EVault for Data Protection Manager. Course 321 Protecting Exchange 2010 with DPM

(1)

Course 321

(2)

2

3 Objectives

The purpose of this lab is to provide instructions on how to protect and restore Exchange 2010 mail data. All Protection Groups that are created in this lab only focus on Exchange application data (Databases). Normally you would need to protect all file data and system state data to protect this system from disaster. This is covered in “Lab 201 – Protecting File Data, System State, and Bare-Metal Recovery.”

Scenario

We’ll go through the process of installing Windows Server Backup feature, pushing the Agent out to the Exchange server, create a sample mailbox and email, create a Protection Group, delete some email, and then restore the email.

Estimated Time to

Complete This Lab

60 Minutes

Requirements for

This Lab

• IMPORTANT – Windows Server Backup Feature must be installed on the Exchange server in order to allow for the required vss backups. This is a requirement for any Server 2008 machine.

• Exchange Server is joined to our domain

• Exchange Server is running on Server 2008 x64

• On your productions machines, we recommend that all Windows Updates have been applied

(4)

4 Exercise 1 – Installing Windows Server Backup on Exchange Server

In this lab, we’ll install the Windows Server Backup feature onto our Exchange server. This is a requirement to enable backups on Server 2008. Windows Server Backup is the replacement of its predecessor, ntbackup.

Tasks Detailed Steps

1. Initial Logon

EXCH01

a. Once the lab starts, within Surgient, click on the EXCH01_Server and choose RDP.

b. Click the Start menu, right-click Computer, and choose Manage. c. In the Server Manager window, on the left-hand pane, click Features. d. On the right-hand pane, click Add Features.

2. Adding Windows Server Backup Feature

a. On the Add Features Wizard screen, check Windows Server Backup Features and expands its tree.

b. Also check Command-line Tools. Now all of Windows Server Backup Features should have tick boxes next to them.

c. Click Next >.

d. On the Confirmation screen, click Install.

e. Installation will take a minute or so. After which the Results screen should state that Installation succeeded. Click Close.

Exercise 2 – Installing DPM Agent on Exchange Server

In this step, we will push the DPM Agent to an Exchange 2010 server that we wish to protect. This will allow us to further configure the protection of our Exchange server through DPM.

1. Switch Machines

EDPM

a. Using the Server drop-down at the top of the Surgient window, choose EDPM_Server to connect to the EDPM server.

b. The system should automatically log you in, but if you are prompted for login, below are the credentials.

• Username TrainingLab\Administrator

• Password I365password. c. If Server Manager opens, close it. 2. DPM 2010

Administrator Console

a. On the Desktop, open Microsoft System Center Data Protection Manager 2010.

b. Within the DPM 2010 Administrator Console, click the Management tab. c. On this tab, click the Agents tab.

d. Under Selected Items, click Install… 3. Agent

Installation Wizard

(5)

5

c. Select EXCH01, and click Add >. d. Click Next >.

e. We need to specify a user with Administrator privileges. This is because the user the backup uses this user to perform backups.

• User name: Administrator

• Password: I365password

• Domain: TrainingLab.com f. Click Next >.

g. On the Choose Restart Method screen, we’ll choose “No. I will restart the selected computer later.” This way, you can restart the server during off hours.

h. Click Next >.

i. On the Summary screen, click Install.

(6)

6 Exercise 3 – For this Lab Only – Create sample data

In the next steps, we’ll create some sample data to protect. In your production environment you would not normally follow these steps as you’ll already have some Exchange data with your own proprietary data.

1. Switch Machines

EXCH01

b. Using the Server drop-down at the top of the Surgient window, choose EXCH01_Server to connect back to the Exchange server.

b. In the Start menu, open Exchange Management Console. This is the management interface for Exchange where you can create and manage mailboxes.

2. Exchange Management Console

a. On the left-hand pane, click Microsoft Exchange On-Premises (exch01.traininglab.com).

b. In the middle pane, you’ll see the status say unavailable but then it will update with the number of databases and such. Click Manage databases. c. On the left-hand pane, expand Recipient Configuration.

d. On the left-hand pane, highlight Mailbox, and on the right-hand pane choose New Mailbox…

3. Creating a Sample Mailbox

a. On the Introduction section, choose User Mailbox and click Next >. b. On the User Type section, choose New user and select Next >.

c. On the User Information section (any fields I don’t specify, don’t change)

• First name: Bob

• Last name: Jones

• User logon name (User Principal Name): Bob

• Password and Confirm Password: I365password

• Click Next >

d. On the Mailbox Settings section, for the Alias, type Bob and click Next >. e. On the Archive Settings section, click Next >.

f. On the New Mailbox section, click New. g. On the Completion section, click Finish. 4. Populate

Mailbox with Sample Emails through OWA

a. In the Start menu, open Internet Explorer (64-bit).

b. In Internet Explorer’s address bar, type https://localhost/owa. Otherwise, I’ve made a favorite in the Favorite Bar.

c. Because Outlook Web App (OWA) is intended to be protected via SSL (https), you will receive a message: There is a problem with this website’s security certificate because I did apply a certificate to the installation.

d. Click Continue to this website (not recommended). e. In Outlook Web App

• Domain\user name: TrainingLab\Bob

• Click Sign in

• You’ll be prompted for Language and Time zone, click OK. f. For the sample emails, you’ll be composing three new emails to yourself

(7)

7

i. In the To field, type Bob.

ii. Type whatever you want for the Subject and Body of the message.

iii. Click Send.

(8)

8 Exercise 4 – Creating an Exchange Protection Group

In this section, you’ll learn how to protect your newly created Exchange data by creating a Protection Group within DPM. Exchange data can be backed up and recoverable within as little as 15 minute intervals. In this example, we’ll just protect the Exchange databases. We typically recommend protecting the file data with a different protection group policy. This is because file data doesn’t typically need to be protected on a 15 minute interval. Most users are more concerned about they’re highly active data such as databases.

1. Switch Machines

EDPM

a. Using the Server drop-down at the top of the Surgient window, choose EDPM_Server to connect back to the EDPM server.

• Password I365password. c. If Server Manager opens, close it. 2. DPM 2010

Administrator Console

a. Within the DPM 2010 Administrator Console, click the Protection tab. b. This is where we’ll be creating a Protection Group.

c. Under Selected Items, click Create Protection Group… 3. Protection

group wizard

a. On the Welcome to the New Protection Group Wizard choose Next >. b. On the Select Protection Group Type screen, select Servers and choose Next

>.

(9)

9

minute for DPM to collect EXCH01’s information.

d. Check Exchange 2010 Databases. You’ll notice that if you expand this field, you’ll see both the Mailbox databases and Public Folder databases can be backed up, and these have been included in our Protection Set.

e. Click Next >.

f. On the Select Data Protection Method screen, we need to name our Protection Group. In this case name it, Exchange Servers.

• For short-term protection, we’ll use Disk.

• Notice that long-term protection options is greyed out. This is because we do not have a tape library attached for long-term protection.

• Click Next >.

g. On the Specify Exchange Protection Options screen, you have options to use ESEUTIL to check the integrity of your data. Click Next >.

Server Agents – Includes server class operating systems such as Windows 2003 and 2008 along with application specific integration.

File Data – Allows for protection of file level data such as entire volumes on a system, individual files and folders, shares presented or even system state backups. Server 2008 also allows for possible additional recoverability by providing options to do Bare Metal Recovery.

Application Data – Allows for protection of application data such as SQL, Exchange, SharePoint, and Hyper-V data. Integration allows for seamless hot backups of these applications.

(10)

10

defaults (Full Backups) because our Exchange environment is not setup in a Database Availability Group. Click Next >.

i. We’re now on the Specify Short-Term Goals screen. This is where we setup retentions and backup frequency.

Enabling ESEUTIL

Before you continue, you should know that ESEUTIL and the supporting DLL file are not automatically installed on the DPM 2010 server. Using ESEUTIL on the DPM server is recommended, but this will require you to install Exchange Management Tools on your DPM 2010 server.

Note: The version of ESEUTIL that you deploy must match the highest version of Exchange Server that's deployed on your network. Keep in mind that ESEUTIL is updated with each service pack. Therefore, if the highest version of Exchange running on your network is Exchange Server 2003 SP2, you'll need to install the SP2 version of the Exchange Server 2003 management tools.

This is also true with Exchange Server 2007, which is a 64-bit application. You must use the version that corresponds to the highest version of Exchange installed on your network.

It's also important to remember that Exchange Management Tools must be kept current. If you install a new service pack for Exchange Server at a later date, you have to update the management tools on DPM 2007.

After you've installed the Exchange Server Management Tools, copy the ESE.dll and ESEUTIL.exe files from c:\Program

(11)

11

• For the Retention range, we’ll set it to 30 days. This allows us to restore from the last 30 days. The maximum value is 64 days. The more days of retentions, the more storage you’ll need.

• For the Synchronization frequency, we’ll leave the default to Synchronize every 15 minutes. This will allow us to restore our application data within intervals of every 15 minutes.

• For the Express Full Backup setting, we’ll leave the default to backup 8:00 PM Everyday. However, you could Modify this. The schedule should be defined when people are generally not using the system. Typically during off hours.

j. We’re now on the Review Disk Allocation screen.

• In the Disk apace allocation of new members section, you’ll notice Retention Range – This defines how many days back you can

restore your data.

Synchronization Frequency – With application data such as SQL and Exchange, a synchronization with send over just transaction logs for SQL or Exchange to the DPM server. For application data, Synchronizations will create Recovery Points after each completion. This can happen in intervals as little as every 15 minutes. When scheduling a short frequency, you need to consider how much change is occurring on the application server and the bandwidth between the Agent and DPM server. If synchronizes are not completing in the 15 minute window, you can modify the

synchronization rate to a longer window like every hour or every 2 hours.

Initial Replica – With application data, this will send over the entire database to the DPM server. With SQL, it will send over the mdf and ldf files. For Exchange, it will send over the .edb, .stm, and .logs.

Express Full Backup – With application data on the first Express Full Backup, it will send over the changed blocks since the last Initial Replica. On subsequent Express Full Backups, the Agent will send over the changed blocks since the last Express Full Backup. Each Express Full also generates a Recovery Point. As opposed to just sending over transaction logs, Express Fulls send over changes in the database itself.

(12)

12

EVault for Data Protection Manager - ©2010 i365, A Seagate Company that the Total data size and Disk space allocated in DPM values might seem large. DPM performs some calculations and factors in the most possible change that can occur on your system. You can change these values so that DPM will not dedicate so much space.

• We’ll click on Modify later, but first I want to explain the following:

i. Automatically grow the volumes – DPM will automatically

grow your volumes if they are nearing capacity. It will grow them by 25% or 10 GBs whichever is bigger. By choosing this, you can size your volumes smaller and let DPM grow the volumes on its own. DPM can only auto grow a volume once per every 15 minute window.

• Click Modify so that we can resize the volume allocation.

i. Replica Volume – is where DPM stores the current state of

the server. The smallest size is 1 GB. If your server was 10 GBs, you can set this to 10 GB. Another example is when you’re protecting a folder on the C: that’s 5 GBs but you’re actually using 100 GBs on the C: amongst all of its folders, DPM will display the Replica Volume as 100 GBs because DPM considers that you might want to protect other data on that volume.

ii. Recovery Point Volume – Is where DPM stores the

incremental changes between backups. The Recovery Points are played back against the Replica Volume. The more recovery points made, the larger the Recovery Point Volume. The smallest value for this is 1.56 GB. iii. Set the each of the Replica Volumes to 1 GB.

iv. Set the each of the Recovery Point Volumes to 1.56 GB. v. Click OK.

k. On the Choose Replication Creation Method screen, we’ll leave the Defaults which means we’ll send the Replica Now. However, normally, we

recommend waiting to send the Initial Replica until after hours. During time of the Initial Replica all files selected are sent to DPM server. This will take time depending on the size of the data. We want to avoid congesting the network at peak hours. Click Next >.

l. On the Consistency check options screen, we’ll choose to “Run a

consistency check if a replica becomes inconsistent.” You can schedule this, but consistency checks can take time as they do a block for block

comparison of the Replica that exists on the DPM server to the production data on the Agent machine. Click Next >.

m. On the Summary screen, click Create Group.

n. On the Status screen, wait for all the results to state Success and click Close. 4. Protection

Status

a. Back in the DPM 2010 Administrator Console, notice that the Protection Group Protection Status changes from Replica creation in progress to OK. b. Once all of the databases selected in the Protection Group have an OK

(13)

13

(14)

14 Exercise 5 – For this Lab Only – Modify Mailbox Data

In the next steps, we’ll simply delete some email and add some new email.

1. Switch Machines

EXCH01

a. Using the Server drop-down at the top of the Surgient window, choose EXCH01_Server to connect back to the EXCH01 server.

b. Internet Explorer should still be open, but if it’s not please open it. c. Our login to Outlook Web App might have timed out. If it has:

• Password: I365password • Click Sign in 2. Delete a message and create a message in OWA

a. In Outlook Web App, right-click a message (it doesn’t matter which one) and choose Delete.

b. In OWA, click New. You’ll get another message regarding There is a problem with this website’s security certificate. Click Continue to this website (not recommended).

• In the To field, type Bob.

• Type whatever you want for the Subject and Body of the message.

• Click Send.

Exercise 6 – Creating a Recovery Database (Exchange 2010)

In the next steps, create a Recovery Database. DPM requires this to restore the database to

temporarily. From the Recovery Database, we can merge recovered mail data back into the production mailbox.

1. Switch Machines

EXCH01

• Click Sign in 2. Create a

Recovery Database

a. You cannot create a recovery database using the console. You need to use Exchange Management Shell.

b. In the Start menu, open Exchange Management Shell. c. The syntax to create a Recovery Database is the following:

• New-MailboxDatabase –Recovery –Name RDB –Server “servername” –EdbFilePath “Path” –LogFolderPath “path”

d. For our lab we’ll use the following:

• New-MailboxDatabase –Recovery –Name RDB –Server EXCH01 –

EdbFilePath C:\temp\RDB.edb –LogFolderPath C:\temp\

(15)

15 Exercise 7 – Recovering a Mailbox to a Recovery Database with DPM

For this exercise, we’ll restore our sample mailbox to the Recovery Database. The purpose of this is that we’ll be able to use Exchange tools to merge data back into our live Mailbox Database.

1. Switch Machines

EDPM

• Password I365password. c. If Server Manager opens, close it. 2. Recovering a

Database within DPM

a. Within the DPM 2010 Administrator Console, click the Recovery tab. b. Expand Recoverable data\TrainingLab.com\EXCH01\All Protected

Exchange Data\Mailbox Database. Here you’ll see the various mailboxes that we can recover from.

c. In the middle pane, we see a calendar of dates that we can choose from. Any calendar date that is in bold means that at least one Recovery Point exists on that day.

d. For the Recovery Time field, use the drop-down and choose the most recent time. Choosing Latest might cause the Recovery to fail due to problems replaying Transaction Logs.

e. Highlight Bob mailboxes at the bottom under Recoverable Item.

f. On the right hand pane under Selected Items, choose Recover. This will spawn the Recovery Wizard.

3. Recovery Wizard

a. On the Review Recovery Selection screen, click Next >.

b. On the Select recovery type screen, select “Recover mailbox to an Exchange server database”

c. On the Specify destination screen, click Browse a. Select the EXCH01 server.

b. Click OK.

d. For the Database name, type RDB. This is the Recovery Database we had created earlier.

e. On the Specify recovery options screen, click Next >. f. On the Summary screen, click Recover.

g. On the Recovery Status screen, wait for the Recovery Status to read Successful.

(16)

16 Exercise 8 – Recovering a Mailbox using a Recovery Database

From the restore that we just completed, we’ll switch back to our Exchange server and restore data from our Recovery Database back into our live Mailbox Database. This requires the use of the Exchange Management Shell as Microsoft has removed GUI based Exchange tools to do this operation.

1. Switch Machines

EXCH01

• Password: I365password • Click Sign in 2. Restore Data from Recovery Database to Live Database

a. You cannot recover data in the console. You need to use Exchange Management Shell.

b. In the Start menu, open Exchange Management Shell. c. The syntax to see the contents of a database is the following:

• Get-MailboxStatistics –Database <RecoveryDatabaseName> d. For our lab we’ll use the following:

• Get-MailboxStatistics –Database RDB

• Click Enter and you should see Bob Jones listed. e. To restore a mailbox, the syntax is:

• Restore-Mailbox –Identity <Username> -RecoveryDatabase <RecoveryDatabaseName>

f. For our lab we’ll use the following:

• Restore-Mailbox –Identity Bob -RecoveryDatabase RDB

• Click Enter and you will be prompted to Confirm. Click Enter again. 3. Check OWA to

Validate

a. Internet Explorer should still be open, but if it’s not please open it. b. Our login to Outlook Web App might have timed out. If it has:

a. Domain\user name: TrainingLab\Bob b. Password: I365password

c. Click Sign in

c. You should see that you have the original messages along (including the message you had deleted) along with the new message that was added. d. If you do not see any difference, remember that DPM backs up every 15

minutes. DPM might’ve backed up your addition and deletion of a message, and that might be what you’re seeing. If this is the case, you’ll have to repeat the steps earlier in the lab and select an earlier time of recovery.

Exercise 9 – Recovering an Exchange Database with DPM – Prep Exchange

For this exercise, we’ll restore our entire Mailbox Database back to the original Exchange server. Before we initiate the restore, we need to make sure that the database can be overwritten by a restores.In the previous exercise, we only restored one mailbox. In this procedure, we’re recovering the entire

(17)

17

1. Switch Machines

EXCH01

• Password: I365password • Click Sign in 2. Access Properties of our Mailbox Database

a. In the Start menu, open Exchange Management Console. b. It will take a minute for it to connect to our Exchange server. c. Expand Microsoft Exchange On-Premises (exch01.traininglab.com). d. Expand Organization Configuration.

e. Highlight Mailbox.

f. On the Database Management tab, right-click Mailbox Database and choose Properties.

3. Allow Database to be Overwritten by a Restore

a. Click the Maintenance tab.

b. Check This database can be overwritten by a restore. c. Click OK.

Exercise 10 – Recovering an Exchange Database with DPM – Performing

Restore in DPM

For this exercise, we’ll restore our entire Mailbox Database back to the original Exchange server. In the previous restore exercise, we only restored one mailbox. In this procedure, we’re recovering the entire database. This rolls the entire database back to a point in time. You would use this method if you had a corrupted database or were recovering from a disaster.

1. Switch Machines

EDPM

• Password I365password. c. If Server Manager opens, close it. 2. Recovering a

Database within DPM

a. Within the DPM 2010 Administrator Console, click the Recovery tab. b. Expand Recoverable data\TrainingLab.com\EXCH01\All Protected

Exchange Data. Here you’ll see the various databases that we can recover from.

c. In the middle pane, we see a calendar of dates that we can choose from. Any calendar date that is in bold means that at least one Recovery Point exists on that day.

(18)

18

EVault for Data Protection Manager - ©2010 i365, A Seagate Company e. Highlight the Mailbox Database at the bottom under Recoverable Item. f. On the right hand pane under Selected Items, choose Recover. This will

spawn the Recovery Wizard. 3. Recovery

Wizard

a. On the Review Recovery Selection screen, click Next >.

b. On the Select recovery type screen, select “Recover to original Exchange Server location” and click Next >.

c. On the Specify recovery options screen, we’ll leave the defaults to “Mount the databases after they are recovered.” Click Next >.

d. On the Summary screen, click Recover.

e. On the Recovery Status screen, wait for the Recovery Status to read Successful.

f. Click Close.

Conclusion

In this lab you’ve learned how to not only protect Exchange but also how to restore individual mailbox data and entire Exchange databases. Please feel free to do further testing in your training lab. For further information about DPM, you can always access their Technet site at

http://technet.microsoft.com/en-us/library/ff399192.aspx. If this link is broken, goto

http://technet.microsoft.com , navigate to Library, System Center, and choose System Center Data Protection Manager 2010.

EVault for Data Protection Manager. Course 321 Protecting Exchange 2010 with DPM

Course 321

2

Table of Contents

3

Objectives

Scenario

Estimated Time to

Complete This Lab

Requirements for

This Lab

4

Exercise 1 – Installing Windows Server Backup on Exchange Server

Exercise 2 – Installing DPM Agent on Exchange Server

5

6

Exercise 3 – For this Lab Only – Create sample data

7

8

Exercise 4 – Creating an Exchange Protection Group

9

10

11

12

13

14

Exercise 5 – For this Lab Only – Modify Mailbox Data

Exercise 6 – Creating a Recovery Database (Exchange 2010)

15

Exercise 7 – Recovering a Mailbox to a Recovery Database with DPM

16

Exercise 8 – Recovering a Mailbox using a Recovery Database

Exercise 9 – Recovering an Exchange Database with DPM – Prep Exchange

17

Exercise 10 – Recovering an Exchange Database with DPM – Performing

Restore in DPM

18

Conclusion