IPAM 中的新功能What's New in IPAM

適用於:Windows Server(以每年次管道)、Windows Server 2016Applies To: Windows Server (Semi-Annual Channel), Windows Server 2016

本主題描述新增或變更 Windows Server 2016 中的 IP 位址管理 (IPAM) 功能。This topic describes the IP Address Management (IPAM) functionality that is new or changed in Windows Server 2016.

IPAM 提供企業版或雲端服務提供者 (CSP) 的網路的 IP 位址和 DNS 基礎結構高度自訂管理及監視功能。IPAM provides highly customizable administrative and monitoring capabilities for the IP address and DNS infrastructure on an Enterprise or Cloud Service Provider (CSP) network. 您可以監視、 稽核,及管理執行動態主機設定通訊協定 」 (DHCP) 和網域名稱系統 」 (DNS) 使用 IPAM 伺服器。You can monitor, audit, and manage servers running Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) by using IPAM.

更新 IPAM 伺服器Updates in IPAM Server

以下是在 Windows Server 2016 IPAM 新的和已改進功能。Following are the new and improved features for IPAM in Windows Server 2016.

功能日功能Feature/Functionality 新的或改進New or improved 描述Description
美化的 IP 位址管理Enhanced IP address management 已改進Improved IPAM 功能的改良處理 IPv4/32 和 IPv6 /128 子網路和 IP 位址封鎖中尋找免費 IP 位址子網路和範圍案例。IPAM capabilities are improved for scenarios such as handling IPv4 /32 and IPv6 /128 subnets and finding free IP address subnets and ranges in an IP address block.
美化的 DNS 服務管理Enhanced DNS service management New IPAM 支援 DNS 資源記錄、 條件轉寄,以及 DNS 區域管理這兩個加入網域的 Active Directory 整合和檔案備份 DNS 伺服器。IPAM supports DNS resource record, conditional forwarder, and DNS zone management for both domain-joined Active Directory-integrated and file-backed DNS servers.
整合 DNS、 DHCP 及 IP 位址管理 (DDI)Integrated DNS, DHCP, and IP address (DDI) management 已改進Improved 幾個新體驗與整合式開發週期管理支援作業,例如視覺化所有 DNS 資源記錄屬於 IP 位址,自動清單的基礎 DNS 資源記錄及 IP 位址週期管理 DNS] 和 [DHCP 作業的 IP 位址。Several new experiences and integrated lifecycle management operations are enabled, such as visualizing all DNS resource records that pertain to an IP address, automated inventory of IP addresses based on DNS resource records, and IP address lifecycle management for both DNS and DHCP operations.
多個 Active Directory 樹系支援Multiple Active Directory Forest support New 您可以使用 IPAM 雙向信任關係樹系安裝 IPAM,與每個遠端森林之間時管理多個 Active Directory 樹系的 DNS 及 DHCP 伺服器。You can use IPAM to manage the DNS and DHCP servers of multiple Active Directory forests when there is a two-way trust relationship between the forest where IPAM is installed and each of the remote forests.
清除資料使用量Purge Utilization Data New 您現在可以減少 IPAM 資料庫大小清除指定日期,比舊的 IP 位址使用量資料。You can now reduce the IPAM database size by purging the IP address utilization data that is older than a date that you specify.
Windows PowerShell 角色根據存取控制支援Windows PowerShell support for Role Based Access Control New 您可以使用 Windows PowerShell 來設定 IPAM 物件存取範圍。You can use Windows PowerShell to set access scopes on IPAM objects.

美化的 IP 位址管理Enhanced IP address management

下列功能改善 IPAM 位址管理功能。The following features improve the IPAM address management capabilities.


針對 IPAM Windows PowerShell 命令參考資料,請查看Windows PowerShell 中的 IP 位址管理 (IPAM) 伺服器 CmdletFor the IPAM Windows PowerShell command reference, see IP Address Management (IPAM) Server Cmdlets in Windows PowerShell.

支援 /31、 / 32,以及 /128 子網路Support for /31, /32, and /128 subnets

Windows Server 2016 現在支援 /31、 / 32,以及 /128 子網路中 IPAM。IPAM in Windows Server 2016 now supports /31, /32, and /128 subnets. 例如,有兩個位址子網路 (月 31 IPv4) 可能需要點對點連結之間切換。For example, a two address subnet (/31 IPv4) may be required for a point-to-point link between switches. 此外,部分參數可能需要單一回送地址 (/ 32 ipv4,/128 ipv6)。Also, some switches may require single loopback addresses (/32 for IPv4, /128 for IPv6).

尋找與尋找-IpamFreeSubnet 免費子網路Find free subnets with Find-IpamFreeSubnet

這個命令傳回子網路所使用的配置,指定 IP 封鎖、 首碼長度] 和要求子網路中的數字。This command returns subnets that are available for allocation, given an IP block, prefix length, and number of requested subnets.

如果提供子網路的數目要求子網路,提供子網路的傳回警告,表示可以使用數字小於要求的號碼。If the number of available subnets is less than the number of requested subnets, the available subnets are returned with a warning indicating that the number available is less than the number requested.


這項功能會確實配置子網路,只會報告他們的可用性。This function does not actually allocate the subnets, it only reports their availability. 不過,可 cmdlet 輸出傳送到新增-IpamSubnet來建立子網路的命令。However, the cmdlet output can be piped to the Add-IpamSubnet command to create the subnet.

如需詳細資訊,請查看尋找-IpamFreeSubnetFor more information, see Find-IpamFreeSubnet.

尋找與尋找-IpamFreeRange 免費地址範圍Find free address ranges with Find-IpamFreeRange

這個新命令退貨可用的 IP 位址範圍提供的 IP 子網路的範圍中所需的地址,範圍要求的數目。This new command returns available IP address ranges given an IP subnet, the number of addresses that are needed in the range, and the number of ranges requested.

命令搜尋連續一連串尚未配置的 IP 位址符合要求位址數目。The command searches for a continuous series of unallocated IP addresses that match the number of requested addresses. 重複此程序直到找到所要求的範圍數目,或有更多可用之前範圍提供地址。The process is repeated until the requested number of ranges is found, or until there are no more available address ranges available.


這項功能會確實配置範圍,只會報告他們的可用性。This function does not actually allocate the ranges, it only reports their availability. 不過,可 cmdlet 輸出傳送到新增-IpamRange命令來建立範圍。However, the cmdlet output can be piped to the Add-IpamRange command to create the range.

如需詳細資訊,請查看尋找-IpamFreeRangeFor more information, see Find-IpamFreeRange.

美化的 DNS 服務管理Enhanced DNS service management

IPAM 在 Windows Server 2016 現在支援檔案、 加入網域的 DNS 伺服器的探索 IPAM 正在 Active Directory 森林中。IPAM in Windows Server 2016 now supports discovery of file-based, domain-joined DNS servers in an Active Directory forest in which IPAM is running.

此外,已新增下列的 DNS 功能:Additionally, the following DNS functions have been added:

  • DNS 區域和資源記錄 (以外這些屬於 DNSSEC) 集合從執行 Windows Server 2008,或更新版本的 DNS 伺服器。DNS zones and resource records collection (other than those pertaining to DNSSEC) from DNS servers running Windows Server 2008 or later.

  • 設定 (建立、 修改和 delete) 屬性和所有類型的資源記錄 (以外這些屬於 DNSSEC) 作業。Configure (create, modify, and delete) properties and operations on all types of Resource Records (other than those pertaining to DNSSEC).

  • 設定 (建立修改、 delete) 屬性和作業所有類型的 DNS 區域包括主要次要,以及 Stub 區域)。Configure (create, modify, delete) properties and operations on all types of DNS zones including Primary Secondary, and Stub zones).

  • 如果會觸發在次要工作和 stub 區域,不論是往前或反向對應區域。Triggered tasks on secondary and stub zones, regardless if they are forward or reverse lookup zones. 例如,例如工作從主機傳送]從主機傳送全新區域的For example, tasks such as Transfer from Master or Transfer new copy of zone from Master.

  • 角色為基礎存取控制 (DNS 記錄和 DNS 區域) 的支援 DNS 設定。Role based access control for the supported DNS configuration (DNS records and DNS zones).

  • 條件轉送程式集合和設定建立、 delete (編輯)。Conditional forwarders collection and configuration (create, delete, edit).

整合 DNS、 DHCP 及 IP 位址管理 (DDI)Integrated DNS, DHCP, and IP address (DDI) management

當您在 [IP 位址庫存檢視 IP 位址時,您可以選擇在詳細資料檢視查看所有 DNS 資源關聯的 IP 位址。When you view an IP address in the IP Address Inventory, you have the option in the Details View to see all the DNS resource records associated with the IP address.

部分 DNS 資源記錄收集為 IPAM 所收集 DNS 反向查詢 PTR 的記錄。As part DNS resource record collection, IPAM collects the PTR records for the DNS reverse look-up zones. 所有反向對應的對應至任何 ip,IPAM 建立 IP 位址記錄所有 PTR 記錄屬於對應對應 IP 位址有時候您附近的區域。For all the reverse lookup zones which are mapped to any IP address range, IPAM creates the IP address records for all the PTR records belonging to that zone in the corresponding mapped IP address range. 如果已經的 IP 位址,PTR 記錄是只要關聯的 IP 位址。If the IP address already exists, the PTR record is simply associated with that IP address. 如果不到任何 ip 對應反向對應區域,不會自動建立的 IP 位址。The IP addresses are not automatically created if the reverse lookup zone is not mapped to any IP address range.

透過 IPAM 反向對應區域中,會建立 PTR 筆資料時, IP 位址會在更新清單相同的方式如上文所述。When a PTR record is created in a reverse lookup zone through IPAM, the IP address inventory is updated in the same way as described above. 在後續的收藏,因為您的 IP 位址存在將會在系統中,PTR 記錄會只要對應的 IP 位址。During subsequent collection, since the IP address will already exist in the system, the PTR record will be simply mapped with that IP address.

多個 Active Directory 樹系支援Multiple Active Directory Forest support

Windows Server 2012 R2 IPAM 是無法探索及管理 DNS 及 DHCP 伺服器屬於相同 Active Directory 樹系 IPAM 伺服器。In Windows Server 2012 R2 , IPAM was able to discover and manage DNS and DHCP servers belonging to the same Active Directory forest as the IPAM server. 現在您可以管理 DNS 及 DHCP 伺服器不同的廣告森林屬於雙向信任關係的樹系安裝 IPAM 伺服器的位置時。Now you can manage DNS and DHCP servers belonging to a different AD forest when it has a two-way trust relationship with the forest where the IPAM server is installed. 您可以移至設定伺服器探索對話方塊中,並新增從其他信任的樹系您想要管理。You can go to the Configure Server Discovery dialog box and add domains from the other trusted forests that you want to manage. 伺服器會發現之後,管理經驗之後提供相同的樹系會安裝 IPAM 位置屬於伺服器一樣。After the servers are discovered, the management experience is the same as for the servers that belong to the same forest where IPAM is installed.

如需詳細資訊,請查看[多 Active Directory 森林中的 管理資源For more information, see Manage Resources in Multiple Active Directory Forests

清除資料使用量Purge Utilization Data

清除使用量資料可讓您以減少 IPAM 資料庫大小低於舊 IP 位址使用量。Purge Utilization Data allows you to reduce the IPAM database size by deleting old IP address utilization data. 若要執行刪除資料,您可以指定日期,以及 IPAM 刪除所有資料庫項目,比舊或您提供的日期。To perform data deletion, you specify a date, and IPAM deletes all database entries that are older than or equal to the date you provide.

如需詳細資訊,請查看清除使用量資料For more information, see Purge Utilization Data.

Windows PowerShell 角色根據存取控制支援Windows PowerShell support for Role Based Access Control

您現在可以使用 Windows PowerShell 來設定為存取控制角色。You can now use Windows PowerShell to configure Role Based Access Control. 您可以使用 Windows PowerShell 命令擷取中 IPAM DNS 和 DHCP 物件並變更其存取權的範圍。You can use Windows PowerShell commands to retrieve DNS and DHCP objects in IPAM and change their access scopes. 因此,您就可以撰寫存取領域給下列物件的 Windows PowerShell 指令碼。Because of this, you can write Windows PowerShell scripts to assign access scopes to the following objects.

  • IP 位址空間IP address space

  • IP 位址封鎖IP address block

  • IP 位址子網路IP address subnets

  • IP 位址範圍IP address ranges

  • DNS 伺服器DNS servers

  • DNS 區域DNS zones

  • DNS 條件轉送程式DNS conditional forwarders

  • DNS 資源記錄DNS resource records

  • DHCP 伺服器DHCP servers

  • 超級 DHCP 領域DHCP superscopes

  • DHCP 領域DHCP scopes

如需詳細資訊,請查看管理角色根據存取控制使用 Windows PowerShellWindows PowerShell 中的 IP 位址管理 (IPAM) 伺服器 CmdletFor more information, see Manage Role Based Access Control with Windows PowerShell and IP Address Management (IPAM) Server Cmdlets in Windows PowerShell.