How to protect untrusted Domain Servers using Domain account instead of local user account ?? RRS feed

  • General discussion

  • Hi ,

    One of steps to install agent is Create local user account

    Iam asking  if the dpm can use an  domain user account (of the untrusted domain) instead of local account ?

    For example

    we have two domain , no trust between them ,recently we have installed DPM 2012 SP1 on one of them and we need to protect the other Domain servers

    they are 200+ servers and it is better to create domain account  to manage all 200 servers instead to create 200 Local user account

    as per this article

    Ramy Shaker

    Thursday, January 31, 2013 11:19 PM

All replies

  • Do you only need to protect the Domain Controllers in the untrusted domain? Or do you need to protect all the other 200+ servers in the untrusted domain? If it's just 1 DC you can just protect 1 if the other DC's replicate with each other.

    You can't add untrusted domain computers, so you need to add them via a workgroup -> and that requires a local account. The account also gets created on the DPM-machine.

    Friday, February 1, 2013 9:49 AM
  •  I want to protect all the other 200+ servers in the untrusted domain using domain account not local accountI Appreciate your help if you have  new ideas

    Ramy Shaker

    Friday, February 1, 2013 10:09 PM
  • Sorry for the late answer Ramy, but I believe this is not possible. There need to be at least a 2 way transititve trust between the domains. Otherwise you are back to creating local accounts. You can probably script creating the accounts, but they need be created anyway.

    • Edited by Dennis Ku Tuesday, March 5, 2013 1:35 PM
    Tuesday, March 5, 2013 1:34 PM