Export (0) Print
Expand All

Protect computers in workgroups and untrusted domains

Updated: July 9, 2014

Applies To: System Center 2012 - Data Protection Manager, System Center 2012 R2 Data Protection Manager, System Center 2012 SP1 - Data Protection Manager

System Center 2012 – Data Protection Manager (DPM) can protect computers that are in untrusted domains or workgroups. You can authenticate these computers using a local user account (NTLM authentication), or using certificates. You set up protection as follows:

  1. Install a certificate—If you want to use certificate authentication install a certificate on the DPM server and on the computer you want to protect.

  2. Install the agent—Install the agent on the computer you want to protect.

  3. Recognize the DPM server—Configure the computer to recognize the DPM server for performing backups. To do this you’ll run the SetDPMServer command.

  4. Attach the computer—Lastly you’ll need to attach the protected computer to the DPM server.

Before you started check the supported protection scenarios in the table below. Then follow the instructions depending which type of authentication you want to use:

Supported protection scenarios

 

  Support  

Files

Workgroup: Supported

Untrusted: Supported

NTLM and certificate authentication for single server. Certificate authentication only for cluster.

System State

Workgroup: Supported

Untrusted: Supported

NTLM authentication only

SQL Server

Workgroup: Supported

Untrusted: Supported

Mirroring not supported.

NTLM and certificate authentication for single server. Certificate authentication only for cluster.

Hyper-V

Workgroup: Supported

Untrusted: Supported

CSV not supported.

NTLM and certificate authentication for single server. Certificate authentication only for cluster.

Exchange Server

Workgroup: Not applicable

Untrusted: Supported for single server only. Cluster not supported. CCR, SCR, DAG not supported. LCR supported.

NTLM authentication only

Secondary DPM server (For backup of primary DPM server

Workgroup: Supported

Untrusted: Supported

Certificate authentication only

SharePoint

Workgroup: Not supported

Untrusted: Not supported

Client computers

Workgroup: Not supported

Untrusted: Not supported

Bare metal recovery (BMR)

Workgroup: Not supported

Untrusted: Not supported

End-user recovery

Workgroup: Not supported

Untrusted: Not supported

Network settings

 

Settings Computer in workgroup or untrusted domain

Control data

Protocol: DCOM

Default port: 135

Authentication: NTLM/certificate

File transfer

Protocol: Winsock

Default port: 5718 and 5719

Authentication: NTLM/certificate

DPM account requirements

Local account without admin rights on DPM server. Uses NTLM v2 communication

Certificate requirements

Agent installation

Agent installed on protected computer

Perimeter network

Perimeter network protection not supported.

IPSEC

Ensure IPSEC doesn’t block communications.

-----
For additional resources, see Information and Support for System Center 2012.

Tip: Use this query to find online documentation in the TechNet Library for System Center 2012. For instructions and examples, see Search the System Center 2012 Documentation Library.
-----
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft