Here we will show the way to fix the error ‘Agent Not Reachable’ in DPM which prevents backing up guest virtual machines on Windows Server Hyper-V. This is applicable to physical servers and client computers too. The backup of a Windows server/computer will fail when the DPM server loses the connectivity and access to take necessary actions on the protected computer.
There are a few things you need to check when you get this error in Data Protection Manager (DPM), but this post specifically solves the problem which is related to local user authentication that prevents backup in a different domain (untrusted) or workgroup setup.
Usually, when the DPM console shows an ‘Agent Not Reachable’ warning and backup and synchronization do not happen, you need to check the below points,
- Network connection
- The firewall on the protected computer
- The power status of the computer
- DPM Agent installation or service issue.
Microsoft basically says only two reasons for it here. If you are sure that the above 4 settings/status is meeting the requirement on a protected virtual or physical computer, then possibly the below reason is the culprit.
Since we are talking about the DPM protection for the untrusted domain and workgroup setup scenario, the user name and password we set up during the configuration could be the issue. Mostly the password is expired or some issues with the local user account. This is the normal warning message when DPM lost access/connectivity.
The Solution to Fix Agent Not Reachable in DPM
Here we are not going to explain how to configure backup with DPM in an untrusted domain or workgroup environment. Basically, you need to create a local user account on the DPM server and protected computer to complete this task. You can follow this guide to set up the backup for a virtual or physical machine in this case.
Coming to the solution, the first thing you can do is simply update the password of the local account used during the setup.
If you have missed configuring the ‘do not expire’ password option and the password expiry policy is in place, then you will be facing this issue more frequently.
Under Management in the DPM console, you can see the error message below which indicates that there are some issues.
Update Password on Protected Computer
Here we can update/change the password from the protected computer. You should know whether the computer is protected by using NetBIOS or FQDN.
This command is for the NetBIOS name, (Open the command prompt as administrator and type the below command from the DPM-Bin folder)
SetDpmServer.exe -dpmServerName Server01 -isNonDomainServer –UpdatePassword
This is for the computer protected by the FQDN name,
SetDpmServer.exe -dpmServerName Server01.corp.contoso.com -isNonDomainServer –UpdatePassword
Enter the new password and confirm it again.
On the DPM server,
Again you have to see how the protection was set up earlier, either by FQDN or NetBIOS name. Here is an example of FQDN protection;
Update-NonDomainServerInfo –PSName Finance01.worlwideimporters.com –dpmServerName Server01.contoso.com
You should be running this command from the DPM installation folder as shown below.
You can find more information here about setting up a password for untrusted or workgroup computer/server protection by Microsoft System Center Data Protection Manager.
Type the same password you have entered earlier in the protected computer. This user credential will be used in future for DPM communication and the backup process.
Make sure the Windows firewall is set to allow DPM communication packets on these specific ports.
Once the same password is updated on both computers, do a refresh under Protected computers in the Management area of DPM. The connection will be active and the ‘Agent Not Reachable’ error will disappear from the DPM console. Now the backups should work perfectly.
You must set ‘Password never expires’ for this particular local user account on both computers – the DPM server and the protected computer.
Hope this guide is helpful in solving the random agent not reachable error message in DPM while protecting untrusted domain or workgroup computers.