Sign in to follow this  
Followers 0
TPreston

IPAM Access Blocked in Server 2012 ?

5 posts in this topic

Has anyone else experienced this ? I added the IPAM feature to a new server provisioned it using the group policy option (it for some reason did not create the gpos even though I was logged in as domain\administrator so I ran the Invoke-IpamGpoProvisioning cmd and did a gpupdate /force on the dc and DHCP servers and even after a reboot and then refresh in the console the status is still coming up as access blocked. The firewall rules are being created on the destination servers.

The only thing I could think of was the TMG server was blocking IPAM traffic but nothing is showing up as blocked in the logs.

The DNS servers show up as eventlog access status blocked (dns)

even though I can browse the dns eventlog remotely using the mmc snapin ?

Share this post


Link to post
Share on other sites

When you configure it in an environment without the TMG firewall, does it work? I've seen TMG cause issues like this before (numerous reasons) and logging everything based on IP address usually gives up the reasoning if it is TMG. If the rules are created in the firewall profile in use on each server, then it's usually not server-side.

I have seen Cisco network access protection on networks cause issues here too, but those showed up in the Cisco logs and were obvious.

Share this post


Link to post
Share on other sites

I created a firewall rule to bypass all traffic and filtering with no luck Its my first time trying to deploy this and all the videos made it look easy not sure where im going wrong the jobs are definitely running when I start them on the ipam console but I cant get rid of the blocked status.

Share this post


Link to post
Share on other sites

Ok I found the solution, Nothing to do with firewall settings

http://edwardvbs.wor...us-blocked-dns/

Just added the IPAM server to domain\builtin\Administrators in active directory users and computers.

Same thing I needed to do to get SQL always on working.

For DHCP I had to make a share http://technet.microsoft.com/en-us/library/jj878311.aspx#audit and add ipamug to dhcp users and admins local group on the dhcp server

Share this post


Link to post
Share on other sites

Interesting - I don't remember ever having to do that, but if it works, go with it :).

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.