In this example, I will provision access for a second IPAM server to a managed domain controller. The domain controller is already managed by IPAM1
and we wish to also enable access by a new IPAM server, IPAM2. You can use the same procedure to enable access by the first IPAM server, or a third IPAM server, etc.
When we start, the server DC1 is in a blocked state when viewed in the server inventory on IPAM2.
I've already created the GPOs in the domain, and as you can see above, DC1 is marked as Managed, so why is it blocked?
(Creating GPOs was done by typing
Invoke-IpamGpoProvisioning –Domain contoso.com –GpoPrefixName IPAM2 –IpamServerFqdn ipam2.contoso.com –DelegatedGpoUser user1 at an elevated PS prompt using a Domain Admin account.)
On DC1, I can check to see if the GPO is applied yet...(by the way, you must do this from an
ELEVATED prompt or you won’t see computer settings).
Looks like both the IPAM2_DNS and IPAM2_DC_NPS GPOs are applied. If they are not applied, I can run
Let’s try running the
ServerDiscovery task and then refreshing the console view in IPAM.
That did the trick! DC1 is now unblocked.
Note that the
ServerDiscovery task automatically runs once per day. This is not very frequent, so you need to trigger it manually if you don’t want to wait.
See Verify Managed Server Access in the IPAM
Deployment Guide for more information.