Invoke-IpamServerProvisioning

Invoke-IpamServerProvisioning

Automates the provisioning of IPAM server.

構文

Parameter Set: WID
Invoke-IpamServerProvisioning [-AsJob] [-CimSession <CimSession[]> ] [-Force] [-GpoPrefix <String> ] [-ProvisioningMethod <ProvisioningMethod> ] [-ThrottleLimit <Int32> ] [-WidSchemaPath <String> ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: ExternalDatabase
Invoke-IpamServerProvisioning [-DatabaseServer] <String> [-DatabaseName] <String> [-DatabasePort] <UInt16> [-AsJob] [-CimSession <CimSession[]> ] [-DatabaseAuthType <AuthType> ] [-DatabaseCredential <PSCredential> ] [-Force] [-GpoPrefix <String> ] [-ProvisioningMethod <ProvisioningMethod> ] [-ThrottleLimit <Int32> ] [-UseExistingSchema] [-Confirm] [-WhatIf] [ <CommonParameters>]

詳細説明

The Invoke-IpamServerProvisioning cmdlet installs and configures IP Address Management (IPAM) server components on the host on which you run the cmdlet. When you run the cmdlet locally on IPAM server or remotely from an RSAT, the cmdlet installs and configures IPAM components on the IPAM server to which the session is connected. As a part of installation, the cmdlet performs the following functions:

1. Configures the WCF and WSMan settings, such as Port and App Pool configuration.

2. Creates and connects to an IPAM database. The cmdlet attempts to create a database by using authentication credentials that the user specifies. An error occurs if the database that you specify does not exist or the chosen credentials do not include permissions to create a database.

3. Creates IPAM Tasks to get data for IPAM views.

4. Creates default user roles for access control. This includes RBAC roles in the database and any local security groups.

5. Configures a provisioning method.

6. By default, the cmdlet enables all available IPAM optional capabilities.

You can choose to manually or automatically provision access to managed servers. If you provisioned the managed servers by using group policy, make sure to create the corresponding GPOs in every managed domain by using the Invoke-IpamGpoProvisioning cmdlet.

パラメーター

-AsJob

-CimSession<CimSession[]>

リモート セッションまたはリモート コンピューターでコマンドレットを実行します。New-CimSession コマンドレットや Get-CimSession コマンドレットの出力など、コンピューター名またはセッション オブジェクトを入力します。既定値は、ローカル コンピューターで実行中の現在のセッションです。

-DatabaseAuthType<AuthType>

Specifies the type of authentication to use when connecting to the IPAM database. If you specify Windows as the authentication type, IPAM uses the server machine account to connect to the database. With SQL authentication, specify a username and password to connect to the database.

-DatabaseCredential<PSCredential>

Specifies credentials, as a PSCredential object, for the computer that runs SQL Server. To obtain a PSCredential object, use the Get-Credential cmdlet. For more information, type Get-Help Get-Credential.

-DatabaseName<String>

Specifies the name of a SQL Server database. The IPAM server connects to this database.

-DatabasePort<UInt16>

Specifies the port that the IPAM server uses to connect to the database server.

-DatabaseServer<String>

Specifies the fully qualified domain name (FQDN) or IP address of the database server.. You can provide an IPv4 or IPv6 address, or a fully qualified domain name (FQDN).

-Force

ユーザーの確認を求めずにコマンドを強制的に実行します。

-GpoPrefix<String>

Specifies a unique Group Policy Object (GPO) prefix name that IPAM uses to create the group policy objects. Use this parameter only when the ProvisioningMethod parameter has the value Automatic.

-ProvisioningMethod<ProvisioningMethod>

Specifies manual or automatic, GPO-based provisioning. このパラメーターに対して使用できる値:Automatic and Manual. In the case of manual provisioning, you must manually configure the managed servers to provide requisite access to IPAM. In case of GPO-based, or automatic provisioning, you must create the GPOs in each of the managed domains by using the Invoke-IpamGpoProvisioning cmdlet. If you do not specify a provisioning method, it is assumed to be manual.

-ThrottleLimit<Int32>

このコマンドレットを実行するために確立できる最大同時操作数を指定します。このパラメーターを省略するか、値として 0 を入力した場合、Windows PowerShell® では、コンピューターで実行している CIM コマンドレットの数に基づいて、コマンドレットに対する最適なスロットル制限を計算します。スロットル制限は現在のコマンドレットのみに適用され、セッションまたはコンピューターには適用されません。

-UseExistingSchema

Indicates that the IPAM server uses an existing schema on the database server, instead of creating a schema. An error occurs if this flag is specified and a valid schema is not found on the server.

-WidSchemaPath<String>

Specifies the location on IPAM server where IPAM creates the Windows Internal Database (WID) schema. To use an existing schema, specify the path to the folder containing the schema files. If you do not specify a value for this parameter, IPAM tries to create the schema in the default path %SystemDrive%\Windows\System32\ipam\Database.

-Confirm

コマンドレットを実行する前に、ユーザーに確認を求めます。

-WhatIf

コマンドレットを実行するとどのような結果になるかを表示します。コマンドレットは実行されません。

<CommonParameters>

このコマンドレットは次の共通パラメーターをサポートします。-Verbose、-Debug、-ErrorAction、-ErrorVariable、-OutBuffer、-OutVariable.詳細については、以下を参照してください。 about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216)。

入力

入力型は、コマンドレットにパイプできるオブジェクトの型です。

出力

出力型は、コマンドレットによって生成されるオブジェクトの型です。

例

Example 1: Provision an IPAM server

This command provisions an IPAM server with default settings. By default, IPAM server uses the Windows Internal Database. The database files are stored in the default location, %WINDIR%\System32\IPAM\Database. The managed servers are provisioned manually by default.

PS C:\> Invoke-IpamServerProvisioning

Example 2: Provision an IPAM server to use GPO-based provisioning

This command provisions an IPAM server to use the Windows Internal Database and a GPO-based provisioning method for managed servers. The command stores the database files at a custom location.

PS C:\> Invoke-IpamServerProvisioning -WidSchemaPath "D:\database" -ProvisioningMethod Automatic -GpoPrefix IPAM1

Example 3: Provision an IPAM server to use Microsoft SQL Server

This command provisions an IPAM server to use a Microsoft SQL Server database residing on a database server named Db1.Contoso.com. The example assumes the existence of a server named Db1.Contoso.com, configured with Microsoft SQL Server, an empty database instance named Ipamdb, and the IPAM machine has access permissions for that database instance.

PS C:\> Invoke-IpamServerProvisioning -DatabaseServer "Db1.Contoso.com" -DatabaseName "Ipamdb" -DatabasePort 1433

Example 4: Provision an IPAM server to use a Microsoft SQL Server database provisioned by IPAM

The first command uses the Get-Credential cmdlet to get a credential, and stores the results in the $Credential variable.

The last command provisions an IPAM server to use a Microsoft SQL Server database that resides on a database server named Db1.Contoso.com. The example assumes the existence of a server named Db1.Contoso.com, configured with Microsoft SQL Server, a database instance will be created by IPAM during provisioning, and the IPAM machine has db_datawriter, db_datareader, db_ddladmin, view database state, alter permissions on the database.

PS C:\> $Credential = Get-CredentialPS C:\>Invoke-IpamServerProvisioning -DatabaseServer "Db1.Contoso.com" -DatabaseName "Ipamdb" -DatabasePort 1433 -ProvisioningMethod Automatic -GpoPrefix IPAM1 -DatabaseAuthType SQL -DatabaseCredential $Credential