When utilizing the Windows 2003 firewall to protect both Data Protection Manager 2007 and Exchange 2007, I found that you have to make a few Inbound Program Exceptions on the firewall.
Here are the group policy firewall entries I had to make under "Inbound Program Exceptions"
DPM Server's Policy:
C:\Program Files (x86)\Microsoft DPM SRT\FileStore.exe:192.168.1.0/24:enabled:DPM FileStore.exe
C:\Program Files (x86)\Microsoft DPM SRT\rmtask.exe:192.168.1.0/24:enabled:DPM rmtask.exe
C:\Program Files\Microsoft DPM\DPM\bin\DPMRA.exe:192.168.1.0/24:enabled:DPM DPMRA.exe
C:\Program Files\Microsoft DPM\DPM\bin\msdpm.exe:192.168.1.0/24:enabled:DPM msdpm.exe
Exchange Server's Policy:
C:\Program Files\Microsoft Data Protection Manager\DPM\bin\DPMRA.exe:192.168.1.0/24:enabled:DPM Agent Exe
C:\Program Files\Microsoft\Exchange Server\bin\mad.exe:192.168.1.0/24:enabled:Exchange mad.exe
C:\Program Files\Microsoft\Exchange Server\bin\store.exe:192.168.1.0/24:enabled:Exchange store.exe
For the Exchange or any client server your trying to protect with DPM you will have to make the exception for the DPM Agent. You will also need to enable the "Allow inbound file and printer sharing exception" since these services utilize these ports as well.
Due to the way Group Policy processes, you might have to reboot your Exchange server twice for the program exceptions to process correctly.
No comments:
Post a Comment