After you finish the initial IPAM setup procedure you are free to start using the feature and exploring what it can do for you. In this post I will try to give you an overview of some of the features IP Address Management provides.
IPAM does not have a console or managing it. It’s features can be accessed from the IPAM role tab in the Server Manager. When you open it, you will be in the Overview menu. This shows you some basic information about your IPAM deployment and also the state of the scheduled tasks. You cannot do any configuration from here.
Let’s move down one menu to the Server Inventory. You will be able to manage the status of your infrastructure from here. This means you can see all managed and unmanaged DHCP, DNS and DC servers, set a server to be managed or not, view the firewall access status for your managed servers, trigger the data retrieval tasks and more.
In the next part we start to see some interesting information. IP Address Space has 3 submenus from which you can obtain info about your IP address utilization by scopes, by network, see individual IP addresses and much more. Let’s first talk about 2 concepts that IPAM uses to show the address space: IP Address Blocks and IP Address Ranges.
IP Address Blocks are the biggest unit of classification for address space. Usually an address block corresponds to a network like for example 10.0.0.0/8. Blocks contain one or more IP Address Ranges. Blocks have to be created manually from the IPAM console.
IP Address Ranges represent smaller chunks of address space that make up an address block. A range might be a DHCP scope or just a chunk of addresses assigned statically. Ranges that correspond to DHCP scopes are created automatically after a data collection task finishes.
The IP address Blocks submenu actually shows more than address blocks. You can change what information is shown by using the Current View drop down menu and selecting one of the 4 choices: IP Address Ranges, IP Addresses, IP Address Blocks and IP Address Subnets.
Since blocks have to be created manually, let’s take a look at IP Address Ranges.
My test lab has 2 networks: 192.168.1.0/24 and 192.168.2.0/24 but only one DHCP scope for the first network. The scope can be seen in the above image. You cannot configure a range from here if it corresponds to a DHCP scope.
Note: IP address leases and reservations from DHCP are not imported in the IPAM database by default so you won’t see anything in the IP Addresses tab at first. To import this data from DHCP we will need to set up a custom scheduled task. I will go into this in a later post.
The other 2 tabs in the Address Space menu have the same info as the first one but different default views so let’s go down to Monitor and Manage. The 3 important sub menus from here are: DNS and DHCP Servers, DHCP Scopes and DNS Zones.
In DNS and DHCP Servers you will see all your managed servers grouped by the services. This means that if a server has both DNS and DHCP installed it will be present 2 times in this view. This is because you can manage each individual service from here. You can view the service status, configure server wide service properties, launch the specific MMC, create DHCP scopes/DNS zones, retrieve data from the server and much more.
In the DHCP Scopes menu you, of course, can manage and see all the scopes. There really are a lot of options here like editing a scope, duplicating it, configuring DHCP failover, adding reservations etc.
You can see details about each scope from the lower panels. Here is an example:
The DNS Zones menu is similar to the DHCP one: you can view and edit DNS zones. The default view is for forward lookup zones but using the menu on the lower left you can see also the reverse lookup zones.
The next menu is the Event Catalog. From here you will be able to see events related to IPAM configuration changes, DHCP configuration changes and the most interesting ones are the IP address tracking events. The latter shows you when an IP address was assigned. You can get this info by different criteria like host name, user name, IP address and client ID. Here is an example of getting IP tracking events for 192.168.2.20 from the 1st of December to the 2nd of December:
The last IPAM configuration menu is Access Control. This lets you view the predefined roles a user can have, create roles and grant users those roles. I will cover this part in a later post.