Friday 29 January 2016

System Center Data Protection Manager 2012 R2 - Agent Installation, Backup Type and Process - Part 2

Hello Everyone,

This post will explain below points:

  • Agent Installation
  • Backup Type
  • Backup Process
In my previous post, You can see Deployment Requirement and Installation Process. To see, Click Here!

Let's start with agent installation.

DPM 2012 Agent Installation:

To install DPM agent, we have different procedure based on environment setup like domain machines, workgroup machines or different domain machines.

You can install DPM agent either of below procedure:

Install DPM agent on same domain servers through DPM Console:

Open DPM console, Click Management Tab, Click Agents and then click on Install:

Select Install Agent and Click Next:

Select Server on which You want to install DPM agent:

Provide credentials to install DPM agent: (NOTE: Account used for installation must be member of local administrator group)

DPM Agent installation requires reboot so it's your choice to let DPM restart machine after installation or You restart the machine manually later:

Click Install:

Click Close once installation is Completed: (Note: If You had selected to restart machine manually then restart it for complete process else it will prompt You as Restart pending in Status.)

After restart, You can see Agent Status as OK:

Manually Install DPM Agent on Workgroup Servers using commands:

  • Copy and paste the DPM Agent file to the Work-group server.
  • Configure Firewall using below command:
           netsh advfirewall firewall add rule name="Allow DPM Remote Agent Push" dir=in action=allow                  service=any enable=yes profile=any remoteip=<IPAddress of DPM Server>
  • Below are the ports details which needs to be configured:

NOTE: Sometime, You may get RPC Server error during installation which means either Server can be be reachable to DPM server due to any dynamic port configured for RPC (Range:49152 to 65535) so You have to check and open that particular dynamic port or open whole range. 
  • After all above configuration, open elevated command prompt, run command: DpmAgentInstaller_x64.exe /q <DPMServerName> /IAcceptEULA and take restart of the server.
  • After agent is installed then You will see work-group server in DPM Console.

Backup Type:

DPM provide maily two type of backups:
  • Disk Based Backup
  • Tape Based backup
  • Backup to Windows Azure Backup 

Disk Based Backup:

Also know as Disk to Disk Backup. This helps in taking backup of one computer from one Hard Disk to Another Hard Disk on another computer. This type of backup helps in saving time as it require very less time in adding disk to DPM for backup purpose. For taking backup for short period of time then this option is best option.

Type of Back-up supported:
  • Short-term backup
  • Offsite protection
  • Application protections like Files, SQL Server, Exchange, Sharepoint, Hyper-V Server, System State backup, Clients.

Tape Based Backup:

Also know as Disk to Tape backup. In this backup is scheduled to Tape which is attached and configured in DPM. This type of backup helps in long term backup. You can also schedule backup from replica copy to Tape (Disk to Disk to Tape - D2D2T) which has no impact on protected computer and can be backed-up any time..

Type of Back-up supported:
  • Short Term Protection
  • Long Term Protection
  • Offsite Protection
  • Application protections like Files, SQL Server, Exchange, Sharepoint, Hyper-V Server, System State backup, Clients.

Backup to Windows Azure Backup:

You can also protect Your computer by using backup to Windows Azure which is more reliable and cost saving option. 

Type of Back-up supported:
  • Short-term backup
  • Offsite backup
  • Files, SQL Server Backup and Hyper-V

Backup Process:

Before letting You know the process for how to take backup, You must know few things:
  • DPM Agent must be installed on Physical Server or Virtual Server. (It will ask for reboot).
  • To take backup of Virtual Server Disks, You can take backup from Hyper-V server.
  • DPM automatically tells if taking Online or Offline backup. There are certain things which DPM check if backup is supported for Online or not. If not supported then DPM will take Offline backup.
  • Offline backup means, It will take VM in saved state for fractions of seconds or minute (depends on size of VM). 
  • To know more about Online and Offline Backup, Click Here!
  • To check supported and Unsupported Scenarios in DPM, Click Here! and Click Here!

Steps to create Backup in DPM:

Open DPM Console, Click Protection Tab and Click on New:

Expand the Physical Server Cluster or Standalone Server where VM is running which You want to schedule Backup and Select Hyper-V checkbox and Click Next:

NOTE: It will let You know if DPM will take Offline or Online backup as show in above screenshot.

Give Protection Group Name (You can give Machine Name which is easy to know the backup by machine name), select type of backup: Disk or Tape and Click Next:

Specify the short term goals like retention period and full backup schedule time and click Next:

Review Disk allocation and Click Next:

NOTE: After completing full backup once, DPM will reserver more disk space for incremental backup on further scheduled backup. It can be modified as well by clicking on Modify. It is highly recommended to add more Size disk, says almost double the size of backedup Disk size. EX: If You have to schedule backup for almost 2 TB size disks so atleast have 4 TB Disk attached in DPM.

You can use 2 + 2 TB disks ... This is all based on Your environment standards.

Choose replica copy creation method and click Next:

Choose consistency check option and click next:

Click Create Group:

Click Close:

Protection Group is created and backup will start on scheduled time:

You can monitor job:

Recovery Point is created:

This is all done. You can schedule backup as per Your requirement like Full VM backup or System State backup. For System State backup, You have to install DPM Agent on VM itself and have to create protection group by expanding directly VM. Then You can take backup of any drive or file or application.

In My next post, I will explain DPM Recovery Type and Process.

Happy Reading!!!

If You like my posts then Follow my updates:

Join my facebook group for updates on trending technologies/technical references/issues etc:

Tuesday 19 January 2016

System Center Data Protection Manager 2012 R2 - Deployment Requirements and Process - Part 1

Hello Everyone,

This post is to share knowledge about a component of System Center Suite know as System Center Data Protection Manager. 

In our production environment, it is very important to protect our data like Databases, System Files or complete virtual servers. Microsoft provides an enterprise solutions to protect our environment data in very simple and easy way with help of System Center Data Protection Manager Tool. 

Using this tool, You can take full or incremental backup of Your data from source location to destination location.

Let's start with understanding some key points about this tool and then will see deployment process.


Below are the main purpose for using DPM:
  • Backup: Backup from windows server, windows client computers, SQL database and supported applications.
  • Storage: You can take backup to disks, take or cloud using DPM.
  • Recover: You can recover data from backed-up location to original location or any other location as per your requirement.

Other benefits (Use latest update rollup):
  • Support for Azure backup.
  • Support for SQL Always On backup (Need to create Login NT ATHURITY\DPMRA with "sysadmin" permission)
  • Support protection for Windows VMs on VMware.
  • Can monitor it with SCOM with new DPM Management Pack.
  • Support to take backup in Azure Backup vault and then You can recover data from any of registered DPM in Azure Backup Vault.
  • Support for data backup on client machines running windows 10.
  • Support for backup of Database running SQL Server 2014.

Pre-requisites (I have explained as per my lab environment - Installed on VM):

  • DPM 2012 R2 ISO (Can be installed on Hyper-V Server or VM)
  • SQL Server 2012 SP1 or SP2 Enterprise or Standard 64 Bit (Can be installed locally or remotely)
  • Dedicated Disks for Backup storage (Atleast 2-3 times of protected data size planned) 
  • RAM - 8 GB
  • CPU - 4
  • Disk - 50 GB (Enough for DPM)
Other Pre-Requisites:
  • Microsoft .Net Framework 4.0
  • Windows Installer 4.5 or later
  • Microsoft Visual C++ 2008 Redistributable
  • Windows Powershell 3.0

  • SQL Always ON and SQL Server 2014 is not supported.
  • Installation on Clustered Node, Operation Manager Server or Any Application Server is not supported

SCDPM 2012 R2 - Deployment Process:

SQL Server 2012 SP1 Installation - Creating DPM DB Instance:

I have installed DPM DB locally on the same machine.

Below are the steps:

Run SQL Server 2012 SP1 setup:

After Checking prerequisites, Click Next on Setup support rules:

Accept licence terms and click next:

Select required features and choose path for installation:

In Instance Configuration, choose either default or give named instance and click next:

Provide Service Account details and check Collation:

NOTE: Service account must be member of local administrator group of the machine and DPM Support collation: "SQL_Latin1_General_CP1_CI_AS".

In Database Engine Configuration, choose Mixed Mode, Provide "SA" credentials and add SQL service account with other required accounts:

You can select configuring Reporting Service or You can configure later:

Click Next and at last monitor if installation is successful:

After installation, If You had selected Reporting Service to Install Only then configure it with new database:

Once You configure it then open the Sql Server Management Studio to see if Reporting Server DB is created:

SCDPM 2012 R2 - Installation Process:

After database is configured, Start installing DPM 2012 R2:

NOTE: If You have install SQL on remote machine then You have to Run DPM setup on the same machine to first install "DPM Remote SQL Prep".

If SQL is installed locally then skip this step and Click on Data Protection Manager:

Accept licence terms and click OK:

Provide SQL Server name and Click on Check and Install:

After prerequisites check is completed, click next:

Provide Product Key and Click Next:

Click Next:

Select option as per your requirement and click next:

Click Next and at last monitor job if installation is completed successfully:

Open DPM 2012 R2 Console:

Installation is completed.

After that, Download Update Rollup 8 for SCDPM 2012 R2 and install it.

In my next post, I will explain:
  • Agent installation
  • Backup Type
  • Backup process
Happy Reading!!!

If You like my post then follow my updates:

Join my facebook group for updates on trending technologies/technical references/issues etc:

Saturday 16 January 2016

EMS - Microsoft Intune : About Templates and MAM Policies with Descriptions for all platform - Part 2

Hello Everyone,

This post will explain about Intune templates (Policies) and MAM Policies with description for all platforms in details.

Follow this post to configure Certificate Profiles to access company resources like Email, WiFi and VPN.

Microsoft Intune Policies helps in controlling Mobile device features like copy/cut/paste/save-as etc.

There are many templates available for all platforms in Intune where Admin configure Policies as per organization requirements, save them and deploy on either particular group of users or selected users or all users of respective platform devices.

Templates Available in Intune:

Below are the templates details of each platform available in Intune which You can configure and deploy as per your organisation requirements in respective platform devices.


Apple iOS:

Mac OS X:


Software (As of now, only Available for Android and iOS Devices):

Computer Management:

Common Mobile Device Settings:

How to see Template Policies and Descriptions sheet for General Configuration settings for all platform:

Android Template Policies:

Custom Configuration:

Below settings need to be configured:

Email Profile:

Below settings need to be configured:

General Configuration:

Below settings needs to be configured:

Android Devices General Configuration Policies:

PKCS #12(.PFX) Certificate Profile:

Below settings need to be configured:

SCEP Certificate Profile:

Below settings need to be configured:

Trusted Certificate Profile:

Below settings need to be configured:

VPN Profile:

Below settings need to be configured:

Wi-Fi Profile:

Below Settings need to be configured:

NOTE: Similarly, You can view and configure templates for other platforms as per Your requirements.

Below are the details explanation of other platform's configuration policies and there recommended values.

Windows Device Platform:

Windows 10 or Later Desktop and Mobile Configuration Policies:

Windows 10 or Later Team Configuration Policies:

Windows 8.1 or Later Configuration Policies:

Windows Phone 8.1 or Later Configuration Policies:

iOS Configuration Policies:

Mac OS X Configuration Policies:

Mobile Applications Management (Android 4 or Later) Configurations Policies:

Mobile Applications Management (iOS 7.1 or Later) Configurations Policies:

Compliance Policies:

There are many other policies like for computer managements as well but above are most commonly used policies. You can also view computer management policies as explained in above templates screenshots.

This is all about Intune Policies. I have tried my best to cover almost all important policies with description to understand them through single sheet. 

In my next post, I will cover below Intune Topics:
  • How to configure apple iOS devices with Intune?
  • Configure and deploy deploy policies.
  • Configure and deploy managed app with MAM policies on Android devices (similar way for iOS devices).
  • App Deployments.
  • Conditional Access for exchange online. 

Happy Reading!!!

If You like my blogs then follow my updates:

Join my facebook group for updates on trending technologies/technical references/issues etc: