Invoke-IpamServerProvisioning

Invoke-IpamServerProvisioning

Automates the provisioning of IPAM server.

구문

Parameter Set: WID
Invoke-IpamServerProvisioning [-AsJob] [-CimSession <CimSession[]> ] [-Force] [-GpoPrefix <String> ] [-ProvisioningMethod <ProvisioningMethod> ] [-ThrottleLimit <Int32> ] [-WidSchemaPath <String> ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: ExternalDatabase
Invoke-IpamServerProvisioning [-DatabaseServer] <String> [-DatabaseName] <String> [-DatabasePort] <UInt16> [-AsJob] [-CimSession <CimSession[]> ] [-DatabaseAuthType <AuthType> ] [-DatabaseCredential <PSCredential> ] [-Force] [-GpoPrefix <String> ] [-ProvisioningMethod <ProvisioningMethod> ] [-ThrottleLimit <Int32> ] [-UseExistingSchema] [-Confirm] [-WhatIf] [ <CommonParameters>]

자세한 설명

The Invoke-IpamServerProvisioning cmdlet installs and configures IP Address Management (IPAM) server components on the host on which you run the cmdlet. When you run the cmdlet locally on IPAM server or remotely from an RSAT, the cmdlet installs and configures IPAM components on the IPAM server to which the session is connected. As a part of installation, the cmdlet performs the following functions:

1. Configures the WCF and WSMan settings, such as Port and App Pool configuration.

2. Creates and connects to an IPAM database. The cmdlet attempts to create a database by using authentication credentials that the user specifies. An error occurs if the database that you specify does not exist or the chosen credentials do not include permissions to create a database.

3. Creates IPAM Tasks to get data for IPAM views.

4. Creates default user roles for access control. This includes RBAC roles in the database and any local security groups.

5. Configures a provisioning method.

6. By default, the cmdlet enables all available IPAM optional capabilities.

You can choose to manually or automatically provision access to managed servers. If you provisioned the managed servers by using group policy, make sure to create the corresponding GPOs in every managed domain by using the Invoke-IpamGpoProvisioning cmdlet.

매개 변수

-AsJob

-CimSession<CimSession[]>

원격 세션에서 또는 원격 컴퓨터에서 cmdlet을 실행합니다. New-CimSession 또는 Get-CimSession cmdlet의 출력과 같은 컴퓨터 이름이나 세션 개체를 입력합니다. 기본값은 로컬 컴퓨터의 현재 세션입니다.

-DatabaseAuthType<AuthType>

Specifies the type of authentication to use when connecting to the IPAM database. If you specify Windows as the authentication type, IPAM uses the server machine account to connect to the database. With SQL authentication, specify a username and password to connect to the database.

-DatabaseCredential<PSCredential>

Specifies credentials, as a PSCredential object, for the computer that runs SQL Server. To obtain a PSCredential object, use the Get-Credential cmdlet. For more information, type Get-Help Get-Credential.

-DatabaseName<String>

Specifies the name of a SQL Server database. The IPAM server connects to this database.

-DatabasePort<UInt16>

Specifies the port that the IPAM server uses to connect to the database server.

-DatabaseServer<String>

Specifies the fully qualified domain name (FQDN) or IP address of the database server.. You can provide an IPv4 or IPv6 address, or a fully qualified domain name (FQDN).

-Force

사용자 확인을 요구하지 않고 명령을 실행합니다.

-GpoPrefix<String>

Specifies a unique Group Policy Object (GPO) prefix name that IPAM uses to create the group policy objects. Use this parameter only when the ProvisioningMethod parameter has the value Automatic.

-ProvisioningMethod<ProvisioningMethod>

Specifies manual or automatic, GPO-based provisioning. 이 매개 변수에 허용되는 값은 다음과 같습니다.Automatic and Manual. In the case of manual provisioning, you must manually configure the managed servers to provide requisite access to IPAM. In case of GPO-based, or automatic provisioning, you must create the GPOs in each of the managed domains by using the Invoke-IpamGpoProvisioning cmdlet. If you do not specify a provisioning method, it is assumed to be manual.

-ThrottleLimit<Int32>

이 cmdlet을 실행하도록 설정할 수 있는 최대 동시 작업 수를 지정합니다. 이 매개 변수가 생략되거나 값 0이 입력되면 Windows PowerShell®은 컴퓨터에서 실행 중인 CIM cmdlet의 수에 따라 cmdlet에 대한 최적의 제한 한도를 계산합니다. 제한 한도는 현재 cmdlet에만 적용되며 세션이나 컴퓨터에는 적용되지 않습니다.

-UseExistingSchema

Indicates that the IPAM server uses an existing schema on the database server, instead of creating a schema. An error occurs if this flag is specified and a valid schema is not found on the server.

-WidSchemaPath<String>

Specifies the location on IPAM server where IPAM creates the Windows Internal Database (WID) schema. To use an existing schema, specify the path to the folder containing the schema files. If you do not specify a value for this parameter, IPAM tries to create the schema in the default path %SystemDrive%\Windows\System32\ipam\Database.

-Confirm

cmdlet을 실행하기 전에 확인 메시지가 표시됩니다.

-WhatIf

cmdlet이 실행될 경우 결과 동작을 표시합니다. cmdlet이 실행되지 않습니다.

<CommonParameters>

이 cmdlet은 일반 매개 변수 -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer 및 -OutVariable을 지원합니다. 자세한 내용은 다음을 참조하세요. about_CommonParameters(https://go.microsoft.com/fwlink/p/?LinkID=113216).

입력

입력 유형은 cmdlet에 파이프할 수 있는 개체의 유형입니다.

출력

출력 유형은 cmdlet이 내보내는 개체의 유형입니다.

예제

Example 1: Provision an IPAM server

This command provisions an IPAM server with default settings. By default, IPAM server uses the Windows Internal Database. The database files are stored in the default location, %WINDIR%\System32\IPAM\Database. The managed servers are provisioned manually by default.

PS C:\> Invoke-IpamServerProvisioning

Example 2: Provision an IPAM server to use GPO-based provisioning

This command provisions an IPAM server to use the Windows Internal Database and a GPO-based provisioning method for managed servers. The command stores the database files at a custom location.

PS C:\> Invoke-IpamServerProvisioning -WidSchemaPath "D:\database" -ProvisioningMethod Automatic -GpoPrefix IPAM1

Example 3: Provision an IPAM server to use Microsoft SQL Server

This command provisions an IPAM server to use a Microsoft SQL Server database residing on a database server named Db1.Contoso.com. The example assumes the existence of a server named Db1.Contoso.com, configured with Microsoft SQL Server, an empty database instance named Ipamdb, and the IPAM machine has access permissions for that database instance.

PS C:\> Invoke-IpamServerProvisioning -DatabaseServer "Db1.Contoso.com" -DatabaseName "Ipamdb" -DatabasePort 1433

Example 4: Provision an IPAM server to use a Microsoft SQL Server database provisioned by IPAM

The first command uses the Get-Credential cmdlet to get a credential, and stores the results in the $Credential variable.

The last command provisions an IPAM server to use a Microsoft SQL Server database that resides on a database server named Db1.Contoso.com. The example assumes the existence of a server named Db1.Contoso.com, configured with Microsoft SQL Server, a database instance will be created by IPAM during provisioning, and the IPAM machine has db_datawriter, db_datareader, db_ddladmin, view database state, alter permissions on the database.

PS C:\> $Credential = Get-CredentialPS C:\>Invoke-IpamServerProvisioning -DatabaseServer "Db1.Contoso.com" -DatabaseName "Ipamdb" -DatabasePort 1433 -ProvisioningMethod Automatic -GpoPrefix IPAM1 -DatabaseAuthType SQL -DatabaseCredential $Credential