Current scenario (using DPM 2010):-
In current scenario, here is how i normally deploy DPM 2010 on branch environment. Each branches will have DPM server to protect the server at designated branch. To manage the DPM Server, local administrator will access to local dpm server. However, for HQ Administrator, he/she need to open 4 different console when want to manage branch DPM server. Therefore, this is where DPM 2012 come into picture in order to resolve the administrator tedious work of managing the DPM servers.
New Scenario (using DPM 2012 and DPM 2010):-
In new scenario, HQ Administrator access to 1 console: SCOM console to manage multiple DPM Server which located in different branches. Besides than that, HQ Administrator can assign different roles to local branch administrator rather than provide Full Administrator right.
Note:- This guide is gathered from DPM 2012 Beta Guide. However i have enhance the guide by putting more graphical configuration. For more detail, please refer to Microsoft DPM 2012 Beta Guide.
Therefore, I'm assumed that you have knowledge about DPM 2010 and SCOM 2007 R2 before following this guidelines.
Step 1:-Pre-requisite:-
a) Install Central Console
User need to install DPM Central Console on SCOM 2007 R2 Server.
Import the Management Pack to SCOM. The MP is available in SCOM Server after the Central Console Server & Client installation.
b) Patch DPM 2010
-Install with QFE2
-Install hotfixes from here.
Step 2:-Post Installation:- Override 4 monitor
Step 3:-Add the following registry key:-
a) On SCOM Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\Modules\Global\PowerShell
b) On entire DPM Server
* Must have install SCOM Agent before modify the registry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\Modules\Global\PowerShell
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HealthService\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HealthService\Parameters\Management Groups\<Management Group Name>
Step 4:- Monitor DPM Server
a) Open SCOM Console, you can monitor the health of DPM servers
b) Task executed can view from Jobs console.
Step 5: Configure Role Based Access
With Role Based Access, you can assign different right to different administrator based on their job scope.
a) On SCOM Server, execute DefaultRoleConfigurator.exe from C:\Program Files\Microsoft DPM\bin\.
b) Open SCOM Console, click on Administration, security and select User Roles.
The following is the default roles which you assign to users.
Default Role | Description |
DPM Reporting Operator | Can create, modify and view scheduled or on-demand reports |
DPM Read-Only Operator | Can view all DPM configuration, jobs and alerts. |
DPM Tier-1 Support | Can view all alert and job information. Can perform basic jobs like re-running a failed job. |
DPM Tape Admin | Can perform all tape related actions. |
DPM Tier-2 Support | Can perform all tasks of tier-1 support and additionally can troubleshoot problems. |
DPM Admin | Can perform all actions. |
DPM Recovery Operator | Can only perform recovery of data protected by DPM. |
DPM Tape Operator | Can perform only lightweight tape related operations such as running tape inventory, cleaning dives, etc. |