Basics Windows 2003 has a Built-In Backup program called NTBACKUP which you can use to backup your Windows environment and when you had installed Exchange 2003 on this system, NTBACKUP is enhanced to allow backups of your Exchange Server databases. NTBACKUP features Local and remote backup of data Exchange Backup ready Scheduled Backups Volume Shadow Copy support Integration with Removable Storgae from Windows 2003 How do you enhance NTBACKUP with the capability to Backup Exchange 2003 without installing Exchange Server? You must install the Exchange System Manager on the Backup Server to backup Exchange Server. It is possible to backup the Exchange Server without Exchange System Manager with the following trick: Copy ESEBCLI2.DLL from the Exchange 2003 CD into the EXCHSRVR\BIN folder Add the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\BackupRestore\DLLPaths – REG_EXPAND_SZ - esebcli2 - c:\exchsrvr\bin\esebcli2.dll. After modifying the registry you can use NTBACKUP to backup the remote Exchange Server by clicking – Tools – Remote Store. Online or Offline Backup? It is possible to Backup Exchange Online or Offline. The recommended method is to Backup the Exchange Server Online. An online backup can backup the Exchange Server databases without the interruption of Exchange services. An offline backup is a simple copy of the Exchange database files. The Exchange Information store must be stopped before NTBACKUP can be used to Backup your Information store. Volume Shadow Copy Beginning with Exchange 2003 it is possible to do Exchange 2003 Volume Shadows Copy backups with 3rd party Backup applications, but not with the built-in Windows Server 2003 NTBACKUP utility. The Volume Shadow Copy service coordinates its communication between Requestors (backup applications), Writers (applications like Exchange Server 2003), and Providers (software or hardware components that create the shadow copies). To use the Volume Shadow Copy service to backup Exchange Server 2003, the backup program must include an Exchange Server 2003 aware Volume Shadow Copy service requestor. Because the NTBACKUP program has no such requestor, organizations must use third-party backup applications or implement Exchange 2003 SP1 in its organization. Backup choices Minimum selection is the storage group (SG) to truncate log files VSC can create a Snapshot from multiple SG at the same time Restore choices You can choose the entire storage group or a single database or multiple databases from a single SG Exchange 2003 RTM supports full backups and copy backups All databases must be mounted to purge logfiles Backup To start the Backup process click Start – Run – NTBACKUP. Figure 1: Start the Backup process During an online backup, the .edb, .stm, and .log files that comprise the Exchange store are being backed up and checked for corruption. The Exchange database store is checked for corruption at file system level. File system level damage may be caused by unreliable hardware, firmware, or disks. This check is done by verifying the checksums on each 4 KB block or page in the database. If there is a checksum failure, backup will terminate (Exchange will not allow you to back up an Exchange store with a wrong checksum in it). This is tpyical for the 1018 error. Choose a place to save the Backup files. Figure 2: Choose a Backup device It is possible to disable Volume Shadow Copy. Figure 3: NTBACKUP options The Backup process will begin. Figure 4: The running NTBACKUP process You can see the status of your Exchange Backups when you start the event viewer and select the application log. Figure 5: NTBACKUP status in the event log Transaction Log files and NTBACKUP Backup Type What to Backup Normal Backs up selected files and marks each file as backed up Copy Backs up selected files, but does not mark any as backed up Incremental Backs up selected files only if they were created or modified since the previous backup Differential Backs up selected files only if they were created or modified since the previous backup, but does not mark them as backed up Exchange Logs Backup Logfiles and delete Transaction Logfiles Backup Logfiles but doesn’t delete Transaction Logfiles Backup only Logfiles but cannot be used with enabled circular logging Backup only Logfiles but cannot be used with enabled circular logging. Logfiles will not be deleted after Backup The type of Backup depends on the configuration of circular logging. You can specify circular logging settings at the Exchange Storage Group level. Figure 6: Circular Logging settings Restore After a succesful Backup it is possible to do an Exchange Server restore in case of emergency. You must ensure that the Exchange database store to restore is not mounted. You can dismount a Exchange Database Store in the Exchange System Manager by right clicking the database. Start the NTBACKUP program and select Restore and Manage Media. Figure 7: NTBACKUP restore process In the following screen you must select the Server to restore the data, a temporary location for log and patch files (this directory must be empty). Click Last Restore Set when this is the last restore device (this is also possible with ESEUTIL) Click Mount Database after Restore if you want to automatically start the restored database. Figure 8: restore options Depending on the size of the database, the restore process can be very time consuming. Figure 9: Restore Progress You can read the Logfile after an successful or unsuccessful Exchange restore. Figure 10: NTBACKUP Logfile The following screenshots shows the Exchange Server MDBDATA directory. As you can see, there are now more Exchange Server Transcation Logfiles except the actual logfile. Figure 11: NTBACKUP Logfile GROUP POLICY Overview Microsoft provided a lot of policy settings for Windows 2000, and the list just grew longer with Windows XP/2003. Of course you could add more policies, for example, to configure Office. IT professionals, wishing to implement a sophisticated system of group policies, soon found that proper and updated documentation was essential because a single wrong setting could bring much havoc unto an unsuspecting users' workday. This is especially true where multiple policies were implemented on the same user or computer. Even with documentation, finding out which setting came from which policy is not a simple task in complex scenarios where some settings might conflict. At first, Microsoft trickled a few separate utilities, mostly command prompt based that you could use to, for example, make a printout of all policies or find out which policies were actually implemented for a single user on a specified computer. Now, Microsoft has delivered GPMC as an add-on for Windows 2003 Server. It also works on Windows XP machines that have at least SP1 and the .NET framework installed. The good news is that it can also be used to manage Windows 2000 based domain controllers (though not installed on one). The bad news is that there is some learning curve for using it. The old way of managing Group Policies was maybe lacking in features but was easy to implement without special experience. You just right click an OU, Create the policy and set the settings. It was only when you had problems or conflicts where group policy became a nightmare. Setting Group Policies With GMPC when you right click an OU all you see is this: You can also run GPMC from its shortcut, available under Administrative Tools. As one can see, GPMC looks a lot like an improved Active Directory Users and Computers interface. Since group policies can be applied to domain, OUs and sites, they all are represented. When you open an object, you can see which Group Policy policies are linked to it. Does "linked" means applied? Usually, it does. But you can also disable a linked policy when necessary without needing to delete the policy or unlink it. This is useful for diagnosing problems. You can also control the new Windows 2003 group policy features for filtering the policy by using groups or WMI filters so you could really control which policies are applied where. The Settings tab shows the settings selected in the policy in a nice HTML look which you can save and open in a word processor or Internet Explorer. It might be frustrating at first but unfortunately you cannot alter settings from here. To change settings for a policy you right click it and choose "Edit". You will then get the familiar group policy editor. You can also see a list of Group Policy Objects and WMI filters at the bottom of each domain which you can backup, import, restore and save to a report. Group Policy Modeling Modeling allows you to plan Group Policies before you implement them by simulating changes. Each simulation checks what a user gets on a specified computer. To create such a simulation you run the Group Policy Modeling Wizard by right clicking "Group Policy modeling". As can be seen, you can provide as much information as you like and skip to the end by clicking "Skip to the final page". Each of the next screen shots shows a way that the user is changed so that new policies might be applied. Once the Wizard finishes you can view which settings could apply to the user based on the information entered. Group Policy Results The Group Results Wizard is like a stripped down version of the Modeling Wizard with less dialog boxes. It allows you to connect to a remote computer and calculate the group policy that is actually applied to a user which logins to that computer. Know that this wizard can fail if you don't have administrative permissions on the target computer, or if there's no RPC connectivity to that machine which can be caused by an installation of a personal Firewall such as the on Windows XP SP2 installed. Conclusion GPMC is more than an interface, it's a new way of looking at group policies, but after some practice and study of this interfaces it's an invaluable tool for designing and troubleshooting group policies.