IPAM in Windows Server 2012 R2 synced ja nur DHCP Scopes und dort die Reservierungen, wer sein IP Adressmanagement bisher quasi mit der DNS Konsole gemacht hat (=statische A Records) muss seine Daten irgendwie in IPAM bekommen und (sofern IPAM nicht die alleinige Quelle der Wahrheit wird was vermutlich so lange es DNS Konsole gibt niemals passieren wird) aktuell halten – MS bietet da aus mir unerfindlichen Gründen nichts an, für DHCP Leases (die mich wiederum nicht wirklich interessieren da ja sowieso dynamisch) gibt’s in irgendeiner Gallery Scripts für 2012 und 2012 R2 aber nix für DNS – also hab ich selbst was gebastelt (Vorsicht bei den Reverse Lookup Zonen gehe ich davon aus dass die Adressen nur aus dem 10.* Raum kommen und für jedes Class B Netz eine Reverse Lookup Zone existiert!):
$DNSServer="mydnsserver"
$Zones = Get-DnsServerZone -ComputerName $DNSServer | Where {$_.ZoneType -eq "Primary" -and $_.IsReverseLookupZone -eq $false}
ForEach ($Zone in $Zones)
{
Write-Host $Zone.ZoneName
# get records from DNS for current zone
$DNSIP = get-dnsserverresourcerecord -ComputerName $DNSServer -ZoneName $Zone.ZoneName | WHERE {$_.RecordType -eq "A" -and $_.HostName -notmatch "@|\._" -and $_.Timestamp -eq $null}
$DNSIPs = $DNSIP|select-object -expandproperty RecordData|select-object -expandproperty IPv4Address|select-object -expandproperty IPAddressToString|sort-object
# get addresses for this zone from IPAM and crosscheck with DNS records
$IPAMIPs = get-ipamaddress -managedbyservice IPAM -serviceinstance localhost -addressfamily ipv4 | ? { $_.ForwardLookupZone -eq $Zone.ZoneName -and $_.ForwardLookupPrimaryServer -eq $DNSServer }
$IPAMIPs=$IPAMIPs|select-object -expandproperty IPAddress|select-object -expandproperty IPAddressToString|sort-object
$IPAMRemove=@()
$IPAMIPs|% { if ($DNSIPs -notcontains $_) { $IPAMRemove = $IPAMRemove + $_ } }
foreach ($IP in $IPAMRemove)
{
$IPAMIP = Get-IpamAddress -ManagedByService IPAM -ServiceInstance localhost -IpAddress $IP
Write-Host " $($IPAMIP.DeviceName)/$($IPAMIP.Address) removed from DNS, deleting in IPAM too"
Remove-IpamAddress -ManagedByService IPAM -ServiceInstance localhost -IpAddress $IP -Force -ErrorAction SilentlyContinue
if ($error.Count > 0)
{
Write-Host " ==> ERROR ($($error[0].Exception.Message))"
}
else
{
Write-Host " ==> SUCCESS"
}
}
if ($DNSIP -eq $null -or $DNSIP.Count -eq 0)
{
Write-Host " nothing to import"
}
else
{
Write-Host " importing $($DNSIP.Count) records"
$DNSIP = $DNSIP | Select-Object @{Name="IPAddress";Expression={$_.RecordData.IPv4Address}},
@{Name="DeviceName";Expression={$_.HostName}},
@{Name="ForwardLookupZone";Expression={$Zone.ZoneName}},
@{Name="ForwardLookupPrimaryServer";Expression={ $DNSServer}},
@{Name="ReverseLookupZone";Expression={if ($_.RecordData.IPv4Address.IPAddressToString.StartsWith("10."))
{
$_.RecordData.IPv4Address.IPAddressToString.Split('.')[1]+"."+$_.RecordData.IPv4Address.IPAddressToString.Split('.')[0]+".in-addr.arpa"
}
else
{
""
}
}},
@{Name="ReverseLookupPrimaryServer";Expression={ if ($_.RecordData.IPv4Address.IPAddressToString.StartsWith("10.")) { $DNSServer } else { "" }}}
$DataFile="$([Environment]::ExpandEnvironmentVariables('%TEMP%'))\DNS_$($Zone.ZoneName).csv"
$DNSIP | Export-Csv -Path $DataFile -force -NoTypeInformation
$ImportStatus = Import-IPAMAddress -Path $DataFile -AddressFamily IPv4 -force -ErrorAction SilentlyContinue
if ($error.Count > 0)
{
Write-Host " ==> ERROR ($($error[0].Exception.Message))"
}
else
{
Write-Host " ==> SUCCESS ($($ImportStatus))"
}
}
}