This documentation is archived and is not being maintained.

Protecting Computers on Untrusted Domains

Updated: April 21, 2010

Applies To: System Center Data Protection Manager 2010

Installing Agents on Computers on Untrusted Domains

You can install a DPM protection agent on a computer using DPMAgentinstaller.exe (DPMAgentInstall_X64.exe) from the DPM setup DVD.

After installing the agent, you need to run SetDpmServer and specify the local user credentials which would be used for authentication. A local user account will be created and the DPM protection agent would be configured to use this account for authentication.

Syntax: SetDpmServer.exe -dpmServerName <serverName> -isNonDomainServer -userName <userName>


Parameter Description


Specifies that this server is in a workgroup or an untrusted domain.


Creates an NT user account with the specified username for this server to communicate with DPM server. This option should be used along with -IsNonDomainServer.


In case there are multiple DNS suffixes configured for this server, ProductionServerDnsSuffix represents the DNS suffix which DPM server will use to communicate with this server.


Name of the DPM server. FQDN if DPM server and protected computer are accessible to each other using FQDNs. NETBIOS if DPM server and protected computer are accessible to each other using NETBIOS names.

Attaching a Computer on an Untrusted Domain to the DPM Server

The steps to attach a computer on an untrusted domain using DPM Administrator Console are as follows.

  1. Start the Protection Agent Installation Wizard from the DPM Administrator Console.

  2. Select Attach and click Next.

  3. Enter the computer name, user name and password for the computer you want to attach to. This should be the same as the login credentials specified during agent installation on that computer. Click Next.

  4. Review the information on the Summary page and click Install if the information is correct. Click Close once the attach action is successful.

Attaching Computers using DPM Management Shell

You can also attach a computer on an untrusted domain through DPM Management shell using Attach-NonDomainServer script.

Syntax: Attach-NonDomainServer.ps1 -DPMServername [Name of DPM server] -PSName [Protected computer] -Username [username]

This script registers the specified computer to be protected with this DPM computer, creates a local user account using the specified credentials and configures DPM to use these credentials to authenticate to the computer.

DPM agent must be installed and SetDpmServer.exe must be run on the computer, before attaching the computer to DPM server using the DPM Administrator Console or Management shell.

If you use NetBIOS name of the DPM server in the SetDPMServer command, you must use the NetBIOS for the protected computer also during attach and vice versa if you are using FQDN.