Basics
Windows 2003 has a Built-In Backup program called NTBACKUP which you can use to backup
your Windows environment and when you had installed Exchange 2003 on this system,
NTBACKUP is enhanced to allow backups of your Exchange Server databases.
NTBACKUP features





Local and remote backup of data
Exchange Backup ready
Scheduled Backups
Volume Shadow Copy support
Integration with Removable Storgae from Windows 2003
How do you enhance NTBACKUP with the capability to Backup Exchange 2003 without
installing Exchange Server?
You must install the Exchange System Manager on the Backup Server to backup Exchange
Server. It is possible to backup the Exchange Server without Exchange System Manager with the
following trick:
Copy ESEBCLI2.DLL from the Exchange 2003 CD into the EXCHSRVR\BIN folder
Add the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\BackupRestore\DLLPaths –
REG_EXPAND_SZ - esebcli2 - c:\exchsrvr\bin\esebcli2.dll.
After modifying the registry you can use NTBACKUP to backup the remote Exchange Server by
clicking – Tools – Remote Store.
Online or Offline Backup?
It is possible to Backup Exchange Online or Offline. The recommended method is to Backup the
Exchange Server Online. An online backup can backup the Exchange Server databases without
the interruption of Exchange services.
An offline backup is a simple copy of the Exchange database files. The Exchange Information
store must be stopped before NTBACKUP can be used to Backup your Information store.
Volume Shadow Copy
Beginning with Exchange 2003 it is possible to do Exchange 2003 Volume Shadows Copy
backups with 3rd party Backup applications, but not with the built-in Windows Server 2003
NTBACKUP utility.
The Volume Shadow Copy service coordinates its communication between Requestors (backup
applications), Writers (applications like Exchange Server 2003), and Providers (software or
hardware components that create the shadow copies). To use the Volume Shadow Copy service
to backup Exchange Server 2003, the backup program must include an Exchange Server 2003
aware Volume Shadow Copy service requestor. Because the NTBACKUP program has no such
requestor, organizations must use third-party backup applications or implement Exchange 2003
SP1 in its organization.
Backup choices


Minimum selection is the storage group (SG) to truncate log files
VSC can create a Snapshot from multiple SG at the same time
Restore choices



You can choose the entire storage group or a single database or multiple databases from a
single SG
Exchange 2003 RTM supports full backups and copy backups
All databases must be mounted to purge logfiles
Backup
To start the Backup process click Start – Run – NTBACKUP.
Figure 1: Start the Backup process
During an online backup, the .edb, .stm, and .log files that comprise the Exchange store are being
backed up and checked for corruption. The Exchange database store is checked for corruption at
file system level. File system level damage may be caused by unreliable hardware, firmware, or
disks. This check is done by verifying the checksums on each 4 KB block or page in the
database. If there is a checksum failure, backup will terminate (Exchange will not allow you to
back up an Exchange store with a wrong checksum in it). This is tpyical for the 1018 error.
Choose a place to save the Backup files.
Figure 2: Choose a Backup device
It is possible to disable Volume Shadow Copy.
Figure 3: NTBACKUP options
The Backup process will begin.
Figure 4: The running NTBACKUP process
You can see the status of your Exchange Backups when you start the event viewer and select the
application log.
Figure 5: NTBACKUP status in the event log
Transaction Log files and NTBACKUP
Backup Type
What to Backup
Normal
Backs up selected files and marks each file
as backed up
Copy
Backs up selected files, but does not mark
any as backed up
Incremental
Backs up selected files only if they were
created or modified since the previous
backup
Differential
Backs up selected files only if they were
created or modified since the previous
backup, but does not mark them as backed
up
Exchange Logs
Backup Logfiles and delete
Transaction Logfiles
Backup Logfiles but doesn’t
delete Transaction Logfiles
Backup only Logfiles but cannot
be used with enabled circular
logging
Backup only Logfiles but cannot
be used with enabled circular
logging. Logfiles will not be
deleted after Backup
The type of Backup depends on the configuration of circular logging. You can specify circular
logging settings at the Exchange Storage Group level.
Figure 6: Circular Logging settings
Restore
After a succesful Backup it is possible to do an Exchange Server restore in case of emergency.
You must ensure that the Exchange database store to restore is not mounted. You can dismount a
Exchange Database Store in the Exchange System Manager by right clicking the database.
Start the NTBACKUP program and select Restore and Manage Media.
Figure 7: NTBACKUP restore process
In the following screen you must select the Server to restore the data, a temporary location for
log and patch files (this directory must be empty).
Click Last Restore Set when this is the last restore device (this is also possible with ESEUTIL)
Click Mount Database after Restore if you want to automatically start the restored database.
Figure 8: restore options
Depending on the size of the database, the restore process can be very time consuming.
Figure 9: Restore Progress
You can read the Logfile after an successful or unsuccessful Exchange restore.
Figure 10: NTBACKUP Logfile
The following screenshots shows the Exchange Server MDBDATA directory. As you can see,
there are now more Exchange Server Transcation Logfiles except the actual logfile.
Figure 11: NTBACKUP Logfile
GROUP POLICY
Overview
Microsoft provided a lot of policy settings for Windows 2000, and the list just grew longer with
Windows XP/2003. Of course you could add more policies, for example, to configure Office.
IT professionals, wishing to implement a sophisticated system of group policies, soon found that
proper and updated documentation was essential because a single wrong setting could bring
much havoc unto an unsuspecting users' workday.
This is especially true where multiple policies were implemented on the same user or computer.
Even with documentation, finding out which setting came from which policy is not a simple task
in complex scenarios where some settings might conflict.
At first, Microsoft trickled a few separate utilities, mostly command prompt based that you could
use to, for example, make a printout of all policies or find out which policies were actually
implemented for a single user on a specified computer.
Now, Microsoft has delivered GPMC as an add-on for Windows 2003 Server. It also works on
Windows XP machines that have at least SP1 and the .NET framework installed.
The good news is that it can also be used to manage Windows 2000 based domain controllers
(though not installed on one). The bad news is that there is some learning curve for using it.
The old way of managing Group Policies was maybe lacking in features but was easy to
implement without special experience. You just right click an OU, Create the policy and set the
settings. It was only when you had problems or conflicts where group policy became a
nightmare.
Setting Group Policies
With GMPC when you right click an OU all you see is this:
You can also run GPMC from its shortcut, available under Administrative Tools.
As one can see, GPMC looks a lot like an improved Active Directory Users and Computers
interface. Since group policies can be applied to domain, OUs and sites, they all are represented.
When you open an object, you can see which Group Policy policies are linked to it.
Does "linked" means applied? Usually, it does. But you can also disable a linked policy when
necessary without needing to delete the policy or unlink it. This is useful for diagnosing
problems.
You can also control the new Windows 2003 group policy features for filtering the policy by
using groups or WMI filters so you could really control which policies are applied where.
The Settings tab shows the settings selected in the policy in a nice HTML look which you can
save and open in a word processor or Internet Explorer.
It might be frustrating at first but unfortunately you cannot alter settings from here.
To change settings for a policy you right click it and choose "Edit". You will then get the
familiar group policy editor.
You can also see a list of Group Policy Objects and WMI filters at the bottom of each domain
which you can backup, import, restore and save to a report.
Group Policy Modeling
Modeling allows you to plan Group Policies before you implement them by simulating changes.
Each simulation checks what a user gets on a specified computer.
To create such a simulation you run the Group Policy Modeling Wizard by right clicking "Group
Policy modeling".
As can be seen, you can provide as much information as you like and skip to the end by clicking
"Skip to the final page".
Each of the next screen shots shows a way that the user is changed so that new policies might be
applied.
Once the Wizard finishes you can view which settings could apply to the user based on the
information entered.
Group Policy Results
The Group Results Wizard is like a stripped down version of the Modeling Wizard with less
dialog boxes. It allows you to connect to a remote computer and calculate the group policy that is
actually applied to a user which logins to that computer.
Know that this wizard can fail if you don't have administrative permissions on the target
computer, or if there's no RPC connectivity to that machine which can be caused by an
installation of a personal Firewall such as the on Windows XP SP2 installed.
Conclusion
GPMC is more than an interface, it's a new way of looking at group policies, but after some
practice and study of this interfaces it's an invaluable tool for designing and troubleshooting
group policies.