sábado, 14 de abril de 2012 20:24
Today I wanted to try the IP Address Management feature in Windows Server 8 beta, but I could bring my domain-joined servers into the IPAM Server Inventory.
I tried to follow the steps in this Blogg to set up IPAM.
The only server I can see in my inventory is the DC but if I try to switch it to "managed" I get a strange "No operation operation for ... failed" error:
This happens after I already created the GPOs using Invoke-IpamGpoProvisioning and the DC's Group Policy Management Console shows the GPOs:
Any Ideas how I can add the servers to the inventory and/or how I can fix the GPO issue?
Todas as Respostas
sábado, 14 de abril de 2012 21:24
Nice to see that people actually read my blog :)
Check under the Application and Services Logs > Microsoft > Windows > IPAM and see if you find any other errors / event that might have occured.
Try running a gpupdate /force before you try to change the computers from unmanaged to managed. See if that helps, also double check that the settings in the GPOs are correct (with the right groups and computers )
But if you are having some trouble with the automatic provisioning using the GPO, try using the manual approach, http://webcache.googleusercontent.com/search?q=cache:4vqEcnDuiswJ:download.microsoft.com/download/F/6/9/F69BE7E8-3E99-4A4A-B189-8AFADABC6216/Understand%2520and%2520Troubleshoot%2520IP%2520Address%2520Management%2520(IPAM)%2520in%2520Windows%2520Server%25208%2520Beta.docx+&cd=1&hl=no&ct=clnk&gl=no
- Editado Marius Sandbu sábado, 14 de abril de 2012 21:44
sábado, 14 de abril de 2012 21:38
A gpupdate /force does not change anything.
I just realized that the machine I installed IPAM on is stuck in the "PUBLIC" network location and not in "DOMAIN" network location where it should be (from my point of view...). Maybe the more restrictive firewall settings are responsible for the non-working IPAM. I'll check that and post an update later.
BTW @m_sandbu thanks for the quick reply...
segunda-feira, 16 de abril de 2012 08:02Moderador
Thanks for posting here.
Is this IPAM server using DC(test215.conet.de) as Preferred DNS server? Is there any connectivity problem between them ?
Try to recheck the current settings with following the steps in the guide below and see if the IPAM server can obtain these policies form corresponding domain controller :
Test Lab Guide: Demonstrate IP Address Management (IPAM) in Windows Server "8" Beta
TechNet Community Support
quinta-feira, 19 de abril de 2012 22:33
Hi Tiger Li,
thanks for your hints!
Yes, there might have been a connectivity problem between the IPAM server and the DC. And yes, the DC is the preferred DNS.
I rechecked the settings with the steps in the Guide, and I got stuck at the following steps:
- In Group Policy Management Editor, expand Computer Configuration>Policies>Windows Settings>Security Settings>Windows Firewall with Advanced Security>Windows Firewall with Advanced Security – LDAP://…>Inbound Rules.
- Right-click Inbound Rules, and then click New Rule.
- In the New Inbound Rule Wizard, click Predefined, and select DHCP Server Management from the drop-down list. Click Next.
Well, there seems to be no predefined rule "DHCP Management":
Any idea how to fix that?
sexta-feira, 20 de abril de 2012 03:31Moderador
Thanks for posting here.
May I know if DHCP service has been installed on this domain controller host ?How did we build and configure this domain controller?
Actually we'd better do that with following the steps in “Test Lab Guide: Windows Server "8" Beta Base Configuration” guide which is also required in the beginning of this IPAM guide “Steps for Configuring the IPAM Test Lab” ?
I've tested this in lab and can get this predefined rule with no problem:
TechNet Community Support
terça-feira, 1 de maio de 2012 20:28
I am comming back to this thread once again to answer Tiger Li's remaining questions.
- In my lab configuration the DHCP Role was not installed on the DC. The DHCP Role was installed on another host. However, this host was also a Windows Server "8" beta machine within the lab domain.
- In the meantime I did rebuild the lab and installed the DHCP role on the DC VM as suggested in the test lab guide.
- First, I still got no access from the IPAM VM. However, after manually adding some rules to the GPOs it now works fine!
Thanks for your support!
sábado, 27 de outubro de 2012 17:48
I'd like to clarify a couple things.
After using the Invoke-IpamGpoProvisioning cmdlet, you do not need to configure any further settings in the IPAM GPOs. See this guide: http://technet.microsoft.com/en-us/library/hh831622.aspx.
If you view the DHCP GPO on a computer that isn't running DHCP, you won't see the firewall rule named "dhcp management," but it is there. Do not install DHCP on your DC just to get this rule added. You don't need to do this.
The problem that you had originally was apparently due to a connection issue between the IPAM server and the DC.