Export (0) Print
Expand All

Grant user permissions

Updated: February 3, 2015

Applies To: System Center 2012 - Data Protection Manager, System Center 2012 R2 Data Protection Manager, System Center 2012 SP1 - Data Protection Manager

Before you begin a DPM deployment, verify that appropriate users have been granted required privileges for performing the various tasks. The following table shows the user privileges that are required to perform the major tasks associated with DPM.

User Privileges Required to Perform DPM Tasks


Task Required Privileges

Adding a DPM server to an Active Directory domain

Domain administrator account, or user right to add a workstation to a domain

Installing DPM

Administrator account on the DPM server

Installing the DPM protection agent on a computer

Domain account that is a member of the local administrators group on the computer

Opening DPM Administrator Console

Administrator account on the DPM server

Extending the Active Directory Domain Services schema to enable end-user recovery

Schema administrator privileges in the domain

Creating an Active Directory Domain Services container to enable end-user recovery

Domain administrator privileges in the domain

Granting a DPM server permissions to change the contents of the container

Domain administrator privileges in the domain

Enabling end-user recovery feature on a DPM server

Administrator account on the DPM server

Installing recovery point client software on a client computer

Administrator account on the client computer

Accessing previous versions of protected data from a client computer

User account with access to the protected share 

Recovering Windows SharePoint Services data

Windows SharePoint Services farm administrator account that is also an administrator account on the front-end Web server that the protection agent is installed on

Protect SQL Server

Add the system account NT Authority\SYSTEM to the sysadmin group on the SQL Server you want to protect. In SQL Server Management Studio > Security > Logins.Double-click NT AUTHORITY\SYSTEM > Server Roles, check the sysadmin role > OK.

If you are using one SQL Server to host multiple DPM databases, the administrators of each of the DPM servers has access to the databases of the other DPM servers.

See Also

For additional resources, see Information and Support for System Center 2012.

Tip: Use this query to find online documentation in the TechNet Library for System Center 2012. For instructions and examples, see Search the System Center 2012 Documentation Library.
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
© 2015 Microsoft