Installing DPM on a Domain Controller

  • Article

Applies To: System Center Data Protection Manager 2010

Use the procedures in this topic to install System Center Data Protection Manager (DPM) 2010 on a domain controller.

To install DPM on a read-only domain controller (RODC), on the primary domain controller (PDC), perform procedures 1 and 2 (creating security groups and user accounts required for DPM and SQL Server 2008). Allow time for the groups to replicate to the RODC, and then, on the RODC, perform procedures 3 and 4 (installing SQL Server and DPM).

Warning

For a DPM server that is installed on a domain controller, only protection of data sources local to the DPM server is supported. You cannot install agents on other computers to configure protection.

Procedure 1: To create the security groups and user accounts required for DPM

  1. On the primary domain controller, click Start, point to Administrative Tools, and then click Active Directory Users and Computers.

  2. Create the following security groups under Domain\Builtin. For each group, accept the default settings for Scope: Global and Group type: Security.

    • DPMDBReaders$<Computer Name>

    • MSDPMTrustedMachines$<Computer Name>

    • DPMRADCOMTrustedMachines$<Computer Name>

    • DPMRADmTrustedMachines$<Computer Name>

    • DPMDBAdministrators$<Computer Name>

    Where <Computer Name> is the computer name of the domain controller on which DPM will be installed.

  3. Add the local machine account for the domain controller (<Computer Name>) to the MSDPMTrustedMachines$<Computer Name> group.

  4. On the primary domain controller, create a domain user account with the lowest possible credentials assign it a strong password that does not expire, and then add it to the local Administrators group.

    Important

    Make a note of this account because you need to use it in a later procedure to configure the SQL Server services during the installation of SQL Server. You can name this user account anything that you want; however, for the purposes of easily identifying the account’s purpose, you might want to give it a significant name, such as DPMSQLSvcsAcct. For the purposes of these procedures, this account is referred as the DPMSQLSvcsAcct account.

  5. On the primary domain controller, create another domain user account with the lowest possible credentials and name the account DPMR$MACHINENAME, assign it a strong password that does not expire, and then add this account to the DPMDBReaders$<Computer Name> group.

Procedure 2: To create the security groups and user accounts required for SQL Server 2008

  1. On the primary domain controller, create the following security groups for SQL Server 2008. For each group, accept the default values for Scope: Global and Group type: Security.

    • SQLServerSQLBrowserUser$<Computer Name>

    • SQLServerMSSQLServerADHelperUser$<Computer Name>

    • SQLServerReportServerUser$<Computer Name>$<Instance ID>.$<Instance Name>

    • SQLServerMSASUser$<Computer Name>$<Instance Name>

    • SQLServerDTSUser$<Computer Name>

    • SQLServerFDHostUser$<Computer Name>$<Instance Name>

    Where:

    • <Computer Name> is the computer name of the domain controller on which SQL Server 2008 will be installed.

    • <Instance Name> is the name of the instance of SQL Server that you plan to create on the domain controller. The instance name can be any name other than the default DPM instance name (MSDPM2010).

    • <Instance ID> by default, this is assigned by SQL Server Setup and indicates that the group applies to Reporting Services (MSRS) for the major version of the instance (10) of SQL Server. For this release, this value is MSRS10.

  2. On the primary domain controller, add the domain user account that you created earlier, which is referred to as the DPMSQLSvcsAcct account, to the following groups:

    • SQLServerReportServerUser$<ComputerName>$MSRS10.<InstanceID>

    • SQLServerMSASUser$<ComputerName>$<InstanceID>

Procedure 3: To install SQL Server 2008

  1. To install DPM 2010 on a domain controller, you must install SQL Server SP1, Enterprise or Standard Edition, before you install DPM. Log on to the domain controller on which you want to install DPM using the domain user account that you created earlier in procedure 1. For purposes of these procedures, this account is referred to as the DPMSQLSvcsAcct account.

  2. For step-by-step instructions for installing SQL Server 2008 SP1, see Installing a Remote Instance of SQL Server 2008.

    Important

    On the Server Configuration page of the SQL Server 2008 Setup Wizard, configure the SQL Server Agent, SQL Server Database Engine, and SQL Server Reporting Services services to run under the first domain user account that you created earlier in procedure 1. For purposes of these procedures, this account is referred to as the DPMSQLSvcsAcct account.

  3. After SQL Server is installed, open SQL Server Configuration Manager, expand SQL Server Network Configuration, click Protocols, right-click Named Pipes, and then click Enable.

    Note

    For this change to take effect, you must stop and restart the SQL Server service.

Procedure 4: To install DPM 2010

  1. For step-by-step instructions for installing DPM, see Installing DPM 2010. In the DPM Setup Wizard, use the settings in the following steps to complete the specified wizard pages.

  2. On the Installation Settings page, in the SQL server settings section, click Use an existing instance of SQL Server 2008.

  3. On the SQL Server Settings page, in the Instance of SQL Server box, type the name of the instance of SQL Server that you installed in procedure 3, as localhost\<Instance Name>, and then type the credentials for the first domain user account that you created in procedure 1. For purposes of these procedures, this account is referred to as the DPMSQLSvcsAcct account.

    Note

    The user account must be a member of the local Administrators group on the domain controller where the remote instance is installed. After setup is complete, you can remove the user account from the local Administrators group.

  4. On the Security Settings page, enter the same password that you used when you created the DPMR$MACHINENAME user account in procedure 1.

  5. Open SQL Server Management Studio and connect to the instance of SQL Server that DPM is configured to use. Click New Query, copy the text below to the right pane, and then press F5 to run the query.

    use DPMDB
declare @refresh_jobid uniqueidentifier
select @refresh_jobid = ScheduleId from tbl_SCH_ScheduleDefinition where JobDefinitionId in 
(select JobDefinitionId from tbl_JM_TaskDefinition where TaskDefinitionId in (select distinct TaskDefinitionID from tbl_TE_TaskTrail 
where VerbID = '53603503-C4C8-4D0E-8F1E-D2F3868E51E3')) and IsDeleted=0
exec msdb.dbo.sp_update_job @job_name =@refresh_jobid, @enabled=0
update tbl_SCH_ScheduleDefinition
set IsDeleted=1
where ScheduleId = @refresh_jobid

See Also

Other Resources

Installing DPM 2010
DPM 2010 System Requirements