Exchange 2013 (backup &) Disaster Recovery #devconnections
Agenda Exchange Data Types & Storage Locations Backup Disaster Recovery Hybrid… #devconnections
Data Types & Storage Locations What files are important and which ones are not? Data Types & Storage Locations #devconnections
Data types User Data Configuration Data Emails Contacts Holiday pictures (everything in a user’s mailbox…) Local Configuration Data (server-specific) Global Configuration Data (environment-specific) #devconnections
User Data Data stored in Mailbox Database, Transaction Logs (and memory) #devconnections
Why transactions logs matter Exchange doesn’t update databases immediately (lazy writes) User actions are written to transaction log files first Logs are ‘rolled’ into the database on the go, but there might be a lag (checkpoint depth) #devconnections
Why transactions logs matter E00x E00 E001 CHK 5 1 DB01 2 3 4 E00.log #devconnections
Backups & circular logging Circular logging removes log files which have been committed to the database Potentially dangerous scenario * * Hence the recommendation to have at least 3 database copies before switching on circ. logging. #devconnections
Backups & circular logging E00x E00 E001 CHK 5 1 DB01 2 3 4 E00.log 5 E001 #devconnections
Configuration data Configuration data stored in multiple locations: Local Configuration Data server’s registry Local files on the system Global Configuration Data Stored in Active Directory #devconnections
Local Configuration Data Most of the items in the registry are stored in the same location: HKLM:\Software\Microsoft\ ExchangeServer\v15 i.e. used to store M.A. overrides HKLM:\System\CurrentControlSet\Services\MSExchange* Service-specific settings #devconnections
Local Configuration Data Configuration files stored under Exchange installation folder: <drive>:\Program Files\Microsoft\Exchange Server\v15 commonly-used files include: Web.config (OWA) ..\ClientAcces\Owa CmdletExtentionAgent(s) ..\ Bin\CmdletExtentionAgents Managed Availability ..\ Bin\Monitoring\Config #devconnections
Global Configuration data Forest Configuration Partition: CN=OrgName,CN=Microsoft Exchange,CN=Services, CN=Configuration,DC=domain,DC=tld #devconnections
How to bring my data into safety? Backup & Restore #devconnections
Need for backup? Despite many stories about backup-less environments, backup still valid/useful for: Historical restores Deleted item (beyond retention time) Legal Purging Transaction Logs #devconnections
What to backup? User Data Configuration Data * Optionally: System State (Server’s Registry) Log Files Certificates #devconnections
Exchange 2013 Backups Leverage a technology called VSS VSS “Copy-on-Write” Uses VSS Writer (since Exchange 2007) part of the MSExchangeRepl service in 2013 Responsible for ‘talking’ to Exchange and temporarily halting writes (to the database) to ensure consistency #devconnections
High-level steps VSS Requestor (Backup App) 1 Volume Shadow Copy Service (VSS) 2 VSS Writer (Exchange) 6 5 3 VSS Provider (hard- or software) 4 Storage
Help?! I’m on fire… What now?! Disaster Recovery #devconnections
DRP! Anyone? “A disaster recovery plan (DRP) is a documented process or set of procedures to recover and protect a business IT infrastructure in the event of a disaster.” ~ Wikipedia #devconnections
Exchange DR procedures Full DRP for Exchange includes: Recovery of Mailbox, Database, Server(s) Recover from full transaction log or database disk Dial Tone Recovery, Database Portability (Re-)Seeding Database (w/ or w/o AutoReseed) Site Recovery + Switch back #devconnections
Deleted Object Recovery Depends on what object was deleted Mailbox(es) Deleted mailbox retention allows to easily ‘reconnect’ mailbox to user account. Beyond retention, restore from backup is necessary User(s) same process as Mailbox recovery, but user needs to be restored first. Beyond tombstone period > recover from AD backup first OR connect mailbox to different user account #devconnections
Deleted Objects Exchange Security Groups Exchange RBAC Groups Use Setup.exe /prepareAD to restore the deleted groups Exchange RBAC Groups Install-CannedRbacRoleAssignments will restore the groups (not the memberships though!) #devconnections
Dial Tone Recovery Use to quickly restore service to users (while waiting for data recovery) Mount empty database to recover service to the users (and while waiting to restore data) Recovery data into Recovery Database Swap Dial Tone database and Recovery Database Merge data from Dial Tone database and Restored database #devconnections
Database portability Exchange databases can be mounted on any server in the organization with the same database schema. Can be useful in the Dial Tone Recovery procedure when the server cannot be restored/recovered (quickly) Same process as ‘regular’ dial tone recovery, but mount Dial Tone + Recovery Database on other server #devconnections
Server Recovery Process Using the /m:recoverserver switch: Repair failed server. If replaced, make sure the original server is not reconnected to the network. Join replacement server to the domain w/ same name (reset computer account) Use the Exchange Setup.exe w/ /m:recoverserver switch (cli only) Re-apply customizations Import certificates Restore customized files #devconnections
Demo time Demo various recovery scenarios: - Accidental Deletes in Active Directory - Recover object in AD (latent DC or from backup) - Reconnect mailbox to same (or different) user - Recover from full AD failure - Recovery Active Directory - Recovery Exchange (possibly require /m: recoverserver) - Use a dialtone recovery in Exchange - Use the /m: recoverserver switch (also point out the caveat of having the Scripting Agent enabled in a single-server environment) #devconnections
Hybrid Infrastructure / data is less important Brings new challenges to the game DirSync is the root of all evil * #devconnections
DirSync Used to be a real pain “accidental deletion protection” included since version 6765.0006 http://social.technet.microsoft.com/wiki/contents/articles/24544.dirsync-how-to-avoid-syncing-accidental-deletes-to-the-cloud-directory.aspx #devconnections
Accidental Delete Protection Built-in into DirSync Set-PreventAccidentalDelete –Enable –ObjectDeletionThreshold <value> Forcing the deletions can be cumbersome in large environments due to Full Sync that is required… #devconnections
Protecting against the “oops-scenario”… Demo time #devconnections
Thank you! Q&A #devconnections
WIN Rate This Session Now! Tell Us What You Thought of This Session Rate with Mobile App: Be Entered to WIN Prizes! Tell Us What You Thought of This Session Select the session from the Agenda or Speakers menus Select the Actions tab Click Rate Session Rate Using Our Website: Register at www.devconnections.com/logintoratesession Go to www.devconnections.com/ratesession Select this session from the list and rate it