Book Image

Microsoft System Center Data Protection Manager 2012 R2 Cookbook

By : Robert Heldblom, Robert Hedblom
Book Image

Microsoft System Center Data Protection Manager 2012 R2 Cookbook

By: Robert Heldblom, Robert Hedblom

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Microsoft System Center Data Protection Manager 2012 R2 Cookbook
Robert Heldblom | Robert Hedblom
Apr, 2015 | 408 pages
No titles found
Table of Contents (21 chapters)
Microsoft System Center Data Protection Manager 2012 R2 Cookbook
Microsoft System Center Data Protection Manager 2012 R2 Cookbook
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Pre-installation Tasks
Pre-installation Tasks
Introduction
What is System Center Data Protection Manager 2012 R2
Change tracking process
Planning your DPM pre-installation tasks
Planning the DPM disk pool
Firewall configuration
2
Installation and Upgrade
Installation and Upgrade
Introduction
Installing a SQL Server locally on the DPM server
Preparing a remote SQL Server for DPMDB
Installing SCDPM 2012 R2
Installing SCDPM 2012 R2 using a remote SQL server or cluster
Understanding the supported upgrade scenarios
3
Post-installation Tasks
Post-installation Tasks
Introduction
Understanding the DPM terminology
Configuring the DPM disk pool
Adding disk to the DPM disk pool
Growing volumes automatically in the DPM disk pool
Creating a replica manually
Installing the DPM agent via the DPM console
Installing the DPM agent manually
Upgrading the DPM agents
Configuring DPM agent throttling
Understanding DPM Protection Groups
Optimizing the Protection Group
DPMDB optimization
Report management
Configuring a dedicated backup network
Configuring e-mail notifications
Applying update rollups (UR) to the DPM server
Working with filters
4
File Server Protection
File Server Protection
Introduction
Understanding the prerequisites for supported file server protection
Protecting file shares, volumes, and catalogs
Restoring file data to its original location
Restoring file data to an alternative location
Copying protected data to tape
Restoring file data from tape
Restoring file data from Azure
Protecting file server clusters
Understanding file server maintenance and management tasks
Creating recovery points manually
Using Migrate-Datasource.ps1
5
SQL Protection
SQL Protection
Introduction
Understanding SQL Server protection considerations
Configuring your SQL Server 2012 for DPM protection
Understanding the SQL Server management tasks from a DPM perspective
Protecting SQL Server 2012 AlwaysOn
Protecting an availability group using SQL Server AlwaysOn configuration
Protecting your SQL Server databases
Enabling parallel backups
Configuring the auto-protection feature
Configuring online protection
Restoring a SQL Server database to its original location
Restoring a SQL Server database to an alternative location
Restoring a SQL Server database and renaming the database
Restoring a SQL database to a network location
Restoring a SQL database from Azure
Restoring a SQL Server database from tape
Restoring SQL databases using the Latest feature
6
Hyper-V Protection
Hyper-V Protection
Introduction
Understanding the prerequisites for Hyper-V protection
Understanding the considerations for Hyper-V protection
Protecting large-scale Hyper-V environments
Protecting System Center Virtual Machine Manager
Integrating SCDPM with SCVMM
Restoring a Hyper-V virtual machine
Restoring a VHD or VHDX
Using ILR (Item Level Restore)
Understanding Hyper-V management tasks
7
SharePoint Protection
SharePoint Protection
Introduction
Understanding the prerequisites for supported SharePoint server protection
Configuring the SharePoint VSS
Protecting a SharePoint farm
Protecting a SharePoint search
Protecting a SharePoint farm that uses SQL aliases
Restoring a SharePoint farm
Restoring individual objects (Item-level recovery)
Understanding SharePoint maintenance tasks
Understanding SharePoint management tasks
8
Exchange Server Protection
Exchange Server Protection
Introduction
Understanding the prerequisites for supported Exchange server protection
Configuring Exchange server protection
Understanding how to adapt DPM to Exchange server management tasks
Understanding how to adapt DPM to Exchange server maintenance tasks
Protecting a single Exchange mailbox database
Understanding how DPM protects DAG configurations
Understanding how DPM can verify data integrity using ESEUTIL
Restoring an Exchange mailbox database to its original location
Restoring an Exchange mailbox database to an alternative location
Restoring an Exchange mailbox database to an Exchange Recovery Database
Restoring an Exchange mailbox database to a network folder
Copying the Exchange mailbox database to tape
9
Client Protection
Client Protection
Introduction
Finding and understanding Company Protection Policy
Understanding the prerequisites of client protection
Creating a Protection Group for client protection
Restoring client data via the DPM client
Restoring client data from the DPM server
Setting up the end user recovery feature
Setting up the DPM self service recovery for SQL
10
Workgroup Protection and CBA
Workgroup Protection and CBA
Introduction
Understanding workgroup protection
Understanding CBA protection
Setting up workgroup protection
Setting up certificate-based authentication
11
Azure Integration
Azure Integration
Introduction
Understanding the prerequisites for the Microsoft Azure backup service
Configuring your DPM server for online protection
Registering your DPM server
Configuring the protection groups to enable online protection
Manually creating online recovery points
Recovering production data from Azure
Troubleshooting Microsoft Azure Backup Agent
12
Disaster Recovery
Disaster Recovery
Introduction
Understanding the primary/secondary DPM server scenario
Enabling a DPM server to be a secondary DPM server
Enabling the chaining of DPM servers
Understanding the replication process from the primary to secondary DPM server
Switching from the primary to secondary DPM server
Restoring data from a secondary DPM server
Restoring a DPM server
13
Tape Management
Tape Management
Introduction
Understanding the basics of tape backups
Installing tape libraries and stand-alone tape drives
Understanding the concept of VTL
Understanding how DPM manages tapes
Configuring tape optimization for DPM
Understanding tape reports in DPM
Configuring the short erase feature
Understanding tape management tasks
14
Monitoring and Automation
Monitoring and Automation
Introduction
Understanding how the System Center family should be your base for service delivery
Understanding System Center Operations Manager 2012 R2
Understanding System Center Orchestrator 2012 R2
Understanding the DPM PowerShell Cmdlet
Installing System Center Operations Manager
Installing System Center Orchestrator
Installing the DPM Central Console
Understanding how to configure System Center Orchestrator for DPM automation
Index
Index

What is System Center Data Protection Manager 2012 R2

The recipe will cover an introduction to what DPM 2012 R2 is and explain the product.

For many years, the focus for protecting a data center has always been backup. There are many vendors and third-party solutions still claiming in the market that they are the best and most suitable backup solutions for your data center. If your purpose in performing the backup operation is being able to perform a restore, then the majority of the third-party software and vendors out in the market will not be able to help you. The most challenging part of providing a restore plan or a restore scenario for a service is that the third-party software and vendors are focusing on providing you just a backup, not the ability to restore. This is where DPM 2012 R2 comes in. It all started with the release of the Windows Server 2003, and with that release came the possibility of providing online snapshots using a new feature called Volume Shadow Copy Services (VSS). The APIs for the solutions were quickly adopted by third-party software and vendors but no one could, in the beginning, get it up and running in a fully optimal way. The idea regarding the VSS architecture was a great one and a big step forward regarding how to manage snapshots of different workloads like file, SQL, or Exchange in order to provide a consistent data snapshot.

Microsoft understood that if this architecture was to blossom in the way that they wanted it to, they needed to create backup and restore software themselves. In 2006, the first version of DPM was released with the focus only on protecting the file workload. A lot of companies tried it but few were adopting the new software since they still hosted and ran their data center with the traditional IT mindset.

During the past years Microsoft did not invest heavily in DPM, but under the new team that is driving the DPM solution from India, there have been a lot of investments, making DPM the primary choice for private cloud protection. Microsoft has invested in both developers and experts, pushing the product forward and making it a natural choice of the modern data center.

You may ask what is the thing that differentiates DPM from other backup software on the market. The answer is quite simple; restore based on supported and optimal scenarios with the power of easy integration building the BaaS, RaaS, and DRaaS for a modern data center. DPM knows the Microsoft stack architecture the best as it was written by Microsoft for the Microsoft technologies present in the data center. Combining DPM with the majority of the System Center family members and Azure technologies, you are able to provide an extremely high-end solution for your data center; it is all about design.

DPM only adapts to the current technology and solutions that Microsoft has developed for their workloads. DPM will never, for example, make any decisions on its own regarding SQL restore. The SQL team has clearly defined how a supported and optimal restore should occur and this is what DPM understands and adapts to; the same goes for all the Microsoft-branded workloads.

DPM always focuses on the restore scenario, since providing supported and optimal backup scenarios is not a challenge.

DPM 2012 R2 has the capability to back up production data sources to disk, tape, and Azure. For more detailed information regarding the DPM disk pool please read the Planning the DPM disk pool recipe. For more information regarding how DPM uses tapes, tape management, and Azure integration, please read Chapter 11, Azure Integration.

With DPM you are able to back up the most common workloads in a modern data center. The workloads that DPM will natively back up using the underlying VSS are:

  • Exchange Server

  • SQL Server

  • SharePoint Server

  • Microsoft Dynamics

  • Windows Server

  • Hyper-V

  • System States and Active Directory

  • Windows clients

The following figure shows the DPM back up process:

Note

For detailed information regarding the different versions DPM 2012 R2 can protect, please read the support matrix http://technet.microsoft.com/en-us/library/jj860400.aspx.

The primary DPM server is the first line of protection that you deploy for your production workloads. For systems that use transactional log systems (Exchange and SQL), you are able to replicate the production data from the protected data source to the primary DPM server every 15 minutes. This is also applicable to the file workloads.

Regarding the DPM disk pool, DPM has only one demand: the disk that should be used for the DPM disk pool must be presented in the operating system that has the DPM software installed as a local disk. DPM is able to operate with pass-through disks, Direct Attached Storage (DAS), Network Attached Storage (NAS), or Storage Area Network (SAN) storage. It is also possible to communicate directly with a storage using the iSCSI initiator within the operating system of the DPM server. Please note that this is not a good, optimal, or in any way decent approach to a DPM disk pool; never use iSCSI.

When DPM 2012 R2 starts protecting a workload, it creates an initial copy of the production data source that it has to protect. This is stored in the DPM disk pool in a dedicated volume that uses the same GUID ID as the protected data source. This volume is called the replica volume. The replica volume will hold the only full back up that the DPM ever will do of the protected data source. All changes in data, also known as data churn, that occur after the replica has been created, will be synchronized to DPM disk pool. When creating a recovery point, the data is stored in the recovery point volume that also uses the GUID ID of the protected data source for identification.

The most important component of the DPM server architecture is the DPM database also known as the DPMDB. The DPMDB holds all the configurations made on the DPM server, protection groups, agents, backup schedules, and so on. It is of great importance that the DPMDB is protected via a secondary DPM server when you build the DPM-DPM-DR scenario, copied to file, or archived to tape.

DPM depends on its DPM agents that will perform a VSS request for the protected data sources and have that data replicated from the production environment to the DPM server.

For further information regarding DPM, there are numerous places you can visit online. There are both Microsoft websites and MVP blogs that provide you with good content and decent information:

What's new in the R2 release

This recipe will cover the news in the DPM 2012 R2 release.

As the market develops, Microsoft understands the new challenges that companies and organizations face and therefore constantly develops its product stack to be able to meet the new requirements.

Microsoft has made some improvements and added some more architectural functions to DPM 2012 R2 release. The following list presents and explains the enhancements made to the product:

  • DPMDB cluster support: The database that stores all the configuration for DPM (DPMDB) can now be placed in a SQL cluster environment. This removes the standalone challenges that existed in the previous versions. With this enhancement comes reliability, consistency and most important, scalability.

  • Backing up of virtual Linux servers: DPM 2012 R2 can now protect virtual Linux servers running on Hyper-V using the technique "Backup using child partition" or "online snapshot" in Hyper-V. Note that only file-level protection is supported,not application-based protection.

  • Virtual deployment: It is now possible to deploy and manage DPM via System Center Virtual Machine Manager (SCVMM). You can install DPM on a virtual machine, and configure storage using .vhdx storage pool disks that are shared through the VMM library.

  • Optimization for online protection using Azure: Microsoft has optimized the express-full technology used when synchronizing the protected data from the DPM server on-premises to Azure via the Windows Azure Backup Agent.

  • SQL server media: For any new DPM 2012 R2 installation, the SQL server now needs to be pre-installed locally or remotely.

The new releases in the R2 version of the DPM software will make it possible for companies to meet some of the new challenges they are facing.

With the constant releases of Update Roll-ups (UR), Microsoft is meeting the new challenges that companies are struggling with.

The architecture of System Center Data Protection Manager 2012 R2

This recipe will cover the architecture of the DPM software and explain the local security groups like DCOM objects and others, to make your understanding of the product more clear.

There are some parts of DPM that are very important to have knowledge about. They are:

  • Specific catalogs

  • DCOM

  • VSS interaction with mini drivers and the DPM filter

  • Local security groups

The following are some catalogs under %systemdrive%\Microsoft System Center 2012 R2\DPM\DPM that are important to the DPM server functionality:

  • End User Recovery

  • Protection Agents

  • Temp

  • VMMHelperService

  • Volumes

  • XSD

The End-User Recovery catalog contains the MS file for the active directory schema extension and configures the DPM server to enable the feature End-User Recovery.

Protection Agents contains two catalogs, which are AC and RA. The AC catalog is used by the DPM agent coordinator when pushing new DPM agents to the server hosting the data sources that it needs protection for. The RA catalog holds the binaries for the DPM agent and can also be used as a remote repository when manually installing the DPM agent.

DPM provides a lot of logs that you can read to gain an understanding of what has happened and why. All logs that the DPM server software produces are stored in the Temp catalog.

For DPM to be able to continually provide data source protection, even if protected virtual machines are making an outer-cluster migration that also includes the migration of storage, DPM needs to integrate with SCVMM. The catalog VMMHelperService contains the binaries and DLL files for creating the integration between the DPM server and VMM server.

The catalog Volumes actually contains four catalogs, and three of them are important to know about. The DiffArea catalog contains shortcuts to the recovery point volumes in the DPM disk pool. The Replica catalog contains shortcuts to the replica volumes in the DPM disk pool. The ShadowCopy catalog contains the catalog Database Backups, which will hold the backed up DPMDB when you trigger a DB backup using the DPMBackup executable.

Last but not least is the XDS catalog, which contains all the XML schema files for the DPM software.

The DPM 2012 R2 software depends on both local security groups that are referred to when the DCOM object that controls the DPMRA service is used to initiate a VSS Request for the protected data source. If there is a problem with rights in the DCOM object, the DPMRA will not be able to provide a snapshot since the chain of configuration is broken.

Since the local security groups are critical, it is important that their purpose is explained. The local security groups are:

  • Distributed COM Users

  • DPMDRTrustedMachines

  • DPMRADCOMTrustedMachines

  • DPMRADmTrustedMachines

  • DPMRATrustedDPMRAs

  • DPMSCOM

  • MSDPMTrustedMachines

  • MSDPMTrustedUsers

The members of the Distributed COM Users group are the computer accounts that the current DPM server has access to. You will also find specific service accounts here regarding your SQL server hosting the DPMDB as well as user accounts.

DPMDRTrusedMachines members are the other DPM servers that provide a DPM-DPM-DR configuration and via the membership of this group, have access to listing the protected data sources on the primary DPM server and take usage of the DPM writer.

The group DPMRADCOMTrustedMachines contains the primary and the secondary DPM server computer accounts.

DPMRADmTrustedMachines contains the computer accounts that have an associated DPM agent with the DPM server.

The group DPMSCOM contains the computer account for the SCOM management server that is used for monitoring and management of the DPM server via SCOM and the Central Console feature.

MSDPMTrustedMachines contains the computer accounts that have an associated DPM agent for the DPM server.

The last group is MSDPMTrusedUsers and this group is used by the centralized management features.

Previous Section
End of Section 3
Next Section