In this post we will see how to restore a server with Bare-Metal Recovery protection in Data Protection Manager 2012 R2. The server to restore is a virtual domain controller on Windows Server 2012 R2. Previously I have made a full system protection of this server. For this example, servers are named as below:

• Protected server: VMADS01
• DPM server: VMDPM01

There are two steps to restore a server with BMR protection:

• Recover a BMR backup
• Restore a server with Bare-Metal Recovery

Recover the Bare-Metal Recovery

First of all, I verify that VMADS01 is protected rightly. I need at least one recovery point for this test. So the below screenshot shows you that replica of VMADS01 is all right’s. So let’s go to recover the Bare-Metal Recovery.

First open the Recovery tab. In Browse field, enter the name of your server. Choose a recovery point with the calendar. Once you have chosen a recovery point, right click on Bare-Metal Recovery as below, and select Recover.

On the first screen of recovery wizard, just click next.

Because I have no tape library, I want to copy recovery files to a network folder. So the recovery will be performed across the network.

On specify destination screen, click on Browse and choose where you want store the recovery files. I choose VMDPM01 on D:\Restore folder.

Next configure recovery options as you want. You can for example set the network bandwidth uses for recovery needs, an E-mail notification or security option.

Once all parameters are set, click on Recover to copy files where you have specified.

During the recovery process, you can view the state on Monitoring tab.

Once the recovery process is finished, you should have a recovery success alert.

Open the folder where are located recovery files and rename it with a shorter name. This is to ease the recovery process in the next steps.

Create a share on your recovery folder.

Now that recovery files are hosted and ready to be used, we will see how to use the restore files from server side.

Restore a server with Bare-Metal Recovery

First, insert ISO of your operating system to boot on the Windows Server installer. For me, the OS is Windows Server 2012 R2.

Choose your language as fresh OS installation.

Next click on Repair your computer.

Then click on Troubleshoot.

Click on System Image Recovery.

The below warning is normal. Because my machine has no data on its hard disk, no system image is stored. So just click cancel.

So click on Select a system image.

Click advanced to take recovery files from a network share.

Enter the network folder. For my example the network folder is \\VMDPM01\BMRMyComputer.

So the backup is listed. Select it and click next.

Select what you want to restore and click next.

In this section you have additional options. For example you can restore only one disk or install additional drivers.

Click on finish to launch the restoring of your system.

In barely 10 minutes, my server is restored. Because this server is a domain controller, I have checked about the behaviour of the replication process. It is impressive because the Active Directory service knows that a restoration took place and so it ask a replication from its friends!

As you have seen, the restoration process is pretty easy and fast so Bare-Metal Recovery protection is a good way to protect servers. However the main disadvantage of this protection type is that it uses a lot of storage space because all data are saved. But I am ready to lose some storage space for this awesome protectionJ.

The post Restore a server with Bare-Metal Recovery protection in DPM 2012R2 appeared first on Tech-Coffee.

Online backup with Windows Azure has some limitation:

• A disk pool is necessary
• Only primary server can use Windows Azure
• Only two recovery points per day can be created
• The retention range maximum is 120 days (448 days for disk)
• Only Hyper-V SQL and files can be protected in Azure

Before that you install Windows Azure Backup Agent, DPM shows below information:

So first, we have to configure Windows Azure. The first step is to upload the computer certificate, and next to download Windows Azure Backup Agent.

Windows Azure side configuration

First I have created recovery services (create a new vault). I have called this server AzureBackup.

When you click on your service, you have information about the steps to follow to configure your recovery service. First it is necessary to upload the computer certificate. Mine is called DPM1.fabrikam.com.cer.

I have an AD CS on my lab infrastructure so I have enroll my DPM server. I have uploaded the above certificate. Once you have upload your certificate, click on Download Agent (Agent for Windows Server and System Center – Data Protection Manager).

That’s all about Windows Azure configuration. Pretty easy no?

Data Protection Manager server configuration

Now it’s time to configure DPM server. First it is necessary to install the Windows Azure Backup Agent. The file is called WABInstaller.

After that the agent is installed, open your DPM administrator console and open Management tab. Now the Azure Backup Agent version is filled. So click on Register to connect your DPM server to Windows Azure.

Select your certificate locally. DPM requests Azure to find the same certificate. Previously we have uploaded the same in Azure so DPM finds a match with AzureBackup recovery service.

Next configure your proxy configuration.

Then configure Throttling settings. This is a feature that limits the bandwidth consumption. You can declare work hours and days and limit bandwidth for work hours and non-work hours.

Next specify a recovery folder that will be used as a temporary location for recovery. When you recover a data sources from Windows Azure, files will be copied on this temporary folder first. When data sources will be recovered, the temporary data will be cleaned up.

Next specify a passphrase to encrypt your data in Windows Azure.

Now you have a new storage support for your protection groups.

Now that DPM is registered for online storage, you can find a reference to your server in Windows Azure. Click on your Recovery Service Dashboard:

 Use Windows Azure with Data Protection Manager

To test the Windows Azure and DPM configuration, I create a protection group to use my online storage. If you don’t know how to create protection group, please view this topic. On Select Group Members screen, I select the temp folder of hyperV01 server. I use a small folder because the goal is to test the solution.

Next I choose to protect my data with online protection.

If you have many data sources in your protection group, it is possible to select only the most critical of them.

Configure the Online protection Goals as short-term goals.

Once you have created your protection group, it appears in Protection tab and the online Protection should be enabled.

The post Use Windows Azure with Data Protection Manager appeared first on Tech-Coffee.

DPM can store backup on disk (disk-to-disk or D2D), on library tape (disk-to-tape or D2T) or on Windows Azure (disk-to-cloud or D2C). These supports can be mixed for high availability: so it is possible to perform D2D2D backup or D2D2T etc. The latest best practice about backup is called 3.2.1 and says that:

• Perform 3 backups.
  
• On 2 different support.
  
• Store replica on 1 remote site.
  

This article is focusing on short-term protection with D2D support to explain protection group (and because I do not have a library tape J).

Disk-to-Disk protection process

When you create a protection group, an initial replica of data protected is created. Then the DPM agent tracks every change on data sources to transfer modification to replica, block per block though DPM server. That means that only changes are synchronized. Then a recovery point is created from the synchronized replica. A recovery point is a point in time from which you can perform a recovery of your data. The scheduling for recovery points creation is configurable.

To synchronize the replica, there are two ways in DPM: the synchronization and the express full backup. The synchronization tracks journal change in the Operating System or in applications and transfer only modification block per block. On express full backup, a full volume shadow copy is created but only changes are transferred. Some applications don’t support the synchronization (such as SQL Server in Simple Recovery Model) so the express full backup is very useful in this case.

Data protected by DPM

DPM can protect Microsoft Exchange, SQL Server, Hyper-V (and virtual machines), SharePoint, File Servers and System State. Thanks to System State protection, Active Directory databases can be saved (including AD DS, AD CS and AD LDS). To finish, DPM can protect and recover a machine as a Bare-Metal. That means that if the machine is broken and need a recovery, this last not need the DPM agent to be restored.

Protection group parameters

Protection group type

This setting defines which kind of machines is saved: Servers or Clients. The Server type is used to save file servers or application servers. You can save SQL databases, files, Hyper-V virtual machines, system states etc. Client type enables to save workstations (laptops or desktops).

Group Members

This setting defines the collection of data sources that you backup. Because that data sources share the same configuration in a protection group, these last are usually the same kind of data. For example to backup Active Directory, a protection group will be created to save system state of domain controller. In this example, the system state is the data source.

Data Protection Method

This is here that you choose short-term or long-term protection. When you choose short-term protection you can select the backup support (disk, tape or cloud) while when you select long-term protection you have to own a tape library.

Protection goals (Short-Term)

In this section you can define the retention range, the synchronization and full express backup frequency for files data and application data.

Protection group preparation table

Below an example of how to prepare your short-term protection groups:

I have based the recovery point on the synchronization frequency because in this example, databases support incremental backup using transaction logs in MSSQL. If your databases don’t support incremental (log shipping or Simple Recovery Model), synchronization cannot be used and Express full backup frequency should be increased.

On next section I will implement a protection group based on this table.

Protection group example: MSSQL databases backup

To create a Protection Group, click on Protection tab and select New. I assume that you have created a storage pool in DPM before performing the protection group creation.

To backup MSSQL databases, select the protection group type called Servers.

Then I select databases that I want a backup on my SQL server called VMSQL01. Once data sources are selected, they appear in Selected members list.

Next, type your protection group name and select the protection method. Here I want to perform a D2D backup and a short-term protection.

Then choose your short-term goals. In the below example, I synchronize the replica every 15mn and I create the recovery point every synchronization. An express full backup is performed every day at 20:200. To finish the retention range of recovery point is set to 7 days.

On the next screen, set the disk allocation. You can enable the auto grow of your replica volume and choose to co-locate data.

Next choose when you want to create the initial replica.

Then choose when to run a consistency check: only when a replica becomes inconsistent or on scheduling. The schedule method adds more CPU workload.

Once the protection group is created, the initial replica is created for each data source.

Below, the ReportServer database is protected by a replica and 3 recovery points have been created.

The post Protection groups in Data Protection Manager appeared first on Tech-Coffee.