Enjoy Sharing

Deploying DPM Agent on Windows Server 2008 – Workaround?

This is something that got me baffling all day…well…maybe half a day. Oh well, maybe a coupla hours. The frustrating thing is that I could not find any documentation on it and when I thought I found something it led me to some place that I couldn’t find. Alright, alright..enough grouchiness. The problem came when I was trying to deploy a DPM agent to Windows Server 2008 (which happens to have AD installed) from the administrator console. Problem installing the agent showed me error 319 below. Something to do with communicating with the DPM Agent Coordinator.


Looking up the net it was pretty obvious a firewall issue. The problem here was when looking up for the Managing Servers chapter states nothing that was workable. Having made sure all the necessary ports (stated in TechNet) required by DPM it still got me running into the same problem. Found out that the problem is with the protected server’s firewall. Though the necessary ports stated was allowed it still did not allow the agent to go in unless the firewall is turned off, only the agent will install.


After some digging got me to think that the firewall was blocking a program rather than a port. This is something I couldn’t find docs mentioning this. The trick here is to create an exception for the DPM Agent Coordinator service that will be created during the push from the console. Since the service does not exist (yet) the path to the .exe has to be specified (no points for guessing how I discovered the executable). Well, if you are fast enough you would see the service popping up starting, started, stopping, stopped and then disappear. With my fast fingers i manage to find out the path and the .exe that it triggers.

Now, creating the exception is no biggy. This has to be done in the Windows Firewall with Advanced Security. Create a new inbound rule.


Select the rule type; Program


Specify the path to the executable. BTW, it is C:WindowMicrosoft Data Protection ManagerDPMAgentsAC2.0.5820.0dpmac.exe


Set it to allow the connection.


Set the profile.


Give it a name.


And then you are done.


Again, I cannot find anywhere this is documented but this actually worked for me. So, if somebody can point me to a direction where I can find where this is documented please please…I’d appreciate it a lot. Please tell me if there’s a better way of doing this too.




3 responses

  1. Michael

    Thanks much. This did the trick. I’ve not seen this issue addressed elsewhere. Again, thanks.

    January 20, 2009 at 5:53 pm

  2. Mark

    Thank you for taking the time to post this… My experience in attempting to research this error was similar to yours. However, your article helped to point me in the right direction.

    February 14, 2009 at 1:16 pm

  3. Wei King

    Glad to have shared 🙂

    March 25, 2009 at 7:11 am

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s