In this article, we will show you how to install System Center Data Protection Manager Agent on Windows Server Core.
Table of Contents
Introduction
A while ago, we wrote a blog post on how to install System Center Virtual Machine Manager 2016 Agent on Windows Server 2016 Core Edition.
In today’s post, we will share with you the experience on how to install System Center Data Protection Manager Agent on Windows Server Core successfully.
In an earlier version of DPM, the agent deployment requires some additional configuration steps that need to be performed on each Windows Server Core server individually. When pushing the DPM agent from the DPM console to a Windows Server Core it may fail. However, a manual install of the agent may succeed but the DPM server cannot communicate with the agent on the Core server. This is because activation and launch permissions for the DCOM application are not configured properly on Windows Server Core. You can read about it here.
Fortunately, Microsoft enhanced the agent deployment experience, and in SC DPM 2016 and later release you can push and install the Agent to Windows Server core.
Install DPM Agent on Windows Server Core
First things first, we need to check the target operating system version on each node by running the following command:
Invoke-Command NINJA-S2D-HV01, NINJA-S2D-HV02 -ScriptBlock { Get-ComputerInfo w*x, oss*l }This confirms that we are running ServerCore build 14393.693 (Windows Server 2016).
Next, you need to make sure you have all the firewall exceptions in place so you can Push the DPM agent and have the agent communicate successfully with the DPM server. Do NOT disable the firewall!
You can run the following command to set the right firewall exceptions that are required by the DPM agent to be installed successfully. Each firewall rule below includes the needed TCP/UDP ports to allow communication with DPM Server and allow the DPM Agent Coordinator (dpmac.exe) to be installed.
Please note that the DPM Agent Coordinator version information has to reflect your current DPM installation version. As of this writing, the correct DPM 2016 major version number is (5.0.158.0).
$Nodes = "NINJA-S2D-HV01", "NINJA-S2D-HV02"
Invoke-Command -ComputerName $Nodes -ScriptBlock {
New-NetFirewallRule -DisplayName "SCDPM Agent TCP" -Direction Inbound –Protocol TCP –LocalPort 135,5718,5719,88,389,139,445 -Enabled True -Action allow
New-NetFirewallRule -DisplayName "SCDPM Agent UDP" -Direction Inbound –Protocol UDP –LocalPort 53,88,389,137,138 -Enabled True -Action allow
New-NetFirewallRule -DisplayName "SCDPM Agent Coordinator" -Direction Inbound -Program "C:\Windows\Microsoft Data Protection Manager\DPM\ProtectionAgents\AC\5.0.158.0\dpmac.exe" -Enabled True -Action Allow
}
Once you have all the firewall exceptions in place, you can jump over the DPM console and push the agent.
As you can see, the push installation for the DPM agent succeeded.
It’s worth mentioning that this is a 2 Nodes Storage Spaces Direct (S2D) Cluster.
Troubleshoot DPM Agent installation on Windows Server Core
If you did not set the firewall appropriately as described above, you may end up with the following error messages:
Data Protection Manager Error ID: 370
Data Protection Manager Error ID: 270
If this is the case, then you need to install the Agent manually on each Windows Server 2016 Core and then use the SetDPMServer command following by the DPM server FQDN.
Finally, you need to go back to the DPM console and run the Attach agents wizard.
Save yourself some time and use the Install agents (push) method instead.
Hope that helps!
Learn more
Do you want to learn more about System Center Data Protection Manager and how to create a hybrid-cloud backup solution? Make sure to check my recently published book: Microsoft System Center Data Protection Manager Cookbook.
With this book (over 450 pages) on your side, you will master the world of backup with System Center Data Protection Manager and Microsoft Azure Backup Server deployment and management by learning tips, tricks, and best practices, especially when it comes to advanced-level tasks.
Cheers,
-Ch@rbel-
