Installing a DPM Agent on a domain controller is unfortunately not so easy as installing a dpm agent in a untrusted workgroup (dpm agent installer wants to create a local user…)
Tasks to do on DPM agent computer:
- install Agent (ie. DPMAgentInstaller_AMD64.exe <fqdn_of_DOM_server>
- open cmd Shell with admin rights
- change to DPM directory (c:\Program Files\Microsoft Data Protection Manager\DPM\bin)
- call setup:
1 |
.\SetDpmServer.exe -dpmServerName <fqdn of DPM Server> -isNonDomainServer -userName <new_Name_for_dpm_agent> |
- enter a new Password for DPM Agent/Server communication
Since the DPM agent computer is a domain controller of other domain, setup is creating a domain account called <new_name_for_dpm_agent>:
- Add the agent account to the following groups on the domain controller:
- DPMRADCOMTrustedMachines$…
- DPMRADmTrustedMachines$…
Tasks to do on DPM server computer:
open Computer Management on DPM server to add the <new_name_for_dpm_agent> account to the following groups:
- DPMRADCOMTrustedMachines
- DPMRADmTrustedMachines
- MSDPMTrustedMachines
- Distributed COM Users
- (only necessary if you have added this agent before) – open DPM ManagementShell with admin rights and change to DPM\bin directory – enter:
1 |
.\Update-NonDomainServerInfo.ps1 -DPMServerName <fqdn of DPM Server> -PSName <fqdn of dpm Agent> |
- add agent on DPM server as usual
- a few minutes later the new agent should appear as “Agent Status” – OK in DPM console…