none
How to protect untrusted Domain Servers using Domain account instead of local user account ?? RRS feed

  • General discussion

  • Hi ,

    One of steps to install agent is Create local user account

    Iam asking  if the dpm can use an  domain user account (of the untrusted domain) instead of local account ?

    For example

    we have two domain , no trust between them ,recently we have installed DPM 2012 SP1 on one of them and we need to protect the other Domain servers

    they are 200+ servers and it is better to create domain account  to manage all 200 servers instead to create 200 Local user account

    as per this article http://technet.microsoft.com/en-us/library/hh757942.aspx


    Ramy Shaker


    Thursday, January 31, 2013 11:19 PM

All replies

  • Do you only need to protect the Domain Controllers in the untrusted domain? Or do you need to protect all the other 200+ servers in the untrusted domain? If it's just 1 DC you can just protect 1 if the other DC's replicate with each other.

    You can't add untrusted domain computers, so you need to add them via a workgroup -> and that requires a local account. The account also gets created on the DPM-machine.

    Friday, February 1, 2013 9:49 AM
  •  I want to protect all the other 200+ servers in the untrusted domain using domain account not local accountI Appreciate your help if you have  new ideas


    Ramy Shaker

    Friday, February 1, 2013 10:09 PM
  • Sorry for the late answer Ramy, but I believe this is not possible. There need to be at least a 2 way transititve trust between the domains. Otherwise you are back to creating local accounts. You can probably script creating the accounts, but they need be created anyway.

    • Edited by Dennis Ku Tuesday, March 5, 2013 1:35 PM
    Tuesday, March 5, 2013 1:34 PM