none
dpm 2010 backup of itself and domain controler RRS feed

  • Question

  • we are evaluating the use of dpm 2010 in our backup strategy and at the moment I have found a few dead ends for which i could not find a solution online.

    we have 2 physical server machines windows r2 standalone with Hyper V role only

    on each server there is a virtual DC supporting our domain and each other with AD, DNS etc. there are also other VM for file server, database and others. almost all the virtual machines are members of the domain. At the time being we back up the hyper v host with system backups on tape and the virtual machines on network access storage.

    Since the dpm 2010 requires to be e member of a domain, we have 2 option.

    1.create a dummy domain for the 2 host servers

    2. use the main domain

    in the first case there are 2 sub senarios a) use 1 physical server as the dc of the dummy domain and the other as the dpm server b) use a third server as dpm

    in the second case I think that its the same if we use a VM or a third phisical

    In all senario I cant figure out a disaster recovery strategy because I dont know if it is supported for dpm to backup and restore itself and how to restore a dc if that dc is required for the dpm to operate and restore the dc for the domain that the dpm is member of?

    If am not wrong its still required to depend ot windows system backup to protect the dc for the domain the dpm depends on, and the dpm itself... and use dpm for the rest.

    is any of the above wrong? Am I missing something? please point out my missunderstanding. I am a newbie in dpm.

    What is the best way to use dpm in the above mentioned topology?

    Thanks in advance for every opinion

    Spyros

    Wednesday, November 23, 2011 3:47 PM

Answers

  • ok..

    for the first step... the hyper-v machine I suppose to use to recover the DC... you suggest that I should make a fresh install... I was thinking about a backup of it as well ... the 2 physical servers with Hyper V are not in any Domain. (for the sake of the other post I have ONE domain with 2 DC VM supporting eachother). So I could restore the hyper V first (I find easier to restore... than to install and apply all the updates and config until it will be like it is now). Another thing I had in mind is to bmr restore the DPM server the same way.

    You said that

    "When you have DPM it centralizes the BMR and protection of your servers so that you do not have to do it with WSB on each server. DPM does use WSB on the local protected server to create the BMR. Leave the BMR in your DPM storage pool but also copy this out somewhere that is easy to access in the event your entire network is down including the DC and DPM. Having this BMR data external to DPM will allow you to still recover the DC. You can get the BMR data from restoring it to a folder and then copying from there to an external drive or from the replica on the storage pool in the event you were not prepared for a failure. See this thread for locating the BMR in your storage pool manually:http://social.technet.microsoft.com/Forums/en-US/dpmdrbackup/thread/f61e6f45-fe34-4fec-b751-9aee8042e44d/."

    So if I understand correctly I can find backups in the pool storage for the machines as if there ware taken by windows backup.

    so I can use the dpm to backup everything centralized but.. every day before leaving to home I could copy from the pool storage the bmr of 1. the 1 hyperv host (without the VM's) 2. the primary dc VM 3. the DPM server , to a protable disk and take it home..

    Recovery senario

    1. Recover BMR the hyper V from portable

    2. recover BMR the DC VM from portable

    3.recover BMR the DPM from portable(is this possible?)

    4. recover the rest with the live dpm and the pool storage from the nas(consider the nas safe from any failure)

    do you think the recovery senario is ok?

    Saturday, November 26, 2011 12:21 PM
  • ok..

    for the first step... the hyper-v machine I suppose to use to recover the DC... you suggest that I should make a fresh install... I was thinking about a backup of it as well ... the 2 physical servers with Hyper V are not in any Domain. (for the sake of the other post I have ONE domain with 2 DC VM supporting eachother). So I could restore the hyper V first (I find easier to restore... than to install and apply all the updates and config until it will be like it is now). Another thing I had in mind is to bmr restore the DPM server the same way.

    You said that

    "When you have DPM it centralizes the BMR and protection of your servers so that you do not have to do it with WSB on each server. DPM does use WSB on the local protected server to create the BMR. Leave the BMR in your DPM storage pool but also copy this out somewhere that is easy to access in the event your entire network is down including the DC and DPM. Having this BMR data external to DPM will allow you to still recover the DC. You can get the BMR data from restoring it to a folder and then copying from there to an external drive or from the replica on the storage pool in the event you were not prepared for a failure. See this thread for locating the BMR in your storage pool manually:http://social.technet.microsoft.com/Forums/en-US/dpmdrbackup/thread/f61e6f45-fe34-4fec-b751-9aee8042e44d/."

    So if I understand correctly I can find backups in the pool storage for the machines as if there ware taken by windows backup.

    so I can use the dpm to backup everything centralized but.. every day before leaving to home I could copy from the pool storage the bmr of 1. the 1 hyperv host (without the VM's) 2. the primary dc VM 3. the DPM server , to a protable disk and take it home..

    Recovery senario

    1. Recover BMR the hyper V from portable

    2. recover BMR the DC VM from portable

    3.recover BMR the DPM from portable(is this possible?)

    4. recover the rest with the live dpm and the pool storage from the nas(consider the nas safe from any failure)

    do you think the recovery senario is ok?

    Hi Spyros,

    Your plan looks good. You can actually see the path of the replica in the DPM console. This will show you tje volume your BMR's are being backed up to. Record that information and save it. You can this by going to the Protection area…. Expand the Protection Group in the DPM console, select the protected BMR data and in the lower pane click on “Click to view details” next to “Replica Path:”. This will pop-up a window with the path in it. You can copy this information.


    My Blog | www.buchatech.com | www.dpm2010.com
    Friday, December 9, 2011 7:48 AM
    Moderator

All replies

  • Hi Spyros,

    You can backup your DPM server. You can either protect DPM using a secondary DPM server or you can backup the DPMDB databases and the replicas.

    Here are some more links to explain this further:

    http://technet.microsoft.com/en-us/library/bb808696.aspx

    http://robertanddpm.blogspot.com/2010/03/let-dpm-server-backup-it-self.html

    http://blogcastrepository.com/blogs/santhosh/archive/2009/10/16/local-data-protection-on-dpm-server.aspx

    http://technet.microsoft.com/en-us/library/bb808991.aspx

    In regards to protecting the domain controller you can do BMR protection of your DC. You can use this BMR to first restore your DC then restore your DPM and then start restoring your other data from there. I recommend that you restore and keep a copy of this BMR on an external drive or somewhere that makes it easy to locate it in the event of a total failure. This will enable you to quickly recover. If you don't have this copied out somewhere and both your DC and DPM fail as long as you have the volumes you can still recover but it won’t be as easy. Here are a couple of other threads with more information for this topic:

    http://social.technet.microsoft.com/Forums/en-US/dpmdrbackup/thread/f61e6f45-fe34-4fec-b751-9aee8042e44d

    http://social.technet.microsoft.com/Forums/en-US/dataprotectionmanager/thread/fbcb5c96-f78b-4e61-9314-0c998637e38a


    My Blog | www.buchatech.com | www.dpm2010.com
    Thursday, November 24, 2011 6:11 AM
    Moderator
  • thanks for the links. I have read most of them but I can find an answer for my situation.

    the DC is virtual so in the dpm enviroment it would be backuped bmr through the dpm and stored in a network storage. As far I understand to access the pool in the storage the dpm server must be recovered first. And the question is.. can I recover the dpm without the DC in order to access the pool and then recover the DC and the rest of the data?

    In my senario the 2 physical server hosting hyper-v are not member of domain (but they could be of that is required) hosting all virtual machines including DC(the VM and workstations are in the same domain). So with a dedicated single dpm server I am planing to backup the 2 HyperV (system backup), the VM inside them (Including DC) and the workstations in the network. We do not have a recovery site. The network storage is protected by service (mirroring through internet) so the network storage is considered safe (buy new hardware and allow it to sync). So the recovery strategy in case of a disaster is that with the network storage and "something" portable (tape, usb disk) to recover the rest. So after I backup everything with DPM all depend on this server.

    Can I backup the dpm server with itself? if yes how can I recover the dpm from the network storage and without the presence of DC?

    Or its better to backup the dpm with windows backup in an external usb drive that can be taken offsite? In that case the question is if it is possible to recover the dpm without the DC.

    I havent used DPM yet at all so I dont have an insight except what I read in docs and from that I cant figure out the recovery senario.

    Thanks

     


    • Edited by svas Thursday, November 24, 2011 7:38 AM
    Thursday, November 24, 2011 7:37 AM
  • thanks for the links. I have read most of them but I can find an answer for my situation.

    the DC is virtual so in the dpm enviroment it would be backuped bmr through the dpm and stored in a network storage. As far I understand to access the pool in the storage the dpm server must be recovered first. And the question is.. can I recover the dpm without the DC in order to access the pool and then recover the DC and the rest of the data?

    In my senario the 2 physical server hosting hyper-v are not member of domain (but they could be of that is required) hosting all virtual machines including DC(the VM and workstations are in the same domain). So with a dedicated single dpm server I am planing to backup the 2 HyperV (system backup), the VM inside them (Including DC) and the workstations in the network. We do not have a recovery site. The network storage is protected by service (mirroring through internet) so the network storage is considered safe (buy new hardware and allow it to sync). So the recovery strategy in case of a disaster is that with the network storage and "something" portable (tape, usb disk) to recover the rest. So after I backup everything with DPM all depend on this server.

    Can I backup the dpm server with itself? if yes how can I recover the dpm from the network storage and without the presence of DC?

    Or its better to backup the dpm with windows backup in an external usb drive that can be taken offsite? In that case the question is if it is possible to recover the dpm without the DC.

    I havent used DPM yet at all so I dont have an insight except what I read in docs and from that I cant figure out the recovery senario.

    Thanks

     


    Hi Spyros,

    Basically when you backup the DC using BMR this is complete protection of it. It is your best option regardless if your DC is virtual or not. With the BMR you can recover your network so that you can use DPM to recover the rest of your protected data. What I am suggesting is that you take a copy of the BMR and make sure it is offsite or on an external drive that you have quick access to. Restoring the BMR would be a process that is done outside of DPM so you do not need DPM to restore the BMR. Once you have the domain up you can restore your DPM server. Yes DPM can back itself up. Basically you need to backup your DPM database and the replicas to make sure your DPM server is protected. You can also move this offsite or put on an external drive and recover from that in the event of a failure. Another route would be to put a secondary DPM server in place and if your first DPM server fails you could recover the DC's BMR, the primary DPM server, and protected servers from there. You can also place this offsite if you want to. 

     

    If any of that is not clear let me know.

     


    My Blog | www.buchatech.com | www.dpm2010.com
    Thursday, November 24, 2011 7:53 AM
    Moderator
  • Ok if I understand correctly you are suggesting that I should backup the dc BMR outside DPM (windows backup) . In any case if recovering the DC sould be the first step before dpm recovery then I should backup system state the hyper v hosting the DC.. and that backup should also not be done with DPM.

    Since the DPM can backup itself I should backup the database only, because the pool storage will be stored in external network storage which is considered "safe" from failure. Is that correct?

    So taking the above in mind, the recovery senario would be

    1. recover the hyperv system state from portable disk(taken with windows backup)

    2. recover the DC VM BMR from portable disk(taken with windows backup)

    3. a) recover the DPM server BMR from portable disk(taken with windows backup)

    b) install fresh the DPM server and import the database

    4. with the DPM live restore the rest (1 HyperV physical + 5 VM +10 windows clients)

    (portable disk taken offsite every evening)

    Is that correct?

     

    The secondary DPM senario is very clear to me and we are considering the option but right now it could not implemented for other reasons, so we are trying to stick to the plan in which the whole thing could be recovered with a portable disk and a network storage (these 2 are considered safe from failure)

    Sorry if my quiestions seem stupid but I have no experience with DPM. Right now we use windows backup on every machine (server or client) and it works ok if the "administrator" spend enough time for that and the users dont get in the middle of backing up the clients. In case of failure the recovery is not easy but OK. So we are questing for a more centralized backup procedure with less administrative effort with DPM.

    thanks

    spyros

    Friday, November 25, 2011 9:42 AM
  • Spyros,

    You have two physical servers and already have a primary DC on one server and a backup DC on the other. Just use a single domain for everything - its simpler.

     

    You are right, DPM has to be a member of a domain. If your DPM server fails, your restore steps would be:

     

    1. Install W2K8-R2, join the domain, install DPM.

    2. Restore from tape.

     

    If both machines failed, your restore steps would be:

     

    1. Install W2K8-R2 on both servers.

    2. Create a temporary VM-DC on the non-DPM server and dcpromo it.

    3. Install DPM, join the temporary domain, and perform a "foreign" restore of the live DC from tape to the other server.

    4. Start your recovered DC on the second server.

    5. Re-install W2K8-R2 on the DPM server, join the recovered domain, then install DPM again.

    6. Perform a full restore from tape. (Once you have a DPM platform up and joined to the domain again, everything restores just fine, right from tape).

     

    Introducing another domain will just make this way too complicated and waste licenses.

    Before going into production, practice the recovery at least once and take detailed notes.

    Backing up the DPM system state and database isn't necessary because it can be restored from tape. That being said, I always run a daily WSB backup (BMR) of the DPM machine's C:\ Drive in addition to protecting it within DPM. Doing cross backups between your two servers can be considered and if you have capacity, consider both a local WSB backup and a scheduled WBADMIN backup of each server's BMR to the other server. Taking an additional offsite backup on USB isn't a bad idea.

    Bucatech's suggestion of backing up the DPM server with another DPM server is excellent if you have the budget. Unless your strategy requires DPM2DPM4DR, I'd prefer to put the money into a better class of DPM server.

    Bob.



    • Edited by BobH2 Friday, November 25, 2011 1:00 PM
    Friday, November 25, 2011 12:55 PM
  • Ok if I understand correctly you are suggesting that I should backup the dc BMR outside DPM (windows backup) . In any case if recovering the DC sould be the first step before dpm recovery then I should backup system state the hyper v hosting the DC.. and that backup should also not be done with DPM.

    Since the DPM can backup itself I should backup the database only, because the pool storage will be stored in external network storage which is considered "safe" from failure. Is that correct?

    So taking the above in mind, the recovery senario would be

    1. recover the hyperv system state from portable disk(taken with windows backup)

    2. recover the DC VM BMR from portable disk(taken with windows backup)

    3. a) recover the DPM server BMR from portable disk(taken with windows backup)

    b) install fresh the DPM server and import the database

    4. with the DPM live restore the rest (1 HyperV physical + 5 VM +10 windows clients)

    (portable disk taken offsite every evening)

    Is that correct?

     

    The secondary DPM senario is very clear to me and we are considering the option but right now it could not implemented for other reasons, so we are trying to stick to the plan in which the whole thing could be recovered with a portable disk and a network storage (these 2 are considered safe from failure)

    Sorry if my quiestions seem stupid but I have no experience with DPM. Right now we use windows backup on every machine (server or client) and it works ok if the "administrator" spend enough time for that and the users dont get in the middle of backing up the clients. In case of failure the recovery is not easy but OK. So we are questing for a more centralized backup procedure with less administrative effort with DPM.

    thanks

    spyros

    Hi Spyros,

     

    Your questions are not dumb. I understand that you are just trying to figure out the best recovery solution with your DPM.

     

    When you have DPM it centralizes the BMR and protection of your servers so that you do not have to do it with WSB on each server. DPM does use WSB on the local protected server to create the BMR. Leave the BMR in your DPM storage pool but also copy this out somewhere that is easy to access in the event your entire network is down including the DC and DPM. Having this BMR data external to DPM will allow you to still recover the DC. You can get the BMR data from restoring it to a folder and then copying from there to an external drive or from the replica on the storage pool in the event you were not prepared for a failure. See this thread for locating the BMR in your storage pool manually: http://social.technet.microsoft.com/Forums/en-US/dpmdrbackup/thread/f61e6f45-fe34-4fec-b751-9aee8042e44d/.

     

    The recovery of Hyper-V system state is optional. With the BMR backup of the DC you should be able to recover the DC to any Hyper-V host. I have also read that backing up a DC VM is not fail proof and that is why I recommend BMR. Here are the steps I see:

     

    1.       Recover your DC BMR to a Hyper-V VM.

    2.       Get a DPM server (same name) up and running, then recover the database and sync the replicas to storage pool using DpmSync (http://technet.microsoft.com/en-us/library/bb808877.aspx).

    3.       Recover the rest of the p[protected data you need.

     

    Let me know if any of this is not clear.


    My Blog | www.buchatech.com | www.dpm2010.com
    Friday, November 25, 2011 8:04 PM
    Moderator
  • ok..

    for the first step... the hyper-v machine I suppose to use to recover the DC... you suggest that I should make a fresh install... I was thinking about a backup of it as well ... the 2 physical servers with Hyper V are not in any Domain. (for the sake of the other post I have ONE domain with 2 DC VM supporting eachother). So I could restore the hyper V first (I find easier to restore... than to install and apply all the updates and config until it will be like it is now). Another thing I had in mind is to bmr restore the DPM server the same way.

    You said that

    "When you have DPM it centralizes the BMR and protection of your servers so that you do not have to do it with WSB on each server. DPM does use WSB on the local protected server to create the BMR. Leave the BMR in your DPM storage pool but also copy this out somewhere that is easy to access in the event your entire network is down including the DC and DPM. Having this BMR data external to DPM will allow you to still recover the DC. You can get the BMR data from restoring it to a folder and then copying from there to an external drive or from the replica on the storage pool in the event you were not prepared for a failure. See this thread for locating the BMR in your storage pool manually:http://social.technet.microsoft.com/Forums/en-US/dpmdrbackup/thread/f61e6f45-fe34-4fec-b751-9aee8042e44d/."

    So if I understand correctly I can find backups in the pool storage for the machines as if there ware taken by windows backup.

    so I can use the dpm to backup everything centralized but.. every day before leaving to home I could copy from the pool storage the bmr of 1. the 1 hyperv host (without the VM's) 2. the primary dc VM 3. the DPM server , to a protable disk and take it home..

    Recovery senario

    1. Recover BMR the hyper V from portable

    2. recover BMR the DC VM from portable

    3.recover BMR the DPM from portable(is this possible?)

    4. recover the rest with the live dpm and the pool storage from the nas(consider the nas safe from any failure)

    do you think the recovery senario is ok?

    Saturday, November 26, 2011 12:21 PM
  • ok..

    for the first step... the hyper-v machine I suppose to use to recover the DC... you suggest that I should make a fresh install... I was thinking about a backup of it as well ... the 2 physical servers with Hyper V are not in any Domain. (for the sake of the other post I have ONE domain with 2 DC VM supporting eachother). So I could restore the hyper V first (I find easier to restore... than to install and apply all the updates and config until it will be like it is now). Another thing I had in mind is to bmr restore the DPM server the same way.

    You said that

    "When you have DPM it centralizes the BMR and protection of your servers so that you do not have to do it with WSB on each server. DPM does use WSB on the local protected server to create the BMR. Leave the BMR in your DPM storage pool but also copy this out somewhere that is easy to access in the event your entire network is down including the DC and DPM. Having this BMR data external to DPM will allow you to still recover the DC. You can get the BMR data from restoring it to a folder and then copying from there to an external drive or from the replica on the storage pool in the event you were not prepared for a failure. See this thread for locating the BMR in your storage pool manually:http://social.technet.microsoft.com/Forums/en-US/dpmdrbackup/thread/f61e6f45-fe34-4fec-b751-9aee8042e44d/."

    So if I understand correctly I can find backups in the pool storage for the machines as if there ware taken by windows backup.

    so I can use the dpm to backup everything centralized but.. every day before leaving to home I could copy from the pool storage the bmr of 1. the 1 hyperv host (without the VM's) 2. the primary dc VM 3. the DPM server , to a protable disk and take it home..

    Recovery senario

    1. Recover BMR the hyper V from portable

    2. recover BMR the DC VM from portable

    3.recover BMR the DPM from portable(is this possible?)

    4. recover the rest with the live dpm and the pool storage from the nas(consider the nas safe from any failure)

    do you think the recovery senario is ok?

    Hi Spyros,

    Your plan looks good. You can actually see the path of the replica in the DPM console. This will show you tje volume your BMR's are being backed up to. Record that information and save it. You can this by going to the Protection area…. Expand the Protection Group in the DPM console, select the protected BMR data and in the lower pane click on “Click to view details” next to “Replica Path:”. This will pop-up a window with the path in it. You can copy this information.


    My Blog | www.buchatech.com | www.dpm2010.com
    Friday, December 9, 2011 7:48 AM
    Moderator