Recently we had to connect an untrusted Domain Controller to our DPM instance, it’s pretty straight forward and heres how to do it:
Install the DPM Agent on the server you want to protect, agents can be found in C:\Program Files\Microsoft System Center 2012 R2\DPM\DPM\agents\ on the DPM server.
Once installed, run the SetDPMServer.exe command from C:\Program Files\Microsoft Data Protection Manager\DPM\bin, with the following arguments:
SetDpmServer.exe -dpmServerName <serverName> -isNonDomainServer -userName <userName> [-productionServerDnsSuffix <DnsSuffix>]
The -dpmServerName argument should be your DPM server. -isNonDomainServer tells DPM that this machine is on an untrusted domain or workgroup. The userName argument is the name of a user that SetDPMServer.exe will create locally. In this case we are installing on a DC that has no local user database, and the account will be created in the Users OU in Active Directory. the productionServerDNSSuffix is used if the sserver has multiple DNS suffixs configured, and should be set to the FQDN of the protected server’s domain.
You will be asked to enter a password after running the SetDPMServer.exe command.
Once SetDPMServer.exe has been run you can swap over to the DPM Server and attach the agent.
Go to Agents > Install > Attach Agents > Computer in a workgroup or untrusted domain > Next > Type the FQDN of the server e.g Server1.mydomain.local > Add > Next > Enter the username and password you configured while running SetDPMServer.exe.
You should now have the Agent reporting back to DPM.