spacer
spacer
spacer
spacer

Search MS4U

Loading...
spacer
Showing posts with label SCDPM. Show all posts
Showing posts with label SCDPM. Show all posts

Thursday, March 1, 2012

Site to Site DPM 2012 Replication Firewall Ports

 

Guy, anyone doing site to site DPM replication. Well, i have been playing around it since DPM 2010. Now i am testing Site to Site Replication using DPM 2012 and this round i’m not talking about step by step configuration. We will focus on the common question especially on firewall that exist in Site A and Site B. You are require to open certain ports in order for the replication to work.

Now, Microsoft Technet provide a good article on ports that you need to open in order for communication between DPM Server, Domain Controller, DPM Remote SQL Server and protected server. You can check the firewall port from here:- technet.microsoft.com/en-us/library/ff399341.aspx

One of the concern is the WMI and RPC dynamic port number which the range from TCP 1024 through 65535. So most security team will not allow you to open huge range of port number between site A and site B. Therefore below is the step by step that you can follow to configure fixed WMI port and set range of dynamic RPC port.

1. Configure WMI to use Fixed Port – TCP/24158

a) Open command prompt and type the following command

winmgmt -standalonehost
net stop "Windows Management Instrumentation"
net start "Windows Management Instrumentation"
netsh firewall add portopening TCP 24158 WMIFixedPort

To verify, open the Component Services from Administrative Tools. Expand My Computer | DCOM Config | Right click Windows Management Instrumentation and select EndPoint Tab. Select Connection oriented TCP/IP and select Properties

spacer

2. Configure Dynamic RPC Port to a specific range. For example: 60000 – 60500.

a) Open registry using the command regedt32. (must. Don’t use regedit)

b) Create the following Key Value under

HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\Internet\

c) Create Key Data Type

Ports REG_MULTI_SZ
PortsInternetAvailable REG_SZ
UseInternetPorts REG_SZ

Example:-

Ports: REG_MULTI_SZ: 60000-60500

PortsInternetAvailable: REG_SZ: Y

UseInternetPorts: REG_SZ: Y

spacer

d) Reboot the both the DPM server

3. Configure physical firewall between Site A and Site B.

Example:-

spacer

spacer

That’s all for now. Hope this article is useful for those who are planning to setup site to site replication using DPM 2012.

Posted by Lai Yoong Seng at 7:47 PM 0 comments spacer spacer
Labels: SCDPM

Tuesday, February 21, 2012

Encrypt Data to Tape in DPM 2012

 

Today we are going to look into how to secure the data store into tape. To encrypt the data store in tape, you need to have a valid certificate. When configure tape select “Encrypt Data”

spacer

Below screenshot is the error message when you’re trying to backup data to tape. The job will fail because it did not detect certificate under DPMBackupStore Store under Certificate snap-in.

spacer

To resolve this issue, use any computer with IIS snap-in. Create a self signed certificate.

Below is the screenshot, on how to create a self signed certificate.

spacer

Provide a certificate name. Example: DPMCert

Related searches:
firewall configure server select example
gipoco.com is neither affiliated with the authors of this page nor responsible for its contents. This is a safe-cache copy of the original web site.