none
Managing different DPM servers on other AD:s using SCOM - but how? RRS feed

  • Question

  • My question is based on the same problem as this thread: 
    http://social.technet.microsoft.com/Forums/en-US/7624c554-d63f-413e-8b8e-e1560f3ba020/firewall-ports-for-dpm-2010-in-enterprise-firewall-terms
    Though, we are running DPM 2012 and are using a central SCOM-server for management and my issue is more how other DPM-servers in other AD:s can establish "management communication" to SCOM since the centralized consol now supports running group tasks. 
    As a monotoring tool SCOM works fine through the SCOM agent but as a management tool like running a consistency check on the DPM-servers on another AD - with non-software firewalls - it does not. 
    Setting up a trust or using certificates is not an option in this case (by a number of reasons). 

    Opening up dynamic DCOM ports 1024-64453 will not be authorized from our firewall admin so we must find another solution. 

    This page was helpful but who is the client in my case; the other DPM-server or the SCOM server? 
    http://www.scdpm.se/changing-dcom-ports/

    If I set up firewall rules like this: 
    http://technet.microsoft.com/en-us/library/ff399341.aspx 

    and then change DCOM-ports to non-dynamic (how many?), as there a chance that it will work? 

    Tuesday, February 18, 2014 3:36 PM

All replies

  • Hi

    DPM communicates on those ports and you will need to open them.

    What errors are in your logs?

    Friday, August 8, 2014 4:49 AM