Share This Post

DPM failed to communicate with the protection agent

Here is the problem on DPM one of the agents for a protected server stops communicating with DPM.  You see the error “DPM failed to communicate with the protection agent on protectedservername.domainname.com because access is denied. (ID 42 Details: Access is denied (0×80070005))”

In my scenario the protected server was in a non-trusted domain. I checked a couple of things as a part of the troubleshooting process. Here is what I checked:

  1. Made sure DPM can ping the protected server and the protected server can ping the DPM server.
  2. Checked firewalls on both DPM server and protected server to make sure nothing changed here.
  3. Checked the network for high latency and saturation.  (Link to tutorial on checking latency: Tutorial)
  4. Checked to make sure the DPM machine account was in the following security groups on the protected server:

    DPMRADmTrustedMachines
    DPMRADCOMTrustedMachines
    Distributed COM Users

  1. Checked DPM services on the DPM server to make sure they are configured to run using the Local System account.

None of the items I checked was the issue. The last thing to check was the account used by the DPM agent as the protected server is in a non-trusted domain. That turned out to be the issue. The account being used by the DPM agent needed to be re-sync’d. Here are the steps I took to do this.

 

On Protected Server:

  • Open elevated command prompt
  • Navigate to: C:\Program Files\Microsoft Data Protection Manager\DPM\bin
  • Run:

SetDpmServer.exe –dpmServerName DPMSERVERNAME.DOMAINNAME.com -isNonDomainServer -userName dpmaccount

PASSWORD: ************

 

On DPM server:

  • Open DPM PowerShell.  You will be here: PS C:\Program Files\Microsoft DPM\DPM\bin\
  • Run:

Attach-NonDomainServer.ps1

  • You will be prompted for the following:

DPMServer::
PSName::

UserName::
Password::

After doing this the agent will be able to communicate again.

Share This Post

My name is Steve Buchanan and I’ve been in Information Technology for 11 years. I have been attending the Minnesota System Center User Group meetings for about 6 months. I have been working with System Center products for the past 3 years specifically Microsoft Data Protection manager and System Center Essentials. I run a blog about Microsoft and Open Source technology at www.buchatech.com. I plan to share posts from my blog here that discuss System Center topics.

Leave a Reply