IPAM: Unblock a managed domain controller\DNS server

In this example, I will provision access for a second IPAM server to a managed domain controller. The domain controller is already managed by IPAM1 and we wish to also enable access by a new IPAM server, IPAM2. You can use the same procedure to enable access by the first IPAM server, or a third IPAM server, etc.

When we start, the server DC1 is in a blocked state when viewed in the server inventory on IPAM2.

 

I've already created the GPOs in the domain, and as you can see above, DC1 is marked as Managed, so why is it blocked?

(Creating GPOs was done by typing Invoke-IpamGpoProvisioning –Domain contoso.com –GpoPrefixName IPAM2 –IpamServerFqdn ipam2.contoso.com –DelegatedGpoUser user1 at an elevated PS prompt using a Domain Admin account.)

On DC1, I can check to see if the GPO is applied yet...(by the way, you must do this from an ELEVATED prompt or you won’t see computer settings).

Looks like both the IPAM2_DNS and IPAM2_DC_NPS GPOs are applied. If they are not applied, I can run gpupdate /force.

Let’s try running the ServerDiscovery task and then refreshing the console view in IPAM.

That did the trick! DC1 is now unblocked.

Note that the ServerDiscovery task automatically runs once per day. This is not very frequent, so you need to trigger it manually if you don’t want to wait.

See Verify Managed Server Access in the IPAM Deployment Guide for more information.