On the managed DHCP server, click Tools on the Server Manager menu and then click Computer Management. To configure the DHCP Users and Event Log Readers security groups Verify that the correct IPAM server is displayed under Name and then click OK. Under Enter the object names to select, type the name of the IPAM server and then click OK. Under Group scope, select Universal and under Group type select Security, and then click OK.ĭouble-click the IPAMUG group and then click the Members tab.Ĭlick Object Types, select the Computers checkbox, and then click OK. In the New Object – Group dialog box, under Group name, type IPAMUG. In the Active Directory Users and Computers console tree, right-click the Users container under the managed DHCP server’s domain, point to New, and then click Group. On a domain controller, click Tools on the Server Manager menu, and then click Active Directory Users and Computers. It is necessary to restart the DHCP service after changing security group memberships in order for these changes to become active.Īfter performing these procedures, refresh the server access status for the managed DHCP server in the server inventory view on the IPAM server. The IPAM server must also be a member of the local DHCP Users and Event Log Readers security groups. To access configuration data and server event logs, the IPAM server must be a member of the domain IPAM Users Group (IPAMUG). In Rule Type, select Predefined, choose Remote Service Management from the list, and then click Next.Ĭlose the Windows Firewall with Advanced Security console. In Rule Type, select Predefined, choose Remote Event Log Management from the list, and then click Next. In Rule Type, select Predefined, choose File and Printer Sharing from the list, and then click Next. In Predefined Rules, under Rules, select the checkboxes next to the following rules:Ĭlick Next, choose Allow the connection, and then click Finish. In Rule Type, select Predefined, choose DHCP Server Management from the list, and then click Next. Right-click Inbound Rules, and then click New Rule. On the Server Manager menu, click Tools and then click Windows Firewall with Advanced Security. To configure Windows Firewall on a managed DHCP server All of the following procedures are performed on the managed DHCP server. If the managed DHCP server becomes unmanaged, delete these inbound firewall rules. Use the following procedure to enable access by the IPAM server to inbound firewall ports on a managed DHCP server. Use the following procedures to configure IPAM access settings on a managed DHCP server:Ĭonfigure Windows Firewall on a managed DHCP serverĬonfigure security groups on a managed DHCP serverĬonfigure a DHCP audit share on a managed DHCP serverĪ summary of required settings is provided in the table below. Manually configure managed DHCP server access settings Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups ( ). Membership in the Domain Admins group, or equivalent, is the minimum required to complete this procedure. Steps to configure these access settings are provided in this topic.įor more information about choosing an IPAM provisioning method, see Choosing a provisioning method. Instead, access settings on each managed server are configured manually by an administrator. Manual configuration of individual settings: GPOs are not used with this method. When you have created these GPOS, configure security filtering by performing the steps in Configuring IPAM GPO security filtering. To use this method, first perform the steps in Create IPAM Provisioning GPOs. Application of GPOs is done manually by adding managed servers to GPO security filtering. Manual application of IPAM GPOs: With this method, IPAM GPOs are created but are not automatically applied to managed servers. Two general methods for configuring these settings are available: If you have chosen the manual provisioning method, you must configure access permissions and settings individually on managed servers. Applies To: Windows Server 2012 R2, Windows Server 2012Ĭhecklist: Deploy IPAM Server > Install IPAM Server > Choose an IPAM Provisioning Method > Configure Server Discovery > Discover Servers on the Network | Manually Add a Server to Server Inventory > Create IPAM Provisioning GPOs | Manually Configure DHCP Access Settings
0 Comments
Leave a Reply. |