IPAM: Unblock a managed DHCP server

In this example, I will provision access for a second IPAM server to a managed DHCP server on the network. The DHCP server is already managed by IPAM1 and we wish to also enable access by a new IPAM server, IPAM2. You can use the same procedure to enable access by the first IPAM server, or a third one, etc.

When we start, the server DHCP1 is in a blocked state when viewed in the server inventory on IPAM2.

I've already created the GPOs in the domain, and as you can see above, the server DHCP1 is marked as Managed, so why is it blocked?

(Creating GPOs was done by typing Invoke-IpamGpoProvisioning –Domain contoso.com –GpoPrefixName IPAM2 –IpamServerFqdn ipam2.contoso.com –DelegatedGpoUser user1 at an elevated PS prompt using a Domain Admin account.)

On the DHCP server, I can check to see if the GPO is applied yet...(by the way, you must do this from an ELEVATED prompt or you won’t see computer settings).

Looks like the IPAM1_DHCP GPO is applied (the one for the first IPAM server) but not the IPAM2_GPO. So, we can either wait or we can run gpupdate. I decided to gpupdate /force, and after this now I see the GPO is applied.

Refreshing the view on IPAM2 still shows that DHCP1 is blocked. What’s wrong? Well, we need to run the ServerDiscovery task, which we do by right-clicking and choosing Refresh Server Access Status:

When this task finishes running, refresh the view again and you should see that the DHCP server is now unblocked.

Note: If the DHCP server does not achieve Unblocked status using the procedure above, it can be due to permission settings on the DHCP Server service. If the Details pane indicates that DHCP RPC Access Status is Blocked, you must restart the DHCP Server service. This will apply new security group membership settings. After restarting the DHCP server service, refresh server access status and refresh the console view again.

See Verify Managed Server Access in the IPAM Deployment Guide for more information.