Security considerations for end-user recovery
Updated: November 1, 2013
Applies To: System Center 2012 - Data Protection Manager, System Center 2012 R2 Data Protection Manager, System Center 2012 SP1 - Data Protection Manager
You can enable end-user recovery for file data, but not for application data. Use only domain-based security groups for permissions to files and folders on which you plan to enable end-user recovery. DPM cannot guarantee consistency between end-user access to data on protected computers and end-user access to recovery points of that data on the DPM server if you rely on local security groups.
For example, if the set of users included in the protected computer's local Users group differs from the set of users included in the DPM server’s local users group, different sets of users will have access to the data on the protected computer and to the recovery points of that data.
ConceptsPlan for DPM security
For additional resources, see Information and Support for System Center 2012.
Tip: Use this query to find online documentation in the TechNet Library for System Center 2012. For instructions and examples, see Search the System Center 2012 Documentation Library.