IP addressing, therefore IPAM.”
IPAM is a FLA (Four-Letter Acronym) that stands for IP Address Management. More appropriately, Internet Protocol Address Management. In Windows Server 2012 we have added a capability that addresses (get it?) a need to efficiently (and centrally) manage IP addressing in large and often complex environments. Specifically, you’d like to be able to both track manage the configurations of your DHCP and DNS servers in a consistent way, and all from one central console. This is what IPAM allows you to do.
IPAM is a discovery, tracking, reporting, and auditing tool. The initial use for the tool is to do an inventory and discover the DHCP, DNS, and NPS servers in your environment. Once that is accomplished, you can view and organize IP addressing and address utilization into default or custom IP address blocks, address ranges, and individual addresses.
Once organized, you will use the tool to track and audit configuration changes, to track operational events, and to watch user DHCP leases and user logon events collected from Network Policy Server (NPS) and DHCP servers.
You also use it to monitor the availability of your DHCP and DNS servers.
You can use IPAM either in a distributed method (one IPAM server per site) or centralized (one IPAM server only). Here’s a diagram showing a distributed IPAM deployment:
In either case, after you’ve done your discovery of servers, and configuring them manually, or automatically using Group Policy Objects that can be generated for you, you can manage the servers the various roles they play in IP addressing.
Installation involves including the IPAM Server feature on a Windows Server 2012 server.
Once that’s installed you have the local management tool already available from the Server Manager. Optionally you can also install the IP Address Management (IPAM) Client, which is one of the Remote Server Administration Tools (RSAT) on another server or Windows 8 workstation to allow for remote management. You will notice that in either case you are also installing DHCP, DNS, and Group Policy management with the inclusion of IPAM management.
After the installation, you need to configure IPAM by provisioning the IPAM server, configure and launch server discovery, choose servers to manage, and finally retrieve data from the managed servers. These operations can be easily found from within Server Manager:
HINT: If you’re going to use Group Policy to configure your servers, make sure you remember to configure it using on the IPAM server using the PowerShell Invoke-IpamGpoProvisioning command, in an elevated (run as Administrator) PowerShell window.
Once configured and with managed servers answering and available for duty, you can define and manage IP Address Blocks and IP Address Ranges. You can discover and reserve (or reclaim) unused addresses. You can create and manage DNS entries. You can use custom fields to logically organize addresses by their purpose or department.. or however you want.
Wham! Bam! Thanks, IPAM!
I’m really just scratching the surface here. For more information, be sure to check out the IP Address Management (IPAM) Overview. And as a great first experience, I highly recommend installing and trying out IPAM in a test lab by working through the Step-by-Step: Configure IPAM to Manage Your IP Address Space.
Have I piqued your interest? Are you considering IPAM now, but have some additional questions or concerns? Let’s hear about them in the comments!