IPAM management roles and configuration

There is so much to IPAM that I need to cover for my self. In this post im looking at administrative roles and configurations. There are two questions that I’m looking and I think I’ll start with the easier of the two.

This question specifically looks at all the roles and features of ASM admin however there are also a few more potentially assigned roles along with a way to set an access scope (as previously discussed) by setting an IP range. I’m starting to kind of understand the concept but I would like to take a closer look at this as this granular scope of definition question was not quickly answerable to me. It’s quite possible I’ve covered this in a previous post but its not quickly memorable to me so I’m going to go over the entire thing again for my own sake.

IPAM roles

This is the most helpful thing I’ve found so far. This was not on the 2012 test, that I recall but MesureUp keeps going over this and so far hasn’t even mentioned Sysvol replication or that GP exists, really.

Address Space Management

Key features of ASM include the following:

Integrated management of dynamic and static IP address space

Detection and management of conflicts, overlaps, and duplicates in address space across systems

Highly customizable inventory view of IP address space

Centralized monitoring and reporting of address utilization statistics and trends

Support for IPv4 and stateless IPv6 address utilization monitoring

Automated discovery of IP address ranges from DHCP scopes

Export and import of IP addresses and IP address ranges with Windows PowerShell support

IP address usage alerts and notifications with custom thresholds

Detection and assignment of available IP addresses

Multi-Server Management and Monitoring
• Key features of MSM include the following:
• Discovery of Microsoft DHCP and DNS servers automatically across an Active Directory forest
• Manual addition or removal of managed servers
• End-to end configuration and management of DHCP servers and scopes
• Support for advanced constructs to enable add, delete, overwrite, or find and replace operations on multiple DHCP scopes and servers
• Simultaneous update of common settings across multiple DHCP scopes or DHCP servers
• Availability monitoring for DHCP and DNS services and DNS zones
• Management of Microsoft DHCP and DNS servers running Windows 2008 or later operating systems
• Addition of custom information to servers enabling visualization using logical groups based on business logic
• Monitoring of DHCP scope utilization
• Automatic and on-demand retrieval of server data from managed DHCP and DNS servers
• DNS zone status monitoring based on DNS zone events
• Classify discovered servers and roles as managed or unmanaged

Network Audit
• Key features of network audit include the following:
• Query the event catalog for DHCP configuration changes across multiple servers from a single console
• Track users, devices, and IP addresses for specified intervals with advanced queries using DHCP lease logs and logon events from domain controllers and network policy servers
• Track and report changes made to the IPAM server
• Export audit findings and create reports
• Quickly resolve configuration problems and track service level agreements

I suppose there isn’t really much else to discuss about this. It’s memorization of what each can do. Lets move on to the next one, shall we. Not feeling super sassy tonight to be honest so you may find this one less colorful than usual. I went to bed early and I guess took a nap and woke up fairly late at night and decided to spend some time with this ol’ thing.

This one is a little trickier than the pervious question. There are two Micosoft links however the layout isn’t quickly helpful for pointing at a bulleted list concerning the specifics of this question. I’m currently trying to watch a silent film in the back ground with a truly insane soundtrack so forgive me if my ‘comments from the peanut gallery’ are not quite as up to par as usual on this one.

IP Address Management (IPAM) Overview

This one is alot of hooplah about about what it could do without telling you. It’s like ‘Billy Maze here! You’ve heard of DNS well now theres IPAM and we do all the work for you! Look a graph! But wait there’s more!’ Honestly, not completely roasting it as there is some useful information here, mostly under the header of ‘IPAM deployment options’ also with a helpful flow chart. I give the town names Hyderabad and Bangalore for very clear normal places that people would have remote offices (hoping they are using slow link detection on this amazing global escalator). This thing is like a real syphonmy.

Ok, so the IPAM specifications might be really helpful but its still not detailed enough to really answer this question.

Multiple Active Directory forest support in IPAM

This one is actually specific as to discussing its possible to use IPAM over a two way forest trust in different forests but its not super clear on the specifics. I suppose having one server to manage multiple forests is helpful. The only tricky part of the question is that ever so important ‘,’ between ‘domain controllers DHCP servers, and DNS servers’ as the material specifies that DHCP servers and DNS servers will be accounted for but given the, at times, questionable language involving specifics I could see them wording DCs running DHCP as one thing, which would be discoverable by default.

This took entirely too long to write but I think I’m sort of starting to understand this. However there is one last thing thats worth reading:

Configure IPAM VMM Integration

Seems fairly straight forward, as per the documentation, don’t forget to create a user account for VMM though. However, in the real world, who knows if it works that eaisy. It quite possibly does but you never can tell.