You can deploy Microsoft SQL Server in a VM or in a physical machine. In either case, you must install the DPM agent on the SQL Server machine. If SQL Server is deployed in a clustered mode or as a SQL AlwaysOn, then the DPM agent must be installed on all the nodes that are part of the failover cluster for the SQL Server instance. And if you add any node to the cluster in the future, then the DPM agent must be installed on the newly added cluster node(s) as well.
Before you enable SQL Server protection, you must explicitly add the system account NTAuthoritySystem to the Sysadmin group on the SQL Server, as shown in the following screenshot:
If you forget to add the system account NTAuthoritySystem to the Sysadmin group on SQL Server, then the DPM server will generate a critical alert stating Unable to configure protection, as shown in the following screenshot: