Export (0) Print
Expand All

Plan for file data protection on computers and servers

Updated: November 1, 2013

Applies To: System Center 2012 - Data Protection Manager, System Center 2012 R2 Data Protection Manager, System Center 2012 SP1 - Data Protection Manager

On client computers and servers System Center 2012 - Data Protection Manager (DPM) can protect files in volumes, folders, and shares. Note the following:

  • For a list of supported client and server operating systems, see Support Matrix for DPM Protection.

  • For computers running client operating systems, you can back up file data in volumes (accessed through drive letters or mount points), folders, and shares. You can’t backup system state using DPM, but as a workaround you can run a Complete PC Back up to a folder or network share and protect files on the share using DPM. Windows Backup can be configured from Backup and Restore in the Control Panel.

  • For computers running server operating systems, you can back up file data in volumes (accessed through drive letters or mount points), folders, and shares; and system state.

  • Before you can protect a file server running Windows Server 2008 R2, you must apply the update described in Microsoft article 977381.

  • From DPM SP1 onwards deduplicated volumes can be protected. When you configure protection for a full volume that is deduplicated, recognizes that it is a deduplicated volume and copies the content efficiently, providing network and storage saving. For more information, see SC2012 SP1 – DPM: Efficient Protection of Windows 2012 Dedup Volume.

  • Computers running client operating systems that you want to protect must have a two-way trust relationship with the domain in which the DPM server is located.

  • If Windows Firewall is running on client computers, the DPM protection agent will configured the required firewall exceptions. If you need to reset the firewall at any time, running SetDPMServer.exe. If you’re running any other firewall ensure the ports required for DPM are open.

  • In addition to protecting client computers in the corporate network, DPM can back up client computers using a VPN connection. VPN protocols PPTP, SSTP, and L2TP are supported. To perform backups over VPN, ICMP must be enabled.

Unprotected data

There are a number of resources on client computers and servers that are not protected by DPM:

  • Volumes that aren’t formatted with NTFS. To protect FAT or FAT32 volumes, you must convert them to NTFS. For instructions, see How to Convert FAT Disks to NTFS (http://go.microsoft.com/fwlink/?LinkId=83022).

  • Volumes that are less than 1 GB in size. This is because DPM uses the Volume Shadow Copy Service (VSS) to create a snapshot of protected data and VSS only creates a snapshot when the volume size is equal to or greater than 1 GB.

  • Hard links

  • Recycle Bin

  • Paging files

  • System Volume Information folder. To protect system information for a computer, you’ll need to select the computer’s system state as a protection group member when you create a protection group.

  • Files with any of the following combinations of file attributes: Encryption and reparse, Single instance Storage (SIS), case sensitivity, or sparse; Case sensitivity and SIS, sparse and resparce, or compression and SIS.

Excluding files from protection

The simplest approach to selecting data for protection is to select all file data for protection. Alternatively, you can select only specific subsets of your data for protection by excluding specific folders or file name extensions.

When deciding what to protect consider how important it is for you to quickly recover point-in-time copies of the data if data is lost or corrupted. Key candidates for protection are files that change frequently, or files with high business impact. Other good candidates are files that are frequently accessed, regardless of how often they change.

Protecting data in DFS namespaces

You can protect data that is part of a Distributed File System (DFS) Namespaces hierarchy. However, you cannot select shares for protection through the DFS Namespaces hierarchy. Instead, you can select shares for protection only by their target paths.

If your namespace includes roots or links that have multiple targets with the same data, we recommend that you protect only one of the targets. Protecting multiple targets with the same data is redundant.

The following illustration shows DPM protection of a DFS Namespaces target.

Protecting a DFS Namespaces Target by Using DPM

Protecting 1 of multiple namespace targets

When end-user recovery is enabled for a protected target, users can access previous versions of files through the DFS Namespaces hierarchy. When end users attempt to access previous versions of files on a share that has multiple targets, DPM transparently directs them to the protected target.

For additional resources, see Information and Support for System Center 2012.

Tip: Use this query to find online documentation in the TechNet Library for System Center 2012. For instructions and examples, see Search the System Center 2012 Documentation Library.
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
© 2014 Microsoft