Introduction
System Center Data Protection Manager (SCDPM) supports the protection of computers in workgroups and untrusted domains using local user accounts (NTLM authentication); however, local accounts increase security risks for attack and are not allowed in most organizations and, therefore, this solution does not work. As an alternative, starting with DPM 2012 and later versions, you can use certificates to authenticate computers in workgroups or untrusted domains.
This chapter describes how to set up DPM protection with NTLM authentication as well as certificate-based authentication to protect computers in workgroups or untrusted domains.