Home » IPAM » IPAM getting most out of it

In my last post on IPAM, I discussed about deploying IPAM server, collecting data from pilot set of server through manual configuration and then going full-fledged with AD group policy at root level. This would give the required repository of IP address into IPMA. However, in a real world IPAM needs to have additional information like attributes in active directory, to be a real reference point. In this I would discuss more on this.

Below is how IPAM organizes the IP address and network space overall

A clear naming convention at each level would certainly helps to understand and utilize the information from IPAM more effectively. Say DHCP scope name, DHCP server allows up to 255 character and same can be used to accommodate a format say Country_City_location_Tower_floor_wing_project. A naming convention like this helps to use PowerShell scripting to derive required details for any requirement, simply by splitting the scope name on “_” and joining the fields in required manner. In addition to scope name, the description filed of the scope can be used to provide a short description of the scope that helps in managing DHCP server.

Additional details can be feed into IPAM in the form of custom fields. Some of them are simple like mapping each subnet with AD replication sites name, which I believe the product could have done automatically but for some reason left to be customized. Before getting into custom fields, it needs to be understood that values for them are predefined, to prevent multiple format of same data creating confusion. This is important as otherwise things like 1st floor can end up being entered as 1st floor, 1F, 1 F, floor one etc. by various engineers managing IPAM. So before entering the subnets or IP ranges in IPAM with corresponding AD replication site name into custom filed, we need to get all AD site names defined in IPAM as permissible values. Something that can be done with bellow one liner in PowerShell. Care needs to be taken to start the PowerShell with administrative privilege if running on IPAM server.

Once the IPAM ADsite customer filed is populated with possible values of AD sites in the environment, we can query each IPAM IPv4 subnets, query against AD to get the corresponding AD site and update back in IPAM. In case of no matches found, we can preserve the details into a file so that it can be investigated latter.

In most environment, DHCP is not used to assign IP address in server segment or servers like domain controller are assigned with static IP. Now let’s add them into IPAM IPaddress inventory through discovery

First made DC as a permissible value for custom filed Microsoft server Role

Now discover all domain controllers along with their IP address and site and populate into IPAM.

Add all domain controllers in the domain and add them to

 

Get-IpamCustomField would give the default custom fields that comes with IPAM as well as predefined values. Add-IpamCustomField can be used to define additional fields and Add-IpamCustomValue cmdlet as used to predefine AD sites above to populate the values for the custom field.

Output of IPAM could be consumed for many requirements. Fixing AD sites and subnet mapping to improve client login. Defining Lync / Skype for business deployment LIS as well as network sites and subnets with region definition. Location reports would present the number of calls between different location and issues if any that was encountered. Like packet drops or high jitter in audio call between two locations would help to check QOS or bandwidth related challenges that could help improving the user experience with the service. A script like this would help to derive required details from IPAM

 

 

One thought on “IPAM getting most out of it

  1. Jeevan Bisht says:

    Great Post !!

Leave a Reply

Your email address will not be published. Required fields are marked *

*
*