Changes made to AD DS for end-user recovery
Updated: May 13, 2016
Applies To: System Center 2012 SP1 - Data Protection Manager, System Center 2012 - Data Protection Manager, System Center 2012 R2 Data Protection Manager
When you enable end-user recovery System Center 2012 – Data Protection Manager (DPM) performs a number of actions in AD DS:
Extends the schema
Creates a container (MS-ShareMapConfiguration)
Grants the System Center 2012 – Data Protection Manager (DPM) server permissions to change the contents of the container
Adds mappings between source shares and shares on the replicas
If DPM administrators are also schema and domain administrators in AD DS, end-user recovery can be enabled in a couple of clicks. For DPM administrators who aren’t schema and domain administrators, the DPMADSchemaExtension tool runs to configure AD DS.
This topic describes the classes and attributes that are added when end-user recovery is enabled by either an AD DS schema and domain administrator, or when the DPMADSchemaExtension tool runs.
Classes added by DPM describes the classes that are added to Active Directory when you enable end-user recovery on DPM.
Attributes added by DPM describes the attributes that are added to Active Directory when you enable end-user recovery on DPM.
Classes added by DPM
DPM adds one class, ms-SrvShareMapping, to the Active Directory directory service when you enable end-user recovery. This class contains the mapping from the protected computer (and share) to the DPM server (and share).
Warning
It is recommended that you do not modify this class.
The following table provides a detailed description of the ms-SrvShareMapping class:
| Attribute | Value |
|---|---|
| objectClass | Top |
| objectClass | classSchema |
| instanceType | 4 |
| possSuperiors | Container |
| possSuperiors | organizationalUnit |
| subClassOf | Top |
| governsID | 1.2.840.113556.1.6.33.1.22 |
| mustContain | ms-backupSrvShare |
| mustContain | ms-productionSrvShare |
| rDNAttID | Cn |
| showInAdvancedViewOnly | TRUE |
| adminDisplayName | ms-SrvShareMapping |
| lDAPDisplayName | ms-SrvShareMapping |
| adminDescription | Maps servers with shared resources. |
| objectClassCategory | 1 |
Attributes added by DPM
DPM adds two attributes to Active Directory when you enable end-user recovery. The following table lists the added attributes:
| Attribute | Description |
|---|---|
| ms-BackupSrv-Share Attribute | Provides the DPM share name and DPM computer name in a string. |
| ms-ProductionSrv-Share Attribute | Provides the protected computer share name and protected computer computer name in a string. |
ms-BackupSrv-Share Attribute
The following table provides a detailed description of the ms-BackupSrv-Share attribute:
| Attribute | Value |
|---|---|
| objectClass | Top |
| objectClass | attributeSchema |
| attributeID | 1.2.840.113556.1.6.33.2.23 |
| attributeSyntax | 2.5.5.12 |
| rangeUpper | 260 |
| isSingleValued | TRUE |
| showInAdvancedViewOnly | TRUE |
| adminDisplayName | ms-BackupSrv-Share |
| adminDescription | Identifies a server with shared resources. |
| oMSyntax | 64 |
| IDAPDisplayName | ms-backupSrvShare |
| objectCategory | CN=Attribute-Schema,<SchemaContainerDN> |
ms-ProductionSrv-Share Attribute
The following table provides a detailed description of the ms-ProductionSrv-Share attribute:
| Attribute | Value |
|---|---|
| objectClass | Top |
| objectClass | attributeSchema |
| attributeID | 1.2.840.113556.1.6.33.2.24 |
| attributeSyntax | 2.5.5.12 |
| rangeUpper | 260 |
| isSingleValued | TRUE |
| showInAdvancedViewOnly | TRUE |
| adminDisplayName | ms-ProductionSrv-Share |
| adminDescription | Identifies a computer with shared resources. |
| oMSyntax | 64 |
| IDAPDisplayName | ms-productionSrvShare |
| objectCategory | CN=Attribute-Schema,<SchemaContainerDN> |