Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

DPM 2010 RC Agent installation error on W2K8 Rx

490 views
Skip to first unread message

Johan Rydin

unread,
Feb 15, 2010, 12:37:55 PM2/15/10
to
Has anyone successfully installed the DPM 2010 RC Agent on a RODC
(Windows 2008 or Windows 2008 R2)?

I have problems installing the agent on 3 servers and 3 servers only
(all RODC and the only ones in the forest). I get "DPMAgentInstaller
failed with errorcode =0x80070643, error says: Fatal error during
installation". I've got a feeling that it might have to do with the
permissions being set in dcom components or that the server trying to
add AD group to Local group (that doesn't exist - RODC). The following
line are found on all the failing servers:AddRADlsTrustedMachinesGroup:
"Failed to add DPMRADCOMTrustedMachines"

Thanks!

Praveen D [MSFT]

unread,
Feb 16, 2010, 5:48:00 AM2/16/10
to
Can you please follow the below instructions to install the agent on RODC:

1. Create and populate the following security groups on Primary domain
controller: (Where $PSNAME is the name of RODC on which you're planning to
install agent)
a. Create DPMRADCOMTRUSTEDMACHINES$PSNAME and add DPM server as a
member
b. Create DPMRADMTRUSTEDMACHINES$PSNAME and add DPM server as a member
c. Add DPM server as a member of Builtin\Distributed com users group
2. Ensure that above changes are replicated on to RODC
3. Install agent on RODC
4. Grant launch and activate permissions for DPM server on DPM RA service by
doing the following:
a. Run "dcomcnfg"
b. Expand Component Services -> Expand Computers -> Expand My
Computer -> Expand DCOM Config
c. Right click DPM RA Service and select Properties
d. Under 'General', "Authentication Level - Default"
e. Under 'Location', only "Run application on this computer" should be
checked
f. Under Security, verify that the "Launch and Activation Permissions"
(select > "Edit") include the machine account for the DPM Server and Allow
"Local Launch", "Remote Launch", "Local Activation", "Remote Activation"
j. Click OK
5. Copy setagentcfg.exe, traceprovider.dll and LKRhDPM.dll from "c:\Program
Files\Microsoft DPM\DPM\setup" on DPM server and place them in "c:\Program
Files\Microsoft DPM\DPM\setup" on RODC.
6. Run "setagentcfg.exe a DPMRA domain\DPMserver" on RODC using an elevated
command prompt. (Run setagentcfg.exe from the location above i.e c:\Program
Files\Microsoft DPM\DPM\setup)
7. If a firewall is enabled on RODC run the following commands:
a. netsh advfirewall firewall set rule group="@FirewallAPI.dll,-29502"
new enable=yes
b. netsh advfirewall firewall set rule group="@FirewallAPI.dll,-34251"
new enable=yes
c. netsh advfirewall firewall add rule name=dpmra dir=in
program="%PROGRAMFILES%\Microsoft Data Protection Manager\DPM\bin\DPMRA.exe"
profile=Any action=allow
d. netsh advfirewall firewall add rule name=DPMRA_DCOM_135 dir=in
action=allow protocol=TCP localport=135 profile=Any

8. Attach agent on DPM server, now you are ready to protect the RODC.

Thanks,
Praveen D [MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights.

"Johan Rydin" <online...@rydin.se> wrote in message
news:MPG.25e3a4d9...@news.microsoft.com...

Johan Rydin

unread,
Feb 16, 2010, 8:06:19 AM2/16/10
to
I actually tried step 1-4 before but didn't notice that the error
message did change. The following results appear after the groups have
been created in the AD.

When I try the agent installation on a RODC (Win 2008) with a previous
DPM 2007 agent I get: "DPMAgentInstaller failed with errorcode =
0x80070490, error says: Element not found."

In the log file I found:
...
Successfully added DPMRADCOMTrustedMachines$PSSERVERNAME to auth node
Successfully added DPMRADmTrustedMachines$PSSERVERNAME to auth node
AddAuthorizedMachine for upgrade method call successful
SetAgentConfig return code = 0x80070490
AddRADlsTrustedGroupForDCInUpgrade: Failed to configure for new groups
on DC with an errorcode= 80070490
...

When I try the agent installation on a RODC (Win 2008 R2) without a
previous DPM agent I get: "DPMAgentInstaller failed with errorcode =
0x80070032, error says: The request is not supported."

In the log file I found:
...
Successfully added DPMRADCOMTrustedMachines$PSSERVERNAME to auth node
Successfully added DPMRADmTrustedMachines$PSSERVERNAME to auth node
AddAuthorizedMachine method call successful
SetAgentConfig return code = 0x00000000
AddSecurityGroupsToAuthDB returned Error code = 0x00000000,
dpmserverAccount = fNtlmAuth = AddSecurityGroupsToAuthDB returned Error
code = 0x00000000,
dpmserverAccount = fNtlmAuth = [0]
1: __MSDPMSetupError 2: -2147024846 3: 880
DoMachineSpecificDPMConfiguration return code = 0x80070032
....


Thanks!


In article <ewySFWvr...@TK2MSFTNGP04.phx.gbl>,
prav...@microsoft.com says...

Praveen D [MSFT]

unread,
Feb 17, 2010, 10:29:38 AM2/17/10
to

For first one, instead of doing upgrade can you please try fresh install of
the agent, un-install and install the agent.
For the second one, while installing the agent don't give any parameters
like dpmservername. Just run the .exe on the production server.
If it still fails can you please send me the logs to
praveend[at]microsoft[dot]com.

One more thing, when you are creating the groups I am assuming that, if
production servername is MyProductionServer then you are creating the groups
with names DPMRADCOMTRUSTEDMACHINES$MyProductionServer and
DPMRADMTRUSTEDMACHINES$MyProductionServer. The '$' should be part of the
group name.

Thanks,
Praveen D [MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights

"Johan Rydin" <online...@rydin.se> wrote in message

news:MPG.25e4b68f8...@news.microsoft.com...

>> 3. Install agent on RODC (Here just run the agent binary, do not pass any
>> arguments to it).

0 new messages