System Center 2012 R2 Data Protection Manager upgrade fails and generates ID: 4323: "A member could not be added"

Article translations Article translations
Article ID: 2930276 - View products that this article applies to.
Expand all | Collapse all

Symptoms

When you try to upgrade Microsoft System Center 2012 Data Protection Manager (DPM) 2012 Service Pack 1 (SP1) to System Center 2012 R2 Data Protection Manager (DPM) 2012 R2, the upgrade fails and you receive the following error message:

Error: DPM Setup failed to add a user to the local group. Review the error details, take the appropriate action, and then run DPM Setup again.
ID: 4323. Details: A member could not be added to or removed from the local group because the member does not exist
Additionally, you see entries that resemble the following in the Setup.log file:

[10/23/2013 11:07:42 AM] Information : Start configuration.
[10/23/2013 11:07:42 AM] Information : Starting Service:MSSQL$MSDPM2012 on machine:DPMServerName flag restart:False
[10/23/2013 11:07:42 AM] Information : Starting Service:SQLAgent$MSDPM2012 on machine:DPMServerName flag restart:False
[10/23/2013 11:07:42 AM] Information : Starting Service:ReportServer$MSDPM2012 on machine:DPMServerName flag restart:False
[10/23/2013 11:07:42 AM] Information : Create a registry containing sql agent account information
[10/23/2013 11:07:42 AM] Information : Querying WMI Namespace: \\DPMServerName\root\cimv2 for query: SELECT * FROM Win32_Service WHERE Name='SQLAgent$MSDPM2012'
[10/23/2013 11:07:42 AM] Information : Sql Agent account name = domain-old\DPMServerName$
[10/23/2013 11:07:42 AM] Information : Create a registry containing the trigger job path information
[10/23/2013 11:07:42 AM] Data : TriggerJobPath = D:\Microsoft System Center 2012\DPM\DPM\bin\
[10/23/2013 11:07:42 AM] Information : Add user: domain-old\DPMServerName$ to local group: Distributed COM Users on server: DPMServerName
[10/23/2013 11:07:42 AM] * Exception : => DPM Setup failed to add a user to the local group.Review the error details, take the appropriate action, and then run DPM Setup again.Microsoft.Internal.EnterpriseStorage.Dls.Setup.Exceptions.BackEndErrorException: Exception of type 'Microsoft.Internal.EnterpriseStorage.Dls.Setup.Exceptions.BackEndErrorException' was thrown.
at Microsoft.Internal.EnterpriseStorage.Dls.Setup.NativeConfigHelper.AddAccountToLocalGroup(String accountName, String localGroupName, String machineName)
at Microsoft.Internal.EnterpriseStorage.Dls.Setup.Wizard.RemoteDatabaseConfiguration.AddSqlAgentAccountToLocalGroups(String sqlAgentAccountName)
at Microsoft.Internal.EnterpriseStorage.Dls.Setup.Wizard.BackEnd.MachineSpecificConfiguration(Boolean existingDB, Boolean upgrading, Boolean isRemoteDb, String sqlServerMachineName, String sqlInstanceName, Boolean isRemoteReporting, String reportingMachineName, String reportingInstanceName)
at Microsoft.Internal.EnterpriseStorage.Dls.Setup.Wizard.BackEnd.Configure(Boolean existingDB, Boolean upgrading, String databaseLocation, String sqlServerMachineName, String sqlInstanceName, String reportingMachineName, String reportingInstanceName, Boolean oemSetup)
at Microsoft.Internal.EnterpriseStorage.Dls.Setup.Wizard.DpmInstaller.ConfigurePostMsiUpgrade()
at Microsoft.Internal.EnterpriseStorage.Dls.Setup.Wizard.ProgressPage.UpgradeDpm()
at Microsoft.Internal.EnterpriseStorage.Dls.Setup.Wizard.ProgressPage.InstallerThreadEntry()
*** Mojito error was: AddUserToLocalGroupFailed; 1387; WindowsAPI
[10/23/2013 11:07:44 AM] *** Error : DPM Setup failed to add a user to the local group. Review the error details, take the appropriate action, and then run DPM Setup again.
ID: 4323. Details: A member could not be added to or removed from the local group because the member does not exist
[10/23/2013 11:07:44 AM] Information : The DPM upgrade failed.
For more details, click the Error tab.
To troubleshoot this issue, see http://go.microsoft.com/fwlink/?LinkID=164487.

Cause

This issue can occur if the environment has a disjointed namespace (i.e. the domain has different NetBIOS and DNS names). For example, assume that the domain has a NetBIOS name of "domain.com" and a DNS name of "domain-old.com." When users are added in the Windows UI, they are displayed in the format of domain\ComputerName. However, you notice in the error log that there was an attempt to add a computer account in the format of domain-old\ComputerName.

Workaround

To work around this issue, follow these steps:
  1. Create a new domain user account that is named MICROSOFT$DPM$Acct. If you cannot create a new domain account you can use a standard user account. 
  2. Locate the DPMDB database files and make sure that the new account that you identified or created in step 1 has full permissions to that directory.
  3. Change the MSSQL$MSDPM2012 and SQLAgent$MSDPM2012 services so that when they start they use the new DOMAIN user account from step 1.

    Note We recommend that you use Microsoft SQL Server Configuration Manager as the easiest way to make this change.
The upgrade installation should now finish successfully. When the upgrade is complete, revert the two services that are mentioned in step 3 so that they start using the local account designation (.\MICROSOFT$DPM$Acct). 

Additional steps to verify functionality

To make sure that jobs continue to run as scheduled, follow these steps on the DPM server: 
  1. In Registry Editor, locate the following registry subkey:

    HKLM\Software\Microsoft\Microsoft Data Protection Manager\Setup
  2. Make sure that the following values reflect the %MachineName%\Microosft$DPM$Acct local account:
    • SqlAgentAccountName
    • SchedulerJobOwnerName
    Note This account should also have full permissions to the DPM\Bin folder on the DPM server and on the server that is running Microsoft SQL Server, if SQL Server is hosted remotely.
  3. Start DCOMCNFG.exe, and then locate the following folder:

    Component Services\Computers\My Computer\DCOM Config\Microsoft System Center Data Protection Manager 2012 Service
  4. Right-click the service name, and then click Properties.
  5. Click the Security tab.
  6. In the Launch and Activation Permissions area, click Edit, and then verify that the account exists and has all permissions assigned.
  7. Start SQL Management Studio for the DPM instance, and then verify that the account has the Sysadmin role.

Additional steps if the upgrade installation fails

If the upgrade installation fails, and the program does not roll back, you must restore a working version of DPM 2012 SP1 before you can try to install the upgrade again. To do this, follow these steps:
  1. Locate the backup copy of your DPMDB file that you created before you started the upgrade process.
  2. If DPM is installed, uninstall it.

    Important Make sure that you maintain your data. To do this, select Retain disk-based recovery points on the Uninstallation Options page.
  3. Install DPM 2012 SP1. If you had any updates installed, reinstall them in the same sequence that you had installed them previously.

    Note We recommend that you mount the database from step 1, and then run the following query on the DPM database in Administrator mode to locate the sequence in which the updates were originally applied:

    Select distinct MajorVersionNumber,MinorVersionNumber ,BuildNumber, FileName FROM [DPMDB].[dbo].[tbl_AM_AgentPatch]
    where MajorVersionNumber = 4 and MinorVersionNumber =1
    order by BuildNumber desc
  4. To restore the backup database copy, run the following command at an elevated command prompt:

    run dpmsync -restoredb (with appropriate switches)
  5. To synchronize the databases, run the following command in DPM Management Shell:

    dpmsync –sync
  6. Start the DPM Administrator Console, and then make sure that all agents have the same version number as the DPM server.
After you follow these steps, the status of your DPM installation should be restored to its original state. Now, try again to perform the workaround steps and the upgrade installation.

Properties

Article ID: 2930276 - Last Review: February 5, 2014 - Revision: 2.0
Applies to
  • Microsoft System Center 2012 R2 Data Protection Manager
Keywords: 
kbqfe kbfix KB2930276

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com