See also, Security considerations for end-user recovery, Granting appropriate user privileges – Dell PowerVault DP600 User Manual
Page 69
69
firewall manually to permit communication between the DPM server and protected computers.
Configure Windows Firewall on a DPM server by opening port 135 to TCP traffic and specifying
the DPM service (Microsoft Data Protection Manager/DPM/bin/MsDPM.exe) and the protection
agent (Microsoft Data Protection Manager/DPM/bin/Dpmra.exe) as exceptions to the Windows
Firewall policy.
For instructions for configuring Windows Firewall, search on "Windows Firewall" in Windows Help
and Support for Windows Server 2003.
See Also
Security Considerations for End-User
Recovery
You can enable end-user recovery for file data, but not for application data. Use only domain-
based security groups for permissions to files and folders on which you plan to enable end-user
recovery. DPM cannot guarantee consistency between end-user access to data on protected
computers and end-user access to recovery points of that data on the DPM server if you rely on
local security groups.
For example, if the set of users included in the protected computer's local Users group differs
from the set of users included in the DPM server’s local users group, different sets of users will
have access to the data on the protected computer and to the recovery points of that data.
See Also
Granting Appropriate User Privileges
Before you begin a DPM deployment, verify that appropriate users have been granted required
privileges for performing the various tasks. The following table shows the user privileges that are
required to perform the major tasks associated with DPM.
User Privileges Required to Perform DPM Tasks
Task
Required Privileges
Adding a DPM server to an Active Directory
domain
Domain administrator account, or user right to
add a workstation to a domain