Reply

IPAM cannot discover

Posts: 10
5404     0

We use a IPAM only infoblox with a Read-Only account and MS management license. We read the MS DHCP servers and a MS DNS sereer The DB became very big and now if we try to run the discovery we get the error: The current object count XXXXXX has exceeded the limit of 418000 and it stops. Is there a way to make the DB larger? Also we are not able to stop the synchronisation for some specific zones. Is this because we have a Read Only account or because we don't have the DNS license ?

 

Kind regards,

Kris 

Re: IPAM cannot discover

Adviser
Posts: 77
5405     0

The only way to make the database larger is to buy another (bigger) model. Depending if this is a physical appliance, it means new hardware, if virtual, there may be ways to just expand with a new (unlock) license.

Regards, Harry

Re: IPAM cannot discover

Moderator
Moderator
Posts: 149
5405     0

To answer your second question, YES.
Sync cannot be disabled on a per zone basis - when the mode is Read-Only.

 

Best Regards,
Bibin Thomas

Re: IPAM cannot discover

Posts: 10
5405     0

Ok,

 

thnx.

 

So a Read-Write account could do the trick?

Do we also need the DNS and/or DHCP licenses for this ?

We now only have the grid, NIOS and MS management licenses.

 

Kind regards,

Kris

Re: IPAM cannot discover

Moderator
Moderator
Posts: 149
5405     0

The purpose of RO mode is to ensure that no changes can be made from the Infoblox GUI.
Changing the mode to RW would provide you the ability to ADD/MOD/DEL, DNS/DHCP/AD sites, subnets and domain objects from the Infoblox GUI. This also offers the ability to specify whether a specific zone in MS DNS should be considered for sync.
Any changes made in the Infoblox UI is expected to propogate to MS either in the ongoing sync or in the subsequent sync. However, these changes can only take effect, if the AD user configured on Infoblox has sufficient privileges to apply those on the connected MS server.

In Short:
Sync in RO mode: Infoblox will not allow changes to MS managed objects from the Infoblox UI
Sync in RW mode & AD user with RO permissions to DNS/DHCP/Sites: Micosoft will refuse ADD/MOD/DEL attempts

- Do we also need the DNS and/or DHCP licenses for this ?

If your DNS and DHCP are authoritatvely on the MS side and if you do not have any requirements to serve them from Infoblox, then NO, you do not need a DNS/DHCP license on Infoblox for Microsoft Management, IPAM.


Best Regards,
Bibin Thomas

Showing results for 
Search instead for 
Did you mean: 

Recommended for You

Businesses are investing heavily into securing company resources from cyber-attacks form cybercrimin