Active Directory Domain Structure

  • Article

Published : April 8, 2005 | Updated : August 17, 2005

The DPM server must be deployed within a Windows Server 2003 Active Directory domain or a Windows 2000 Active Directory domain. The DPM server must be a member of the same domain as the file servers it protects. This requirement applies for all network topologies.

For example, suppose that you want to deploy DPM in a data center to protect a set of file servers that physically reside in a branch office. Suppose also that your domain structure consists of one domain for the data center and one domain for the branch office. To protect the file servers, you must deploy the DPM server not as a member of the data center domain, but rather as a member of the branch office domain. Figure 2.3 shows a DPM deployment within such a domain structure.

Figure 2.3   Sample Domain Structure for DPM

Similarly, suppose that you want to deploy DPM in a data center to protect a set of file servers that are physically distributed between two branch offices. Suppose also that your domain structure consists of separate domains for each branch office. To protect all the file servers, you must deploy two DPM servers: one as a member of the first branch office domain, and the other as a member of the second. Figure 2.4 shows a DPM deployment within such a domain structure.

Figure 2.4   Sample Domain Structure for DPM

Domain Controller Requirements for End-User Recovery

In Windows 2000 domains, the end-user recovery feature of DPM is available only if the domain controllers are running Windows 2000 Service Pack 4 or later with schema modifications enabled. To get the latest updates for Windows 2000 Server, see Microsoft Knowledge Base article 260910 (https://go.microsoft.com/fwlink?linkid=40729). For instructions for enabling schema modifications on a Windows 2000 domain controller, see Microsoft Knowledge Base article 285172 (https://go.microsoft.com/fwlink/?LinkId=33664). For information about Active Directory configuration steps required for end-user recovery, see “Configuring Active Directory” in the “Planning Data Protection” chapter of this guide.