System Center 2012 R2 Data Protection Manager: End-User Restore with DC 2003

In System Center Data Protection Manager there’s a procedure to enable end-user to restore their local files without IT Admins. For the people that don’t know this, in DPM there’s the possibility to deploy the agent also into the client and create a Protection Group to backup folders (such Desktop, Documents, Profiles and more).


To allows end-users to restore manually is required extend Active Directory; in DPM there’s a wizard that allows to do this, in the Options window. The procedure is very easy because you must click a button and the only requirement is make this procedure from an AD account with permission to extend the Schema.


If your account doesn’t has this permission it’s possible run separately a tool called DPMADSchemaExtension.exe that you can find in the folder “C:\Program Files\Microsoft System Center 2012 R2\DPM\End User Recovery“; this tool must be ran into a Domain Controller from an account with permission to extend the Schema.


Cool….but what happen when you want try to enable the function with a Domain Controller based on Windows Server 2003? I found this issue during my last DPM’s deployment. When I tried to use the “classic” way, as showed in figure 1, I received an error like figure 2.

Figure 1 – Configure End-Users Recovery

Figure 2 – AppCrash


It’s strange….but maybe there was an issue with the permission so I tried to run DPMADSchemaExtension.exe, figure 3; if you want use this tool, keep mind these details:


  • Enter Data Protection Manager Computer Name without FQDN name of DPM server
  • Enter Data Protection Manager Server Domain Name with FQDN, for example
  • Leave Protected Computer Domain Name blank if the DPM server is in the same domain as the Domain Controller


Figure 3 – DPMADSchemaExtension.exe


No way! This is the message error – figure 4.


Figure 4 – DPMADSchemaExtension.exe Error


On TechNet Forum I found a PowerShell script, that is not supported, that do the same thing as DPMADSchemaExtension. I ran the script and….another error, as showed in figure 5.


Figure 5 – Error via PowerShell


Unable to find a default server with Active Directory Web Services running???? This mean that the new tool try to change the Schema via AD Web Services and this means that the Domain Controller must be at least based on Windows Server 2008 R2!!! Bingo!


I downloaded DPMADSchemaExtension.exe from server with DPM 2010, I ran the wizard again and the result was….success – figure 6.


Figure 6 – DPMADSchemaExtension.exe Success


Now it’s possible open again Options window on DPM to see that I can enable the end-user recovery, as showed in figure 7.


Figure 7 – Enable End-User Recovery


DPMADSchemaExtension.exe from DPM 2010 is available in the Download Page.