I am trying to configure DPM for a client, which is a university department. They have a somewhat unusual setup of their AD and DNS and I think that is why I am having trouble attaching an agent I have installed.

It is a new installation of DPM 2012 R2 version 4.2.1292.0 with a local SQL Server 2012 SP2. The OS is Windows Server 2012 R2. It is going to protect a bunch of SQL Server databases all on the same Windows Server 2012 R2 server. The SQL Server is a physical server and the DPM server is a hyper-v VM, running on a Windows Server 2012 R2 host.

The install of DPM itself went smoothly.

To install the agent on the SQL Server machine, I followed the instructions here: https://technet.microsoft.com/en-us/library/hh758186.aspx#BKMK_Manual. This was successful (I think)

Then I proceeded with these instructions to attach the agent: https://technet.microsoft.com/en-us/library/hh757916.aspx

This fails at the enter credentials stage with this message:

DPM could not connect to the service control manager on these servers: [SqlMachinename].win.[universityname].dk (ID: 33221)

As far as I can tell, the problem has to do with how the university manages windows AD domains and DNS lookup.

The university uses one common AD domain named win.[universityname].dk for the entire campus, but it looks like DNS names for individual windows machines is managed locally at individual departments.

Ipconfig says this (abbreviated) for the SQL Server where I installed the agent:

Host Name . . . . . . . . . . . . : [SqlMachinename]
Primary Dns Suffix  . . . . . . . : win.[universityname].dk
DNS Suffix Search List. . . . . . : win.[universityname].dk
                                              [departmentname].[universityname].dk
Ethernet adapter T2:
   Connection-specific DNS Suffix  . : [departmentname].[universityname].dk
   DHCP Enabled. . . . . . . . . . . : Yes

This works from the DPM machine and shows the correct IP:

ping [SqlMachinename]

This works from the DPM machine and shows the correct IP:

ping [SqlMachinename].[departmentname].[universityname].dk

This fails from the DPM machine ("could not find host") and does not get an IP:

ping [SqlMachinename].win.[universityname].dk

I've used Message Analyzer to verify that when pinging just [SqlMachinename], in fact DNS tries first to append win.[universityname].dk, which fails and second [departmentname].[universityname].dk, which then succeeds. This is by the book, as I understand it because of the DNS Suffix Search list or because of the connections-specific DNS Suffix.

The problem is that DPM only tries [SqlMachinename].win.[universityname].dk. I have verified this with Message Analyzer.

I am not sure how to proceed. Is there another way to attach the agent? Maybe by IP-address?

I cannot ask the client to put [SqlMachinename].win.[universityname].dk in their DNS database. I am sure that they do not register any individual machines in that DNS domain which cuts across the entire campus. I am equally sure that they will not consider creating individual AD domains for each department just because I ask (although that would probably be best in the long run).

Any suggestions would be very much appreciated.

• Edited by ThomasIsr Saturday, February 21, 2015 10:17 PM

Found a workaround:

I can install and attach the agent using one of the methods designed for agents in workgroups or untrusted domains. For me NTLM worked fine as long as I used simple nertbios computer names without any domain suffixes.

This is what worked:

On protected server:

SetDpmServer.exe -dpmServerName DPMServername -isNonDomainServer -userName DpmNtlmAccount

On DPM Server:

Attach-NonDomainServer.ps1 -DPMServername DpmServername -PSName servername -Username DpmNtlmAccount -Password xxxxx

I still think it is weird that DPM insist that protected servers in thewe same AD domain must use the AD domain name in their DNS name. Very inflexible.

• Marked as answer by ThomasIsr Wednesday, February 25, 2015 9:25 PM