Installing System Center Data Protection Manager 2016 Agent on Windows Server 2016 Core #SCDPM #DPM #WS2016

3 min read


A while ago, I wrote a blog post on how to install System Center Virtual Machine Manager 2016 Agent on Windows Server 2016 Core Edition.

In today’s post, I will share with you my experience on how to install System Center Data Protection Manager 2016 Agent on Windows Server 2016 Core successfully.

In earlier version of DPM, the agent deployment requires some additional configuration steps that need to be performed on each Windows Server Core server individually. When pushing the DPM agent from the DPM console to a Windows Server Core it may fail. However, a manual install of the agent may succeed but the DPM server cannot communicate with the agent on the Core server. This is because activation and launch permissions for the DCOM application are not configured properly on Windows Server Core. You can read about it here.

Fortunately, Microsoft enhanced the agent deployment experience, and in SCDPM 2016 you can push and install the Agent to Windows Server 2016 core.

Deploying SCDPM 2016 Agent on Windows Server 2016 Core

First things first, we need to check the target operating system version on each node by running the following command:

Invoke-Command NINJA-S2D-HV01, NINJA-S2D-HV02 -ScriptBlock { Get-ComputerInfo w*x, oss*l }

This confirm that we are running ServerCore build 14393.693 (Windows Server 2016).


Next, you need to make sure you have all the firewall exceptions in place so you can Push DPM agent and have the agent communicate successfully with the DPM server. Do NOT disable the firewall!

You can run the following command to set the right firewall exceptions that are required by the DPM agent to be installed successfully. Each firewall rule below includes the needed TCP/UDP ports to allow the communication with  DPM Server, and allow the DPM Agent Coordinator (dpmac.exe) to be installed.

Please note that the DPM Agent Coordinator version information has to reflect your current DPM installation version. As of this writing, the correct DPM 2016 major version number is (

$Nodes = "NINJA-S2D-HV01", "NINJA-S2D-HV02"

Invoke-Command -ComputerName $Nodes -ScriptBlock {

New-NetFirewallRule -DisplayName “SCDPM Agent TCP” -Direction Inbound –Protocol TCP –LocalPort 135,5718,5719,88,389,139,445 -Enabled True -Action allow
New-NetFirewallRule -DisplayName “SCDPM Agent UDP” -Direction Inbound –Protocol UDP –LocalPort 53,88,389,137,138  -Enabled True -Action allow
New-NetFirewallRule -DisplayName "SCDPM Agent Coordinator" -Direction Inbound -Program "C:\Windows\Microsoft Data Protection Manager\DPM\ProtectionAgents\AC\\dpmac.exe" -Enabled True -Action Allow


Once you have all the firewall exceptions in place, you can jump over the DPM console and push the agent.


As you can see, the push installation for the DPM agent succeeded.

It’s worth mentioning that this is a 2 Nodes Storage Spaces Direct (S2D) Cluster.


Troubleshooting SCDPM 2016 Agent installation on Windows Server 2016 Core

If you did not set the firewall appropriately as described above, you may end up with the following error messages:

Data Protection Manager Error ID: 370


Data Protection Manager Error ID: 270


If this is the case, then you need to install the Agent manually on each Windows Server 2016 Core and then use the SetDPMServer command following by the DPM server FQDN.

Finally, you need to go back to DPM console and run the Attach agents wizard.


Save yourself sometime and use the Install agents (push) method instead.

Hope that helps!

[email protected]

About Charbel Nemnom 576 Articles
Charbel Nemnom is a Cloud Architect, Swiss Certified ICT Security Expert, Microsoft Most Valuable Professional (MVP), and Microsoft Certified Trainer (MCT), totally fan of the latest's IT platform solutions, accomplished hands-on technical professional with over 17 years of broad IT Infrastructure experience serving on and guiding technical teams to optimize the performance of mission-critical enterprise systems. Excellent communicator is adept at identifying business needs and bridging the gap between functional groups and technology to foster targeted and innovative IT project development. Well respected by peers through demonstrating passion for technology and performance improvement. Extensive practical knowledge of complex systems builds, network design, business continuity, and cloud security.

Be the first to comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.