Turn on throttling across hundreds and hundreds of DPM agents. It is not feasible to turn this on via the DPM admin console agent by agent as this would require a lot of time to do. I am going to detail a way to throttle multiple DPM agents at the same time cutting the time down to a few minutes.
Throttling is used to ensure bandwidth used by DPM agents does not clog the network so that the bandwidth is available to applications on the network.
Here is the standard process for turning on throttling in DPM:
http://technet.microsoft.com/en-us/library/ff399035.aspx
In DPM Administrator Console, click Management on the navigation bar.
Click the Agent tab, and then select the computer for which you want to configure network bandwidth usage throttling.
In the Actions pane, click Throttle computer.
In the Throttle dialog box, select Enable network bandwidth usage throttling.
Select Throttle Settings and Work Schedule for the computer.
Here is the process to throttle multiple DPM agents at once:
Go to your DPM Admin console and enable throttling on an agent. Now on the DPM server or remote SQL instance server open up SQL Management studio. In SQL Management Studio run the following query on the tbl_AM_InstalledAgent table to find out the settings and ID GUID of the agent you just enabled throttling on. SELECT [InstallID]
,[ServerId]
,[AgentID]
,[OSType]
,[RebootRequired]
,[Deleted]
,[DeletedDateTime]
,[ClusterID]
,[Enabled]
,[PatchID]
,[IsThrottled]
,[WorkHoursTransmissionRate]
,[NonWorkHoursTransmissionRate]
,[ThrottlingSettings]
,[OSVersion]
,[ServerAttributes]
,[IsServerOS]
,[ApprovedPatchByAdmin]
FROM [DPMDB].[dbo].[tbl_AM_InstalledAgent]
GO
.csharpcode, .csharpcode pre
{
font-size: small;
color: black;
font-family: consolas, "Courier New", courier, monospace;
background-color: #ffffff;
/*white-space: pre;*/
}
.csharpcode pre { margin: 0em; }
.csharpcode .rem { color: #008000; }
.csharpcode .kwrd { color: #0000ff; }
.csharpcode .str { color: #006080; }
.csharpcode .op { color: #0000c0; }
.csharpcode .preproc { color: #cc6633; }
.csharpcode .asp { background-color: #ffff00; }
.csharpcode .html { color: #800000; }
.csharpcode .attr { color: #ff0000; }
.csharpcode .alt
{
background-color: #f4f4f4;
width: 100%;
margin: 0em;
}
.csharpcode .lnum { color: #606060; }
-
The results should look similar to this:
Scroll to the right until you see the IsThrottled column, Notice the row that has a 1 in it. Copy the InstallID..
Copy the InstallID into the following Query and run this against the tbl_AM_InstalledAgent table.
DECLARE @w int
SET @w = (SELECT [WorkHoursTransmissionRate] from tbl_AM_InstalledAgent WHERE InstallID = ‘2083CDAA-2872-4D2D-BAEA-ADF033021EB9′)
DECLARE @n int
SET @n = (SELECT [NonWorkHoursTransmissionRate] from tbl_AM_InstalledAgent WHERE InstallID = ‘2083CDAA-2872-4D2D-BAEA-ADF033021EB9′)
DECLARE @t nvarchar(max)
SET @t = (SELECT [ThrottlingSettings] from tbl_AM_InstalledAgent WHERE InstallID = ‘2083CDAA-2872-4D2D-BAEA-ADF033021EB9′)
UPDATE [DPMDB].[dbo].[tbl_AM_InstalledAgent]
SET
[IsThrottled] = 1
,[WorkHoursTransmissionRate] = @w
,[NonWorkHoursTransmissionRate] = @n
,[ThrottlingSettings] = @t
GO
INFO: This query is going to update all the other agents in the tbl_AM_InstalledAgent table with the throttle settings of the agent who’s InstallID you copied.
Now check the agents in the DPM admin console. They should all be enabled for throttling and have the same settings.
NOTE: If you throttle multiple agents in DPM using this method it is not supported. That does not mean this will not work, it simply means that it has not been tested by Microsoft and therefore cannot be supported. Use this at your own risk.
Special thanks to MVP Steve Bucanan
Microsoft is committed to giving people access to the skills they need for jobs in the growing knowledge economy. To support this commitment, Microsoft created number of programs and resources that share a common focus;providing technology skills training, and resources to help people find employment
Based on feedback and constructive criticism, Microsoft Canada identifies key areas where they can improve and help you by providing better resources to answer your questions, solve your real world problems and help you achieve your business goals. Maybe it’s just ensuring you know you have a voice – or just making your life a little easier at the end of the day – whatever it takes, Microsoft is listening.
Microsoft has a number of great resources to help you in areas of professional development and access to software. The Microsoft Virtual Academy contains some fantastic FREE online training on hot topics for IT Professionals. Once you’ve stopped by and tried out a course or two — head on over to the Microsoft Eval Center to download copies of their server products to try out in your lab environment. And while you’re at it, check out this free Microsoft Office 365 ebook by Katherine Murray, it shows you how you can use cloud computing to help get more done and help improve ease of collaboration.
Software licenses, whether they apply directly to your copy of Microsoft office or some other piece of software, are a type of contract that determine how you may use that software or on how many machines it may be installed. In the case of Microsoft Office, it is a proprietary software product that may be purchased with a variety of licenses, all slightly different in what they allow you to do with that copy of Office. The license depends on the version and how you purchased the copy.
Based on feedback and constructive criticism, Microsoft Canada identifies key areas where they can improve and help you by providing better resources to answer your questions, solve your real world problems and help you achieve your business goals. Maybe it’s just ensuring you know you have a voice – or just making your life a little easier at the end of the day – whatever it takes, Microsoft is listening.
One of the areas Microsoft has received feedback on is Licensing. Whether you need to buy one license from a traditional retail store or explore options for a more flexible volume licensing program, it can be confusing and sometimes downright intimidating to figure out what you need. After doing a little digging - I’ve highlighted some resources you can use to help figure out exactly what you need when you talk with your software reseller.
Speaking of licensing – I often get asked if I can back up our claims at a more cost effective Virtualization solution for your server rooms. I dug up a great – no nonsense breakdown on recent licensing changes in the industry and how our offering stacks up.
Licensing Resources
· Licensing FAQs: Frequently Asked Questions About Product Licensing
· The SMB How to Buy Portal: receive clear purchasing and licensing information that is easy to understand in order to help facilitate quick decision making.
· Microsoft License Advisor (MLA): Use MLA to research Microsoft Volume Licensing products, programs and pricing.
· Volume Licensing Service Center (VLSC) – Already have a volume License? Use the VLSC to get you easy access to all your licensing information in one location.
· Windows 7 Comparison: Compare versions of Windows and find out which one is right for you
· Office 2010 Comparison: Find out which Office suite is right for you.
Other Resources You May Find Useful
· TechNet Cloud Hub - Get the latest news and find great resources to help you jump into the Cloud.
· TechNet Evaluation Center - Try some of the latest Microsoft products like Office 365, Windows Intune or System Center Virtual Machine Manager 2012 for free, before you buy.
· Microsoft Virtual Academy - For free training to help improve your IT skill set.
By following a few simple guidelines, you can maintain your computer, help increase your PC speed, and help keep it running smoothly. This article discusses how to use the tools available in Windows 7, Windows Vista, and Windows XP Service Pack 3 to help make your computer faster, maintain your computer efficiently, and help safeguard your privacy when you're online
Based on feedback and constructive criticism, Microsoft Canada identifies key areas where they can improve and help you by providing better resources to answer your questions, solve your real world problems and help you achieve your business goals. Maybe it’s just ensuring you know you have a voice – or just making your life a little easier at the end of the day – whatever it takes, Microsoft is listening.
One of the areas Microsoft has received feedback on is Security, specifically how to help keep your PC protected. Whether it's at work or at home, I've been told that it can be hard to make sense of what's important, which updates should be installed and how best to protect your PC. Microsoft has a resource center for their Monthly updates listed below – it's something you should check out every second Tuesday of the month. If you prefer to listen to a podcast – they've created one that's easy to listen to and not too technical called Security Bulletins for the Regular IT Guy.
Recently there have been a growing number of Phone Scams from individuals claiming to be from Microsoft asking you about the security of your PC. You should be suspicious of unsolicited calls about security of your systems. Don't give out financial details, visit websites, allow anyone to remote control your system or install software from unsolicited callers. If you feel your system has been compromised or has a computer virus – you can call Microsoft's Security and Virus FREE support line at 1-866-727-2338.
Security Resources
· Microsoft Security Essentials – Free Anti-Malware software from Microsoft, great for Small Businesses and Home PCs alike.
· Security Bulletins by the Regular IT Guy – A monthly podcast to help simplify details about the monthly Security patch releases.
· Security TechCenter – Find top tasks, get the latest news, find a wiki article or download a featured tool.
· Windows Update Services – Businesses of all sizes can help manage and control the rollout of updates in their organizations.
Other Resources You May Find Useful
· Springboard Series - Your destination for technical resources, free tools and expert guidance to ease the deployment and management of your Windows-based client infrastructure.
· AlignIT Manager Tech Talk Series - A monthly streamed video series with a range of topics for both infrastructure and development managers. Ask questions and participate real-time or watch the on-demand recording.
· Microsoft Virtual Academy - For Free Training To Help Improve Your IT Skill Set.
· TechNet Evaluation Center - Try some of the latest Microsoft products like Office 365, Windows Intune or System Center Virtual Machine Manager 2012 for free, before you buy.
Last week I have been challenged with our DPM server, that kept crashing every 15 min, since we are MS partners, I opened a support request, and Steve and Pat helped me out, however if you cant open a ticket to Microsoft support this is some information could help you.
Have you ever wondered where to go to get help with your common, everyday IT challenges?
Based on feedback and constructive criticism, Microsoft Canada identifies key areas where they can improve and help you by providing better resources to answer your questions, solve your real world problems and help you achieve your business goals. Maybe it’s just ensuring you know you have a voice – or just making your life a little easier at the end of the day – whatever it takes, Microsoft is listening.
One of the areas Microsoft has received feedback on is Help and Support. Let's face it, you may not have a direct contact person from Microsoft that you can call up when you have a problem and with the pace of technology today, you just can't wait for things to sort themselves out. So you either commit you or your teams' time and energy to fixing that issue, or you hire someone to come in and fix it. But what if I told you there were some great Microsoft Resources available for support that you could use? I've put together a list below. This is by no means exhaustive, but it should give you a great start when you need to tackle your next IT challenge.
Help and Resources
Other Resources You May Find Useful
- Microsoft Virtual Academy - For Free Training To Help Improve Your IT Skill Set.
- TechNet Evaluation Center - Try some of the latest Microsoft products like Office 365, Windows Intune or System Center Virtual Machine Manager 2012 for free, before you buy.
- TechNet Newsletter - Sign Up To Receive The Latest IT News and Developments, Product Releases, Expert Insights and Support Services with Microsoft's complimentary biweekly newsletter for industry professionals.
When you install DPM 2010, right after the prerequisites verification you receive an error “Verify that Windows Management Instrumentation (WMI) Service is running. if …….”
in order to fix this issue, you need to reinstall WMI , this is how to do it
From an elevated Command Prompt
1. Disable and stop the WMI service.
sc config winmgmt start= disabled
net stop winmgmt
2. Rename the Repository folder under C:\Windows\System32\wbem to Repository.old
3. Run the following commands.
Winmgmt /salvagerepository %windir%\System32\wbem
4. Re-enable the WMI service and then reboot the server to see how it goes.
sc config winmgmt start= auto
Islam GOmaa
DPM MVP
Islam[at]islamGomaa.com
One thing is missing in DPM 2010 is De-Duplication, with BitWackr , you can accomplish the de-dupliacation and save a lot od space on your DPM Storage
Block-based data deduplication is a technique that eliminates redundant blocks of data. In a typical deduplication operation, blocks of data are "fingerprinted" using a hashing algorithm that produces a unique, "shorthand" identifier for data blocks. These unique fingerprints along with the blocks of data that produced them are indexed and retained. Duplicate copies of data that have previously been fingerprinted are deduplicated, leaving only a single instance of each unique data block along with its corresponding fingerprint resulting in dramatic storage capacity savings.
BITWACKR C SERIES FOR WINDOWS SERVERS
The addition of data deduplication to backup software has changed the industry's approach to data protection. Once the exclusive domain of high-end deduplication appliances, the addition of a deduplication option to the major backup software products makes this powerful technology available to IT shops of all sizes. But in order to optimize data reduction ratios, backup data has to be compressed as it is being deduplicated. And hardware compression is the only technology that can perform this task without impacting backup and restore performance or server and client resources.
BitWackr C Series for Windows Servers provides OEMs, Solution Providers and VARs the product needed to turbocharged today's latest backup software advancements with the industry leader in hardware accelerated disk and RAID data compression. BitWackr for Windows Servers delivers a distinctive value multiplier to backup software.
BitWackr C Series for Windows Servers provides OEMs, Solution Providers and VARs the product needed to turbocharged today's latest backup software advancements with the industry leader in hardware accelerated disk and RAID data compression. BitWackr for Windows Servers delivers a distinctive value multiplier to backup software.
Improved Backup Data Reduction
BitWackr C employs the same data compression algorithms deployed worldwide in Enterprise-class Virtual Tape Libraries. Combining Exar's Express DR acceleration PCIe cards and dedicated compression silicon with BitWackr's patent-pending Virtual Block Device (VBD) technology, BitWackr C accelerates data compression to turbocharge deduplication data reduction.
Improved Backup and Restore Performance
Targeting performance-centric data protection environments, BitWackr C recognizes the premium priority set on protecting data within already stringent backup and restore windows by providing line-rate throughput performance. By reducing the server processor payload, BitWackr C helps ensure that backup servers have the resources needed to address advanced backup software capabilities, providing improved performance without taxing the server's processor.
Simplicity, Transparency and Ease of Use
Using an innovative and patent-pending approach, BitWackr C presents itself as a block storage disk device to Windows Servers, allowing users to take advantage of BitWackr's unique capabilities without sacrificing operating system disk and volume management utilities. This unique capability dramatically reduces the complexity and learning curve required for BitWackr C integration and support.
BitWackr for Microsoft Data Protection Manager
Microsoft System Center Data Protection Manager offers great protection for Microsoft environments. But what about your non-Microsoft systems? And what about storing backup data offsite to defend against site disasters?
Unleash DPM. For a cross-platform, cloud-connected world
How do you manage backup and recovery for applications, servers, clients, and
virtual machines? Microsoft® System Center Data Protection Manager (DPM) is
a great choice for Microsoft systems. But what about everything else? And what
about storing backup data offsite to defend against site disasters? You need deeply
integrated Microsoft application and client protection, broad non-Microsoft system
protection, and secure, efficient cloud connectivity—all in a single, all-in-one solution.
Deep Integration with Microsoft Applications and File Servers
EVault for DPM leverages Data Protection Manager 2010 to back up and recover data from
Microsoft® SQL Servers, Exchange Servers, Office SharePoint® Servers, and Hyper-V™ Server
virtual environments, as well as Windows-based desktops and laptops. Because DPM 2010
was designed by Microsoft, you can be assured that EVault for DPM will tightly integrate with
your organization’s Microsoft business applications and offer up-to-the-minute protection.
Better Backup for Microsoft SharePoint
EVault for DPM makes SharePoint backup simple. It understands SharePoint architectures,
recognizing and automatically protecting new content databases whenever added. EVault for
DPM protects your entire SharePoint deployment—SQL databases, metadata, search index
files, and more—even when distributed across multiple platforms. And you’ll quickly master
its intuitive user interface. Simply select the farm to protect and EVault for DPM backs up the
right components.
Strong Protection for Microsoft Virtualization Environments
Beyond protecting Microsoft applications and servers, EVault for DPM protects virtual
machines hosted on servers running Microsoft Hyper-V. Protection includes online backup
of supported guest virtual machines hosted on clustered or standalone systems; virtual
machines engaged in Hyper-V live migration; and item-level recovery from host-level backup.
All-in-One Solution Ensures Easy-to-Deploy Data Protection
EVault for DPM is the only cross-platform backup and recovery solution that incorporates
Microsoft DPM 2010. It includes EVault technology that provides comprehensive protection
for Microsoft and non-Microsoft platforms; optimized cloud connectivity; and a single, webbased
console that acts as your command center for monitoring agent status and simply
initiating complex tasks. Designed for easy deployment, EVault for DPM is available as a preconfigured
hardware/software appliance and as a virtual appliance
a lot of times , you need to restore your production Database on a periodical basis , and that maybe for Development or for reporting purpose, you can achieve this solution either by PowerShell, or Opalis.
With Opalis you can use the DPM IP to achieve this task
just create the following Workflow and you are done
the equivalent for this task is 30 lines of codes in PowerShell like this one
http://blogs.technet.com/b/dpm/archive/2007/09/04/cli-script-copy-latest-point-in-time-of-sql-db-to-a-folder.aspx
The Integration Pack for System Center Data Protection Manager (DPM) is an add-in for Opalis Integration Server 6.3 that enables you to automate the protection of virtual machine hosts and virtual machine guests. You can use the objects in this integration pack to create workflows that provide the following:
- Automated virtual machine protection and recovery
- Automated SharePoint Farm protection and recovery
- Automated system state protection
- Ad hoc backups
The integration pack adds the System Center Data Protection Manager category to the Object pane in the Opalis Integration Server Client. This category contains the following objects:
Create Recovery Point
Get Data Source
Get DPM Server Capacity
Get Recovery Point
Protect Data Source
Recover SharePoint
Recover SQL
Recover VM
to learn more about opalis and DPM , visit, http://technet.microsoft.com/en-us/library/gg464929.aspx
From Steve’s blog
PROBLEM:
During a recovery you select the option "Send an email when this recovery completes". The recovery job completes with no issues but an email notification is never sent.
RESOLUTION:
There are several things you need to ensure are configured for this to work properly. These are:
- Make sure an SMTP Server is configured. To configure this go on the DPM administrator console go to Action>>>Options and click on the SMTP Server tab.
- Information alerts should be selected. To configure this go on the DPM administrator console go to Action>>>Options and click on the the Notifications tab.
- The recipient listed on the recovery notification screen must also be entered on the Notification Recipients list. To configure this go on the DPM administrator console go to Action>>>Options and click on the Notifications tab. You will see the Recipients list. Add email addresses here. Note multiple email address must be separated by commas.
Now the recovery notifications should work. You will receive 2 email notifications during the recovery process these are:
You should get an informational alert at the beginning of the job. This email lets you know that a job has started. It will look like this:
The following alert occurred at 2/20/2011 1:18:08 PM.
Status: Active
Computer: DPMSERVERNAME.YOURDOMAIN.com
Description: Recovery jobs started @ Sunday, February 20, 2011 1:18:07 PM.
For more information, open DPM Administrator Console and review the alert details in the Monitoring task area.
You should get another informational alert email at the end of the job that it is completed. This email will look like this:
The following alert occurred at 2/20/2011 1:39:11 PM.
Status: Active
Computer: DPMSERVERNAME.YOURDOMAIN.com
Description: Recovery jobs started @ Sunday, February 20, 2011 1:34:39 PM completed successfully.
For more information, open DPM Administrator Console and review the alert details in the Monitoring task area.
from Steve’s blog
On client computers that are protected by DPM you had to put the end users account in the local administrators group. If you did not add the end user account to the local administrators group you would get this error after opening the recovery tab in the DPM client: “DPM found no recovery points which you are authorized to restore on the specified DPM server. You can restore only those recovery points for which you were an administrator at the time the backup was taken. To restore other recovery points, contact your DPM administrator, or attempt to restore from another DPM.” This is not ideal on many networks because the end users are not allowed to have local administrator access.
Solution:
Apply hotfix 2465832 found here: http://support.microsoft.com/kb/2465832.
This hotfix resolves other issues with DPM 2010 as well. You can find the full list of what this hotfix corrects on that link. Be sure you check out the prerequisites for this hotfix before applying and don’t forget to update your DPM agents after applying this hotfix.
***UPDATE***
Mike Ressler found a mistake in the KB documentation.
Here is a link to Mike’s post on this:
http://scug.be/blogs/scdpm/archive/2011/03/11/getting-the-non-administrator-client-recovery-working-in-dpm-2010.aspx.
The mistake is in the registry key that you need to create. In the KB you are told to create:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Data Protection Manager\Agent\ClientProtection and then create a new key called ClientOwner as REG_MULTI_SZ
It should actually be:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Data Protection Manager\Agent\ClientProtection and then create a new key called ClientOwners as REG_MULTI_SZ.
ClientOwners not ClientOwner.
I have been waiting for mms 2011 to reveal the new feature of DPM 2012 , these release has a lot of new features
Centralized Management
With DPM 2012 , you can centralised your DPM server management VIA operation manager, and you can manage more than 100 DPM servers , and 50 K data sources, and of course the new Management pack has a lot of capabilities for DPM 2010 and 2012.
Role based administration
That is was an important feature that will allow you to grant different users different levels of access to DPM, we have been waiting long time for this feature.
Certificate Based authentication
DPM2010 uses local users to backup untrusted / workgroup machine, and the challenge was how can you manage all this local users, thankfully it is not the case in DPM 2012, with DPM 2012 you can use certificate for authentication.
Media Colocation
With DPM 2012 you will have the ability to configure Media colocation for individual protection groups.
Virtual DPM enhancements
With DPM 2012 , you can install DPM on Virtual Machine and perform Item level restore, that wasn't possible on DPM 2010
From Steve’s Blog
In this post I will explain the steps I had to take to allow DPM traffic in and out of my ISA firewall. (NOTE:This will also work with TMG 2010 as well.). This is required in order for a Secondary offsite DPM server to backup a Primary DPM server that is inside the local network and for client protection over the WAN. Both DPM offsite protection and offsite client protection are done via VPN. Configuring ISA / TMG for DPM traffic can seem somewhat complex and there is not any really good documentation on how to do this. My goal of this post is to simply this process as much as possible in clear easy to follow steps. I will assume that if you are reading this post that you are somewhat familiar with ISA 2006 / TMG 2010.
The steps needed to configure ISA 2006/TMG 2010 to allow DPM traffic in and out of the network are:
- Configure an access rule for DPM traffic.
- Define protocols in ISA/TMG for DPM traffic.
- Loosen up RPC security
1. Configure an access rule for DPM traffic.
You first need to create an Access rule in ISA 2006 for DPM. I called mine DPM offsite.
In the rule allow access to and from Internal, Local Host, and VPN Clients. We will add the protocols next.
2. Define protocols in ISA/TMG for DPM traffic.
Now you need to add a bunch of protocols to your DPM access rule. Some of these protocols already exist and some of the protocols will be custom therefore you will need to create them. I will show you what needs to be created in the custom protocols.
Protocols that need to be added in your access rule for DPM in ISA 2006 / TMG 2010 are:
- DNS
- DPMRA (Custom protocol see the ports that need to be added for this below)
- Kerberos-Sec (TCP)
- Kerberos-Sec (UDP)
- NetBIOS Datagram
- NetBIOS Name Service
- NetBIOS Session
- RPC Server (all interfaces)(This is DCOM)
- RPC-UUIDS (This is a custom protocol that contains UUID’s for DPM)
- SMB 445 (Custom protocol for service message block)
Here are the ports that are used in the above protocols:
- DNS 53/UDP
- DPMRA 3148/TCP 3149/TCP 5718TCP 5719/TCP – 3148/UDP 3149/UDP 5718/UDP 5719/UDP
- Kerberos 88/UDP 88/TCP
- NetBIOS 137/UDP 138/UDP 139/TCP
- DCOM (RPC Server) 135/TCP Dynamic
- SMB 445/TCP
- RPC-UUIDS 135/TCP (This protocol also needs the UUID’s for DPM added to it.)
In the RPC-UUIDS custom protocol the following UUID’s need to be added:
MSDPM AC:
- {C4EBD674-1457-4B79-BE30-B04735AED9D1}
- {A3B9D3F4-2477-4F95-B2D1-F75B0FDF2A2F}
DPM RA:
- {DA6AA17A-D61C-4E9C-8CEA-DB25DEA52A95}
- {2DF31D97-33CC-4966-8FF9-F47C90F7D0F3}
MSDPM:
- {27F60283-447F-4D5F-AA84-F45D09BD06EF}
- {8D8C691A-AFE6-4EA3-A6B2-F3E5EF1BD0CA}
DPM LA:
- {1B308A4A-FFEC-4C85-957C-53AA1DCC696F}
- {9E6C5356-B180-4295-888C-5A99E505420F}
When you are done you should have a total of 8 UUID’s like in the following screen shot.
TechNet article on DPM and firewall ports: http://technet.microsoft.com/en-us/library/bb808766.aspx .
3. Loosen up RPC security
By default ISA / TMG enforces strict RPC security on all firewall rules and on the system policy. We need to loosen this security some in order for DPM traffic to flow between the DPM agents and the DPM server through the firewall. This needs to be done on the DPM access rule and your VPN access rule. Here are the steps:
Locate your access rule in the firewall list and right click on it. Select Configure RPC filter.
A dialog window will pop up. Uncheck Enforce strict RPC compliance. Click OK.
In All Firewall Policy make sure that your access rule for DPM is at the top of the firewall rules. To do this right-click the access rule for DPM, and then click Move Up. Keep doing this until it is listed at the top of the list.
Make sure to apply your changes in ISA. Click Apply in the top pane of ISA/TMG to save your changes and update the configuration.You should now be able to communicate from DPM to clients or Secondary DPM servers offsite through VPN.
For more information Microsoft has created a video on this process: http://blogs.technet.com/b/dpm/archive/2010/12/06/new-video-tmg-setup-for-dpm-communication.aspx .
From Steve’s Blog
You need to get detailed reports on your Data Protection Manager. The reports that are included with DPM are not enough and do not contain the data that you need to report on.
The Solution:
There is a way to create custom reports for DPM. I am not a SQL guy and will never claim to be but I was still able to figure out how to generate custom reports for DPM thanks to Microsoft SQL reporting services. Let’s cover the process of doing this.
The DPM Report Views
Views are like tables in SQL in the way they look. Views can be considered virtual tables that pull data from multiple tables. They dynamically generate their data when the view is referenced. Someone typically will build a view for non-SQL users that do not know how to write SQL queries but need to pull data together.
Microsoft has included a bunch of SQL views in the DPM database by default. They included these so that DPM administrators could create custom reports. These Custom Report Views for DPM can be found here: http://technet.microsoft.com/en-us/library/ff399120.aspx . On that link it will also describe what type of data each view will give you in your report. This is what the views look like and where they are stored in SQL management studio.
These views need to be used by SQL Reporting Services to generate the custom DPM reports.
Accessing and Setting up Reporting Services for DPM:
SQL Server Reporting Services (SRS) is a web based tool that resides on a SQL server and can be used to generate reports. These reports can be interactive, can be printed and can be exported into other formats. It is accessed through a web services interface. It gives a user the power to generate custom reports from data stored in SQL databases.
If your DPM is using a local SQL instance you will find the DPM SQL Reporting Services site here: http://NAMEOFYOURDPMSERVER/Reports_MSDPM2010/
The Report Builder is typically what is used to design and run the DPM reports. By default SQL Reporting Services comes with Report Builder 1.0. Report Builder 1.0 cannot access SQL views so that version of the tool will not work. We need to upgrade the Report Builder to versions 2.0 or higher. The latest version is 3.0. In this example we are going to use 2.0. The first step is to download the newer version of Report Builder that you are going to use and install this on your DPM server (or the server that SQL is on.) Then what we need to do in is change the The SQL Reporting Services site Report Builder from opening version 1.0 to opening 2.0. Follow these steps to change this to open up to 2.0.
Setting the default Report Builder
1.Open a web browser and go to the SQL Reporting Services site.
2.On the Home screen click Site Settings in the top right.
3.In the General tab, change the Custom Report Builder launch URL to /ReportBuilder/ReportBuilder_2_0_0_0.application
4.Click Apply
Building a custom DPM Report:
Ok lets go through the steps of creating a custom DPM report using SQL Reporting Services and Report Builder.
1. Go to http://NAMEOFYOURDPMSERVER/Reports_MSDPM2010/
I recommend creating a folder for your custom reports.
a) To do this click on New Folder in the SRS site.
b) Give it a name and click the Ok button.
c) You will now see this listed along with the DPMReports folder. (The DPMReports folder is where the default DPM reports live.)
2. Now click on the new folder that you created.
3. Click on New Data Source. We need to create a connect to the SQL DPM database.
NOTE: This is the typical string to your data source: Data Source=BUCHDPM\MSDPM2010;Initial Catalog=DPMDB
Use the settings in the following screenshot. You also need to make sure either the account you are using has permissions to the DPM database or else you need to provide the credentials of an account that has the proper access. Click Ok when you are done.
4. Now you can build a report. Click on the Report Builder button. This will launch the Report Builder application.
5. In this example we are going to create a Chart based report. Click on Chart.
6. You should see the datasource that you created. Select the datasource to highlight it. Click Next.
7. On this screen is where you can access the DPM views. Expand Views under Database view.
8. In this example we are going to generate a report to show us what computers have the DPM agent installed and the version that is installed. Select the DPM views that contain the data you will need in your report. Click Next.
9. Choose your chart type and click Next.
10. The AvailableFields contain the data that you can add to your chart. To add just drag a field from the available fields area to either Categories, Series, or Values. Click Next.
a. Categories
Lists the fields that are in column groups.
b. Series
Lists the fields that are in row groups.
c. Values
Lists the fields that display as values.
11. Choose your chart style. Click Finish.
12. The Report Build is similar to Microsoft Word so it is easy to work with. The challenging part if getting the data laid out the way you want. This will take some time of playing around with it to get the look you want. Build and customize your report.
13. Click on Run to generate your report. The report may take some time to generate depending on the amount of data you are pulling from SQL. You will see status update as the report is being generated.
14. You will then see the the finished report with the live data.
Building a custom DPM Report:
Now you have your report but do you use this same report so that you don’t have to recreate it every time? No problem you can save the report as a file or on the SRS site. Note that you cannot view these reports in DPM reporting. You can only see these custom reports by opening the report file in Report Builder or on the SRS site. It is more convenient to host these reports on the SRS site. To save the report to the SRS site follow these steps:
1. Click on the Orb in the upper left hand corner. Choose Save As.
2. Save the report to your SRS site. Be sure the your SRS site is listed in the Look in: field and then click Save. It is recommended to save this in the custom folder that we created earlier on our SRS site.
3. Now browse to your SRS site. Click on the custom report folder we created earlier. You will see the report.
4. Click on the new report to view the report in the browser.
To see this report or other reports you create just open them up on the SRS site. The data will be live as the report is connected to your DPM database through the datasource connection. I am sure that a SQL guru could go in and do more with the data and these SQL tools to generate some really cool reports. This information and example is intended to get DPM Administrators who typically are not SQL gurus up to speed on DPM custom reporting. Essentially this should be enough to get you going on creating custom DPM reports using the views as well as give you a basic understanding of SQL Reporting Services.