Search This Blog

Friday, December 27, 2019

DPM 2012 R2 and Windows Server 2016 - not supported, but works

One customer who, was still using DPM 2012 R2 asked me if it supported Windows Server 2016. (yes, they still use DPM 2012, but due to financial aspects, it is not possible to upgrade yet).

Microsoft says that it is not supported and never will be, but I decided to test this out.

When we tried to push the agent, initially we got error:

Error 303: The protection agent operation failed on server.
Error details: The RPC server is unavailable (0x800706BA)

But this error was solved by turning of Windows Firewall for the moment of agent installation. After that agent install succeeded.
We restarted the server and also the backups succeeded. 

So, the bottom line is that although not supported DPM 2012 R2 can backup Windows Server 2016. 

Tuesday, December 24, 2019

Delegate just the wipe permissions in Microsoft Intune (solved "An error occured while GET")

Microsoft Intune supports granular permission delegation with RBAC.
If you want to delegate just the Wipe permissions, the you need to:

  1. Open the Intune Management portal
  2. Click Tenant Administration - Roles - All roles - Create
  3. The in the Permissions section add these 
    1. Managed Devices - Read
    2. Remote Tasks - Wipe
  4. Once completed go to the newly created role and click the Assignments section and assign the role to a user or preferably to group.
Also, the accounts, which will be delegated Wipe permissions, need to have Intune licence assigned.

Keep in mind that if you won't grant the Managed Devices read permissions the you will get error "An error occurred while GET" and you will not be able to wipe the devices: