none
DPM 2010 protection agent in trusted domain does not work RRS feed

  • Question

  • I am trying to install DPM protection agent on servers in a trusted domain (2way trust) domain level and forest level 2003.

     

    The DPM server is a multi home host, with several IP's in different VLANs for better performance.

     

    DPM  server is in domain D

    DPM production server in Domain T

     

    When I try to attach a server, it works, but in management agents, I get the follwoing:

    event id 83.

     

    A DPM agent failed to communicate with the DPM server.

    From what I can see, server in domain D is trying to communmication with dpmserver.domain.p instead of dpmserver.domain.t

     

     

    This is driving me crazy. What is the solution?

     


    • Moved by MarcReynolds Wednesday, November 17, 2010 1:48 PM (From:Data Protection Manager)
    Tuesday, November 16, 2010 9:27 PM

All replies

  • Hi,

    can you clarify a bit more specific pls.

    - multiple IP in different VLAN's on the same NIC or multiple NIC's on DPMserver in domain.D
      How does this improve performance (just for understanding context)

    - Does protected server in domain.T also have multiple IP's/NIC's (pls details if so)

    Generally when using multi homed there must be a registered DNS name for each if all connect to both.
    - DPMserver.domain.D with IP1
    - DPMserver.domain.T with IP2

    If protected server can only connect to IP1 then 'DPMserver' should only ever DNS resolve to DPMserver.domain.D and IP1.
    If protected server can only connect to IP2 then 'DPMserver' should only ever DNS resolve to DPMserver.domain.T and IP2.
    The network it resolves to (IP1 or IP2) should also offer connectivity to AD and DNS.


    \R2 This posting is provided "AS IS" with no warranties, and confers no rights
    Sunday, November 21, 2010 1:59 PM
  • Hi

    This improves performance, by not traversing the firewall for this traffic, as our PIX is limited to 100Mbps on the WAN, and the domain is a different network.  The server networking is a bonded trunk, so that we can pass different vlans and different MTU's between DPM and the iSCSI storage server.

     

    I have manipulated the located hosts file so that when I ping dpmserver.domain.d, it replies with the IP for domain T.

    pings are ok, so are \\dpmserver and \\dpmserver.domain.d

     

    Regards

    stuvvy

     

     

    Monday, November 22, 2010 6:18 PM
  • I found the solution to this problem together with Microsoft Support.

     

    The server in domain T, has to be able to access sysvol of the domain in domain D.

     

    ie:  \\domain.d\sysvol

     

    I had to open up access from the whole network to that domain controller for it to work.

    Wednesday, December 8, 2010 7:27 AM