Invoke-IpamServerProvisioning
Automates the provisioning of IPAM server.
Syntax
Invoke-IpamServerProvisioning
[-WidSchemaPath <String>]
[-ProvisioningMethod <ProvisioningMethod>]
[-GpoPrefix <String>]
[-Force]
[-CimSession <CimSession[]>]
[-ThrottleLimit <Int32>]
[-AsJob]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Invoke-IpamServerProvisioning
[-ProvisioningMethod <ProvisioningMethod>]
[-GpoPrefix <String>]
[-Force]
[-DatabaseServer] <String>
[-DatabaseName] <String>
[-DatabasePort] <UInt16>
[-DatabaseAuthType <AuthType>]
[-DatabaseCredential <PSCredential>]
[-UseExistingSchema]
[-CimSession <CimSession[]>]
[-ThrottleLimit <Int32>]
[-AsJob]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The Invoke-IpamServerProvisioning cmdlet installs and configures IP Address Management (IPAM) server components on the host on which you run the cmdlet. When you run the cmdlet locally on IPAM server or remotely from an RSAT, the cmdlet installs and configures IPAM components on the IPAM server to which the session is connected. As a part of installation, the cmdlet performs the following functions:
Configures the WCF and WSMan settings, such as Port and App Pool configuration.
Creates and connects to an IPAM database. The cmdlet attempts to create a database by using authentication credentials that the user specifies. An error occurs if the database that you specify does not exist or the chosen credentials do not include permissions to create a database.
Creates IPAM Tasks to get data for IPAM views.
Creates default user roles for access control. This includes RBAC roles in the database and any local security groups.
Configures a provisioning method.
By default, the cmdlet enables all available IPAM optional capabilities.
You can choose to manually or automatically provision access to managed servers. If you provisioned the managed servers by using group policy, make sure to create the corresponding GPOs in every managed domain by using the Invoke-IpamGpoProvisioning cmdlet.
Examples
Example 1: Provision an IPAM server
PS C:\> Invoke-IpamServerProvisioning
This cmdlet will provision IPAM on ipam1.contoso.com. As a part of provisioning, this cmdlet will provision IPAM to use Windows Internal database.
The cmdlet will create a new IPAM database at %WINDIR%\System32\IPAM\Database, create roles, and prepare IPAM for use.
Infrastructure servers managed by IPAM will have to be manually provisioned to provide access to IPAM. Read the product documentation for details.
Do you want to continue? Y
This command provisions an IPAM server with default settings. By default, IPAM server uses the Windows Internal Database. The database files are stored in the default location, %WINDIR%\System32\IPAM\Database. The managed servers are provisioned manually by default.
Example 2: Provision an IPAM server to use GPO-based provisioning
PS C:\> Invoke-IpamServerProvisioning -WidSchemaPath "D:\database" -ProvisioningMethod Automatic -GpoPrefix IPAM1
This cmdlet will provision IPAM on ipam1.contoso.com. As a part of provisioning, this cmdlet will provision IPAM to use Windows Internal database.
The cmdlet will create a new IPAM database at D:\database, create roles, and prepare IPAM for use.
IPAM will be configured to use Group Policy to provision the managed servers. Read the product documentation for details.
Do you want to continue?Y
This command provisions an IPAM server to use the Windows Internal Database and a GPO-based provisioning method for managed servers. The command stores the database files at a custom location.
Example 3: Provision an IPAM server to use Microsoft SQL Server
PS C:\> Invoke-IpamServerProvisioning -DatabaseServer "Db1.Contoso.com" -DatabaseName "Ipamdb" -DatabasePort 1433
This cmdlet will provision IPAM on ipam1.Contoso.com. As a part of provisioning, this cmdlet will provision IPAM to use Microsoft SQL Server on Db1.Contoso.com.
The cmdlet will create a new IPAM database, create roles, and prepare IPAM for use.
Infrastructure servers managed by IPAM will have to be manually provisioned to provide access to IPAM. Read the product documentation for details.
Do you want to continue?
This command provisions an IPAM server to use a Microsoft SQL Server database residing on a database server named Db1.Contoso.com. The example assumes the existence of a server named Db1.Contoso.com, configured with Microsoft SQL Server, an empty database instance named Ipamdb, and the IPAM computer has access permissions for that database instance.
Example 4: Provision an IPAM server to use a Microsoft SQL Server database provisioned by IPAM
PS C:\> $Credential = Get-Credential
PS C:\> Invoke-IpamServerProvisioning -DatabaseServer "Db1.Contoso.com" -DatabaseName "Ipamdb" -DatabasePort 1433 -ProvisioningMethod Automatic -GpoPrefix IPAM1 -DatabaseAuthType SQL -DatabaseCredential $Credential
This cmdlet will provision IPAM on ipam1.contoso.com. As a part of provisioning, this cmdlet will provision IPAM to use Microsoft SQL Server on db1.contoso.com.
The cmdlet will create a new IPAM database, create roles, and prepare IPAM for use.
IPAM will be configured to use Group Policy to provision the managed servers. Read the product documentation for details.
Do you want to continue?
The first command uses the Get-Credential cmdlet to get a credential, and stores the results in the $Credential variable.
The second command provisions an IPAM server to use a Microsoft SQL Server database that resides on a database server named Db1.Contoso.com. The example assumes the existence of a server named Db1.Contoso.com, configured with Microsoft SQL Server, a database instance will be created by IPAM during provisioning, and the IPAM computer has db_datawriter, db_datareader, db_ddladmin, view database state, alter permissions on the database.
Parameters
-AsJob
Runs the cmdlet as a background job. Use this parameter to run commands that take a long time to complete.
The cmdlet immediately returns an object that represents the job and then displays the command prompt.
You can continue to work in the session while the job completes.
To manage the job, use the *-Job
cmdlets.
To get the job results, use the Receive-Job cmdlet.
For more information about Windows PowerShell background jobs, see about_Jobs.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CimSession
Runs the cmdlet in a remote session or on a remote computer. Enter a computer name or a session object, such as the output of a New-CimSession or Get-CimSession cmdlet. The default is the current session on the local computer.
Type: | CimSession[] |
Aliases: | Session |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DatabaseAuthType
Specifies the type of authentication to use when connecting to the IPAM database. If you specify Windows as the authentication type, IPAM uses the server computer account to connect to the database. With SQL authentication, specify a username and password to connect to the database.
Type: | AuthType |
Accepted values: | Windows, SQL |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DatabaseCredential
Specifies credentials, as a PSCredential object, for the computer that runs SQL Server.
To obtain a PSCredential object, use the Get-Credential cmdlet.
For more information, type Get-Help Get-Credential
.
Type: | PSCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DatabaseName
Specifies the name of a SQL Server database. The IPAM server connects to this database.
Type: | String |
Position: | 2 |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-DatabasePort
Specifies the port that the IPAM server uses to connect to the database server.
Type: | UInt16 |
Position: | 3 |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-DatabaseServer
Specifies the fully qualified domain name (FQDN) or IP address of the database server.. You can provide an IPv4 or IPv6 address, or a fully qualified domain name (FQDN).
Type: | String |
Position: | 1 |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Force
Forces the command to run without asking for user confirmation.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-GpoPrefix
Specifies a unique Group Policy Object (GPO) prefix name that IPAM uses to create the group policy objects. Use this parameter only when the ProvisioningMethod parameter has the value Automatic.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ProvisioningMethod
Specifies manual or automatic, GPO-based provisioning. The acceptable values for this parameter are:Automatic and Manual. In the case of manual provisioning, you must manually configure the managed servers to provide requisite access to IPAM. In case of GPO-based, or automatic provisioning, you must create the GPOs in each of the managed domains through the Invoke-IpamGpoProvisioning cmdlet. If you do not specify a provisioning method, it is assumed to be manual.
Type: | ProvisioningMethod |
Accepted values: | Automatic, Manual |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ThrottleLimit
Specifies the maximum number of concurrent operations that can be established to run the cmdlet.
If this parameter is omitted or a value of 0
is entered, then Windows PowerShell® calculates an optimum throttle limit for the cmdlet based on the number of CIM cmdlets that are running on the computer.
The throttle limit applies only to the current cmdlet, not to the session or to the computer.
Type: | Int32 |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-UseExistingSchema
Indicates that the IPAM server uses an existing schema on the database server, instead of creating a schema. An error occurs if this flag is specified and a valid schema is not found on the server.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WidSchemaPath
Specifies the location on IPAM server where IPAM creates the Windows Internal Database (WID) schema. To use an existing schema, specify the path to the folder containing the schema files. If you do not specify a value for this parameter, IPAM tries to create the schema in the default path %SystemDrive%\Windows\System32\ipam\Database.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |