Although System Center Data Protection Manager offers a way to do a remote installation of the agent, it’s far from ideal when you have to deploy the agent to several hundred laptops.
Since the agent offers a silent installation, I thought it would be best to let SCCM do what it does best. I created a package of the agent with a program “DPMAgentInstaller_x64.exe /q dpmservername“. Unfortunately the advertisement fails with a failure exit code of -2147023288.
A quick search didn’t give me any useful information, but since the command itself worked when run from a command line, I decided to try a task sequence and first create the appropriate firewall rules. This should be done by the installer when using the /q dpmservername but I thought it wouldn’t hurt.
The task sequence has 5 steps, the first 4 steps are “run command line” steps, the last one is “Install software” and is the same program that keeps failing when run without a task sequence.
netsh advfirewall firewall set rule group=\”@FirewallAPI.dll,-29502\” new enable=yes
netsh advfirewall firewall set rule group=\”@FirewallAPI.dll,-34251\” new enable=yes
netsh advfirewall firewall add rule name=dpmra dir=in program=\”%PROGRAMFILES%\\Microsoft Data Protection Manager\\DPM\\bin\\DPMRA.exe\” profile=Any action=allow
netsh advfirewall firewall add rule name=DPMRA_DCOM_135 dir=in action=allow protocol=TCP localport=135 profile=Any
After creating the task sequence I assigned it to some test machines and they all completed the task sequence successfully.
Now it’s just a matter of assigning them within DPM to a protection group.