Published by Paessler Editorial Team
Last updated on November 11, 2025
•
14 minute read
One of the key challenges every network administrator must deal with is to maintain an end-to-end view on the distribution of IP addresses in the network. Network growth, increased virtualization, the IoT and cloud deployments (including the use of resources in Azure) make it hard to manually track IP address assignments in spreadsheets. The Windows IP Address Management Server (IPAM) is a centralized service that can help monitor your DNS and DHCP servers as part of a DDI (DNS, DHCP, IPAM) deployment strategy, but its proper use requires an understanding of its strengths and limitations.
For example, while IPAM can be an excellent tool for keeping track of IP address spaces, most network administrators find that they need a partner tool to complete the picture. An IPAM server can tell you where IP addresses are used, but a complete network monitoring solution will tell you how those devices are doing.
The Windows IP Address Management Server provides solutions to these issues through automated discovery and centralized management:
- IP Address Space Management: Manage IPv4 and IPv6 networks by IP address blocks, ranges, IP prefixes, and subnet tracking. View real-time available address space and utilization.
- Automated Server Discovery: Automatically discover DHCP servers, Microsoft DNS servers, and domain controllers on your network. View service availability and centrally manage configurations through the IPAM console.
- Lease and Record Tracking: Track DHCP lease utilization and DNS record accuracy. View hostname-to-IP mappings and hardware MAC addresses to avoid address conflicts across IPv4 and IPv6 networks.
- Simplified Deployment: Deploy IPAM through Server Manager by adding the "IP Address Management Server" feature on Windows Server 2016 or later.
Understanding the Windows IP Address Management Server Feature
Microsoft released IPAM in Windows Server 2012, and then made enhancements in Windows Server 2012 R2 and in Windows Server 2016. Alternative third-party or open source IPAM solutions, such as those from Infoblox, BlueCat, Cisco Prime Network Registrar, and open source NetDB can also be used. However, for Windows Server 2012 R2 and later versions, there is built-in functionality available in Microsoft IPAM at no additional licensing cost.
Important: IPAM is a feature that is required to be a member of an Active Directory domain in order to work as designed. It is possible to install it on a server not joined to a domain, but this should only be used for a test lab environment.
By default, the IPAM database is a Windows Internal Database (WID) instance. Windows Server 2012 R2 or higher does support Microsoft SQL Server for better scalability. Performance of the database will affect how well IPAM will monitor DNS zone transfers, DHCP scope usage, and trends in address allocations across many subnets. Database Capacity planning for complex networks is important for achieving the desired response from IPAM.
IPAM supports the management of Windows Server 2008 and higher DHCP servers, Microsoft DNS servers, domain controllers, and Network policy servers (NPS) for monitoring VPN connections and network access policy.
⚠️ Note: IPAM does not discover network devices like switches, routers, or printers.
Windows Server 2016 Enhancements
Multi-forest support: Manage DNS and DHCP servers across Active Directory forests with bidirectional trust relationships
Enhanced PowerShell: Comprehensive cmdlets for role-based access control (RBAC) with granular IPAM access permissions and automated IPAM administration.
Essential Windows PowerShell cmdlets for Windows IP Address Management Server administration include:
- Get-IpamAddress - Query IP address inventory and allocation status
- Set-IpamRange - Configure IP address ranges and subnets
- Get-IpamDhcpScope - Review DHCP scope configuration across managed servers
- Export-IpamAddress - Generate reports for capacity planning and compliance audits
- Invoke-IpamGpoProvisioning - Automate Group Policy-based IPAM provisioning
These cmdlets enable automation of routine IPAM tasks and integration with broader infrastructure management workflows.
Monitoring IPAM Infrastructure: Beyond Basic Management
The Windows IP Address Management (IPAM) Server is great at tracking your IP addresses but don't forget to monitor your IPAM infrastructure. Important aspects to monitor include:
🧩 IPAM Server Health: Windows Internal Database performance, disk space, and IPAM Discovery task completion. If any tasks fail you will have an inaccurate IP Address inventory.
🧩 DNS and DHCP Server Availability: IPAM does manage your DNS and DHCP infrastructure, but it does not alert you about any real time performance issues. PRTG Network Monitor monitors Microsoft DNS query response times, DHCP lease processing times, and service availability.
🧩 Capacity Planning: Monitor your subnet utilization over time to predict when you will need more IP address space. Combine IPAM's address allocation data with PRTG's SNMP-based device discovery for full infrastructure visibility.
Organizations with SNMP-enabled network devices (routers, switches, firewalls) can leverage the visibility of IPAM's IP address inventory along with SNMP-based network monitoring for end-to-end device visibility of the infrastructure.
IPAM and Network Monitoring: A Complementary Approach
Windows IP Address Management Server (Microsoft IPAM) is the in-built IP address management application by Microsoft. IP Address Management server requires no additional licenses on Windows Server 2012 R2 and Windows Server 2016. Alternatively, you can consider any third-party commercial IPAM solution like Infoblox, BlueCat (Efficient IP), and Cisco Prime Network Registrar. These commercial IPAMs require separate licensing and subscriptions.
Microsoft IPAM is a viable choice if you are already using Windows Server platform and need to have basic IPAM capabilities to track IP address space within Active Directory, Microsoft DNS, and DHCP services. IP address management, if done right, must include monitoring of services that utilize IP addresses as part of their configuration for normal operation. An open-source IP address management database NetDB (Network Tracking Database) is also an option if you need customization and prefer it over the Windows IP Address Management Server.
Open source alternatives like NetDB (Network Tracking Database) offer flexibility for customization, though they typically require more extensive setup and ongoing maintenance compared to Microsoft's integrated approach.
Implement IP address management using Windows IP Address Management Server to centrally manage IP address space, DNS zones, and DHCP scopes. Supplement IPAM with Network Monitoring and Anomaly Detection to track the performance of the services that you are using, gain insight into network anomalies, and proactively be alerted in case your DNS servers, DHCP servers, or domain controllers have problems.
Step-by-Step IPAM Configuration in Windows Server Environments
How to Set Up Windows IP Address Management Server:
- Join the IPAM server to an Active Directory domain - Domain membership is mandatory for IPAM functionality
- Install the IPAM feature via Server Manager - Add the "IP Address Management" server feature
- Run the IPAM provisioning wizard - Configure Group Policy-based or manual provisioning
- Configure server discovery - Define which Active Directory forests and domains IPAM should scan
- Select managed servers - Specify which DNS servers, DHCP servers, and domain controllers IPAM will manage
- Verify database configuration - Confirm Windows Internal Database or SQL Server connection
- Test IPAM functionality - Validate IP address inventory collection and service monitoring
IPAM Capabilities Across Windows Server Versions
| Feature | Windows Server 2012 | Server 2012 R2 | Server 2016 |
|---|---|---|---|
| IPv4 Address Management | ✓ | ✓ | ✓ |
| IPv6 Address Management | ✓ | ✓ | ✓ |
| SQL Server Database Support | ✗ | ✓ | ✓ |
| Multi-forest Management | ✗ | ✗ | ✓ |
| PowerShell Role-Based Access Control | Limited | Limited | Full |
| DNS Zone Monitoring | ✓ | ✓ | ✓ |
| DHCP Scope Management | ✓ | ✓ | ✓ |
Troubleshooting Windows IP Address Management Server
Common IPAM Deployment Challenges:
⚠️ Server Discovery Failures: If IPAM cannot discover DNS servers or DHCP servers in your Active Directory forest, verify Group Policy Object (GPO) replication across domain controllers. The provisioning process creates three GPOs that must replicate successfully before server discovery functions.
⚠️ Database Performance: As IPAM tracks DNS records, DHCP leases, and IP address allocations over time, the Windows Internal Database can experience performance degradation. Monitor IPAM database size and consider migrating to Microsoft SQL Server for environments managing more than 150 servers or 10,000 IP addresses.
⚠️ Cross-Forest Management: Windows Server 2016 introduced multi-forest support, but bidirectional trust relationships must exist between forests. Verify trust configuration in Active Directory Domains and Trusts before attempting cross-forest IPAM deployment.
Testing IPAM in a lab environment helps identify configuration challenges before production deployment. Microsoft's TechNet provides detailed step-by-step guides for initial IPAM server provisioning and Group Policy configuration. Once your Windows IP Address Management Server is operational, implement network monitoring to track the performance of managed Microsoft DNS servers, DHCP servers, and network policy servers (NPS) handling VPN connections.
Ready to complement your IP address management with comprehensive network monitoring?
👉 Download PRTG's free trial to monitor DNS, DHCP, and network infrastructure performance alongside your IPAM deployment. Monitor up to 100 sensors free forever. No credit card required.
You there!
