Getting the Client-protection working

February 22, 2010 at 8:43 am in Uncategorized by mikeresseler

Hey All,

One of the exiting features of DPM 2010 is the improved client protection of workstations.  In this post, I’ll give some more information about it.  To make it a bit tricky, I decided to try to install the agent on a workstation
(windows 7, 32-bit) that resides

a. In a different domain (but a fully trusted domain)

b. Is not in the office but connected through a VPN, sitting at home

Since I assume that client protection will be getting more and more attention from companies, I decided to test it out thoroughly.  Both for the installation and the first synchronization I decided not to follow the guidelines but really try to do the worst scenario.

 

1. The installation

Installing the client is the same as installing a server.  Manuals from the beta (before the RC) mentioned that I should install it manually (or through solutions such as SCCM or SCE) but I thought that it also would be possible to do this through the UI.

image

I start by taking the "install agent” option since I didn’t installed it yet.  Note also the attach agents that can be used when an agent is installed manually.

image

Now I need to select the workstation.  He will only list the workstations and servers from the domain that the DPM server resides in, so to connect  to my workstation on another domain, I had to type in the FQDN name in the box

image

Here I can give in the credentials for a user that has administrative rights on the workstation in that domain

image

I decided here not to restart the workstation automatically, instead, I wanted to test if it really is necessary to restart which could be a killer in very large environments.

image

Finally, the summary and ready to install.  Now one little note drew my attention: The computer may momentarily lose network connectivity during installation.

Since the workstation is on a client vpn, this could be tricky :-)

Also, before you can actually do this, you need to make sure that your firewall is configured correctly.  I failed the first time because my firewall was wrong configured.

clip_image001

And then the screen of success came.  Now I didn’t see the client lose network connectivity, and if it did, then it had to be very short because my VPN tunnel didn’t drop so that seems to be working.

Now let’s look a bit at the changes on the client.

First, I found two new services

image

Second, here’s how the Client UI looks:

image

This client already has a policy, but how that works I will explain in next post.

Lessons learnt:

* It is possible to install the agent on a workstation through the GUI from DPM itself.

* You can do it over a VPN connection

* Windows 7 doesn’t need to reboot afterwards

* The DPM client UI will demonstrate a small icon in the notification area after the reboot, but you can start it by starting manually the DPM UI without rebooting

* In windows 7, when you want to see this icon, you need to change the notification settings

clip_image001[4]

And this is the icon, and more information when you right-click on it

clip_image001[6]

image

Last picture is from a client that is disconnect from the server

Allright, next post: Create a protection group and do the first synchronization, over the VPN of course :-)

Cheers,

Mike