SovLabs Support

Submit a Ticket My Tickets
Welcome
Login

Setting up RSAT tools for remote management of Microsoft IPAM, DNS and AD using VMware tools


Overview


If you're configuring the SovLabs Microsoft IPAM, DNS or AD modules, you'll need to configure the connection point and connection method for the modules to use for managing the DNS, IPAM and AD records.

Setting up communication between vRO and a Domain Controller for management of IPAM, DNS and AD can be done 2 ways:

  1. Direct communication with the Domain Controllers via WinRM
  2. Remote management of DNS, IPAM or AD via a Windows "Jumpbox" with RSAT (Remote Server Administration Tools).
    1.    This option can connect to the Windows jumpbox using a VMWare tools connection (recommended) or WinRM. 


We recommend the 2nd option for a couple of reasons:

  1. Most organizations have Domain Controller access fairly locked down and it may not be desirable to configure WinRM and powershell access directly on them.
  2. GPOs can interfere with these permissions and cause issues with connectivity and authentication via WinRM that can be difficult to diagnose. We recommend the VMWare Tools connection option over the WinRM option for the same reason.  


If you decide to use the Windows Jumpbox with RSAT option to enable SovLabs Microsoft modules to manage IPAM, DNS and AD records, these are the step-by-step instructions for configuring RSAT tools on that Jumpbox.


Considerations

  • A VMware VM, with Windows Server 2012 or later.  Preferably it should be in the same network zone as your vRA/vRO appliances (no firewalls in between them).
  • The VMware Tools connection requires a SovLabs-specific vCenter endpoint (you add this from the Catalog in vRA)
  • You need the following information about your vCenter:
    • A service account that has administrative privileges on vCenter
    • Know your vCenter version (6.0, 6.5…)
    • is Platform Service Controller (PSC) external or internal to vCenter? If external, you'll need the FQDN of your PSC.
    • Consult with your vCenter admin if any of this information is unknown.
  • A windows service account that has all the appropriate permissions to manage AD, DNS and IPAM records

Procedure

Installing RSAT components for AD and DNS Management

  1. On your server, in your server manager dash board, click on Manage → Add Roles and Features
  2. Click on Next

  3. Click on Next

  4. Click on Next


  5. Click on Next


  6. Scroll down until you see Remote Server Administrator Tools

  7. Click the little arrow next to this hen drop down next to Role Administration Tools

  8. Depending on what you will use this jumpbox for. You can place a check next to "AD DS and AD LDS Tools" and/or DNS Server Tools

  9. You can opt to have the server restarted as required.  I have left this unchecked, click on install

  10. Click on Close


  11. Once the installation completes, you can click the flag and confirm this


  12. If you click on Tools, you will now see a set of Active Directory modules and the DNS module.  



Installing the IPAM Client

NOTE:
 Depending on the server version you are installing on.  When you install the RSAT tools it may automatically install the IPAM client.  Follow the steps below to install the IPAM client.  If it is installed you can continue by adding the IPAM Server to the server list.

  1. On your server, in your server manager dash board, click on Manage → Add Roles and Features
  2. Click on Next


  3. Click on Next

  4. Click on Next


  5. Click on Next


  6. Scroll down until you see Remote Server Administrator Tools and expand Feature Administration and place a check next to IP Address Management (IPAM) Client then click next

  7. You can opt to have the server restarted as required.  I have left this unchecked, click on install

  8. Click on Close


  9. Once the installation completes, you can click the flag and confirm this


  10. Once installed, to manage IPAM remotely from the server, you must add the IPAM server to your server pool.  In server manager, in all servers, right click and select Add Servers


  11. In the pop up, enter the IPAM Server name and select Find Now

  12. Highlight the server name, click on the arrow in the center to add it to the list. Then click on OK

  13. Now you will see a second server in the list of servers.

  14. You will also see on the left side that IPAM is now available for management



Additional information

Microsoft RSAT 2012 R2 : https://www.microsoft.com/en-us/download/confirmation.aspx?id=39296
Microsoft RSAT tools information : https://docs.microsoft.com/en-us/windows-server/remote/remote-server-administration-tools
Install IPAM Client : https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj878334(v%3Dws.11)

 


Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.