TPreston Posted March 4, 2013 Share Posted March 4, 2013 Has anyone else experienced this ? I added the IPAM feature to a new server provisioned it using the group policy option (it for some reason did not create the gpos even though I was logged in as domain\administrator so I ran the Invoke-IpamGpoProvisioning cmd and did a gpupdate /force on the dc and DHCP servers and even after a reboot and then refresh in the console the status is still coming up as access blocked. The firewall rules are being created on the destination servers. The only thing I could think of was the TMG server was blocking IPAM traffic but nothing is showing up as blocked in the logs. The DNS servers show up as eventlog access status blocked (dns) even though I can browse the dns eventlog remotely using the mmc snapin ? Link to comment Share on other sites More sharing options...
cluberti Posted March 4, 2013 Share Posted March 4, 2013 When you configure it in an environment without the TMG firewall, does it work? I've seen TMG cause issues like this before (numerous reasons) and logging everything based on IP address usually gives up the reasoning if it is TMG. If the rules are created in the firewall profile in use on each server, then it's usually not server-side. I have seen Cisco network access protection on networks cause issues here too, but those showed up in the Cisco logs and were obvious. Link to comment Share on other sites More sharing options...
TPreston Posted March 4, 2013 Author Share Posted March 4, 2013 I created a firewall rule to bypass all traffic and filtering with no luck Its my first time trying to deploy this and all the videos made it look easy not sure where im going wrong the jobs are definitely running when I start them on the ipam console but I cant get rid of the blocked status. Link to comment Share on other sites More sharing options...
TPreston Posted March 5, 2013 Author Share Posted March 5, 2013 Ok I found the solution, Nothing to do with firewall settings http://edwardvbs.wor...us-blocked-dns/ Just added the IPAM server to domain\builtin\Administrators in active directory users and computers. Same thing I needed to do to get SQL always on working. For DHCP I had to make a share http://technet.microsoft.com/en-us/library/jj878311.aspx#audit and add ipamug to dhcp users and admins local group on the dhcp server Link to comment Share on other sites More sharing options...
cluberti Posted March 5, 2013 Share Posted March 5, 2013 Interesting - I don't remember ever having to do that, but if it works, go with it :). Link to comment Share on other sites More sharing options...
Recommended Posts