Archive:SEP sesam Extension for MS-Exchange

From SEPsesam
THE CONTENT OF THIS PAGE IS OUTDATED
SEP AG has discontinued support for obsolete SEP sesam versions. Instructions are still available for these SEP sesam products, however, SEP AG accepts no responsibility or liability for any errors or inaccuracies in the instructions or for the incorrect operation of obsolete SEP sesam software. It is strongly recommended that you update your SEP sesam software to the latest version. For the latest version of SEP sesam documentation, see documentation home.


(C)SEP AG

Copyright 1999-2009 by SEP AG. All Rights reserved.

Any form of reproduction of the contents or parts of this manual is allowed only with the express written permission from SEP AG. When compiling and designing user documentation SEP AG uses great diligence and attempts to deliver accurate and correct information. However, SEP AG cannot issue a guarantee for the contents of this manual.


Scope

This article describes the backup and restore of Microsoft Exchange Server 2000 and Exchange Server 2003.

System requirements

  • SEP sesam Server / Client-Version 3.0 or higher
  • Microsoft Exchange Server 2000 or higher

Requirements on the Exchange Server

  • SEP sesam Client-Version 3.2.1.2.1 or higher
  • Correct and functional name resolution between SEP sesam Server and the installed SEP sesam Client
  • An active and running SEP sesam Server installation.

SEP sesam Server can be installed on the exchange Server. However, a disaster recovery of the whole system takes a longer time due to the size and complexity.

Installation and Configuration of an MS-Exchange-Online-Backup

  • Install the SEP sesam Client
  • Next, copy the following file into the SEP sesam home directory:
 Copy 
 C:\Programme\Exchangsrv\bin\esebcli2.dll 
 to 
 C:\Programme\SEPsesam\bin\sesam 

The installation on the client is now finished.

Next, add the new SEP sesam client in the SEP sesam Server. Add a new task for the client with "MS Exchange" as type and enter the name of your MS-Exchange-DB in the field "Source". In most cases this is the host name of the Exchange server without domain suffix.

Now you can start with the backup.

Restore into the Savegroup for Recovery

  • Create a database in the Exchange System Manager under "Savegroup for Recovery" and enter the original database that is to be restored.



  • Select the database you want to restore and the SEP sesam directory in the SEP sesam Restore Wizard.


  • Start the restore with overwrite existing files and Auto recover and online after recover


  • After this, the individual mailboxes can be imported using Exmerge

Procedure for Disaster Recovery of MS Exchange

Windows 2000; 2000 Server; XP; W2003-Server with Active Directories and MS-Exchange

The following backups have to be done from a SEP sesam Server or the client.

FULL; SYSTEM_STATE

Then, for Exchange servers, the database also has to be saved.

Recovery of a Client:

  1. The defective machine has to be reset to it's factory state with identical hardware
  2. Installation of the identical operating system before the disaster with the identical service packs (e.g. SP4 for W2K or SP2 for WXP).
  3. Configuration of the network properties with the same IP an the same name as before the incident.
  4. Should the disaster machine be an Exchange server or domain server it has to be installed normally (enter dcpromo in the cmd).
  5. Installation of the SEP sesam Client with name reference to the SEP sesam server.
  6. Restart the machine, press F8 and start in Directory Services Restore Mode
  7. Start the "FULL" restore on the SEP sesam server (with overwrite) - wait until done.
  8. Start the "system_state" restore (with overwrite) - wait until done.
  9. Restart the computer
  10. Check for complete functionality and check the restore logfile on th SEP sesam server in case of errors.
Exchange Restore

All steps have to be completed before you can restore the Exchange DB in case of a disaster. In order to restore an Exchange server all Exx.log and all Exx.chk files have to be deleted. (e.g. 500.log or R00.chk) After a standard installation the path should be c:\Program Files\exchsrv\mbbdata. In here you have to delete all the files as explained above.



After deleting the individual save groups have to be closed. For this, start the "Exchange System Manager". In this directory, open server and activate the "Cancel allocation of information storage".

Also, activate the field "This database can be overwritten during a restore" as shown in the screenshot.

All this can be read again in detail in the SEP manual DB-modules MS-EXCHANGE. In the SEP sesam restore wizard set the database restore to "overwrite" and "recover". Afterwards, mske the storage groups available again.

If you have any questions about this document please contact our support.

Should the POP3 service not be able to start after the restore the directory /system32/inetsrv/ has to be restored onto the Exchange server with a file-restore with the option overwrite.


Short description of the process
  • Restore full backup.
  • Restore System_state.
  • Reboot.
  • Delete the logfiles
  • Restore the ExchangeDB.
  • If POP3 can't be startet restore the directory \inetsrv
  • Reboot the system

SINGLE Mailbox BACKUP and Restore with SEP sesam

Preparations for Single Mailbox Backup

Copy the file Exchsrvr\bin\esebcli2.dll into the installation directory of the SEP sesam client(Programme\SEPsesam\bin\sesam)

Execute the command

 "sm-setup set_ex2k"

in the installation directory "Programme\SEPsesam\bin\sesam". By executing this command a configuration file "sbcex2km.ini" is created in the folder "Programme\SEPsesam\bin\sesam\var\ini" which will be needed in later steps. This step can only be done once.

License the Single Mailbox Option of SEP sesam and activate this license on the SEP sesam server.

Download the tool "Exmerge" from Mictosoft (Freeware)

Install Exmerge into the directory Exchsrvr\bin (the unpacked components have to be in this folder with the configuration file).

The rights that need to be issued in order to export mailboxes from the Exchange DB are recommended by Microsoft as follows:

http://support.microsoft.com/kb/292509/en

Further information

To create a new security group and to add accounts to this group, follow these steps:

1. Click Start, point to Programs, point to Microsoft Exchange, and then click Active Directory Users and Computers.

2. Expand your domain name.

3. Right-click the organizational unit or the container where you want to create the new security group, point to New, and then click Group.

4. In the Group name box, type a name for the group.

5. Under Group type, make sure that the Security option is selected.

6. Click Next two times, and then click Finish.

7. Right-click the group that you created, and then click Properties.

8. Click the Members tab, and then click Add.

9. In the Select Users, Contacts, or Computers dialog box, add the accounts or the groups that you want to use to run the ExMerge utility, and then click OK two times.

Note If you are running Exchange on a Microsoft Windows Server 2003-based computer, the list of accounts and groups
does not appear in the Select Users, Contacts, or Computers dialog box. To locate the user account or the security
group, follow these steps:
1. In the Select Users, Contacts, or Computers dialog box, click Advanced, and then click Find Now.
2. Locate and then click the account or the security group in the Search results list, and then click OK. 

10. Delegate the Exchange View Only Administrator role of the related administrative group to the security group that you created:

1. On the Exchange computer, click Start, point to Programs, point to Microsoft Exchange, and then click System Manager.

2. If administrative groups are enabled, expand Administrative Groups, and then expand your administrative group.

3. Right click the according administrative group and then click Assign object management.

4. In Exchange Administration Delegation Wizard, click Next, and then click Add.

5. Click the security group that you just created in the Group box, click Exchange View Only Administrator in the Role box, and then click OK.

6. Click Next, and then click Finish.

Assigning Inbox Rights to the Security Group

1. On the Exchange computer, click Start, point to Programs, point to Microsoft Exchange, and then click System Manager.

2. If administrative groups are enabled, expand Administrative Groups, and then expand your administrative group.

3. Expand Servers, expand your Exchange computer, and then expand the storage group that contains the mailbox store that you want to use with the ExMerge utility. For example, expand First Storage Group.

4. Right-click the mailbox store that you want to use with the ExMerge utility, and then click Properties.

5. Click the Security tab.

6. Click Add.

7. In the Select Users, Contacts, or Computers dialog box, add the security group that you created earlier, and then click OK two times.

When you add the security group, the Allow permission check box is automatically selected for all permissions on the mailbox store. This includes the Receive As and the Send As permissions that are required for the accounts that will use the ExMerge utility to access all mailboxes in the mailbox store

Configuration of the SEP sesam service

Switch the SEP sesam service account to a different user who belongs to the groups administrators, replication operator, backup operators as well as the newly created security group. This step is necessary so SEP sesam can execute the Exmerge component during the backup. This user now has access to all inboxes of the Exchange server. The default Exchange settings don't even grant administrators access to inboxes for reasons of data protection.

Configure the file C:\program files\sepsesam\var\ini\sbcex2km.ini

Open the file with an editor and configure the following parameters:

PathToExMergeExecutable=C:\Program files\Exchsrvr\bin\exmerge.exe

For the examples below, instead of "YOUR_EXCHANGE_SERVER" the actual names of the servers have to be entered.

SourceServerName=YOUR_EXCHANGE_SERVER
DomainControllerForSourceServer=YOUR_EXCHANGE_DOMAIN_CONTROLLER

The loglevel should only be set to 3 for the test runs. After successful tests it should be changed to 1.

LoggingLevel=3

Close the configuration file and save.

Define Storage Location

Achtung

During the backup of the mailboxes the individual mailboxes are briefly swapped in full size. Therefore, make sure there is enough space on the partition that contains the install directory of SEP sesam. If this is not the case you have the option to define the swapping location to a different local drive.


Dafür erstellen Sie auf diesem Laufwerk direkt im Hauptverzeichnis einen Ordner „ini“ und einen Ordner „sepmail“. In den Ordner „ini“ kopieren Sie sich die fertig konfigurierte Datei For this create a folder named "ini" and a folder named "sepmail" in the main directory of this drive. Copy the fully configured file

 C:\Program Files\SEPsesam\var\ini\sbcex2km.ini

into the folder "ini"

The folder "sepmail" remains empty.

In this step the SEP sesam server is given the new swapping location. For this, go to the directory "C:\Program Files\SEPsesam\var\ini" and open the file sm.ini with an editor. Go to the part where it says

[PATHES] 

and change the line

gv_rw_tmp=C:\Program Files\SEPsesam\var\tmp\ 

to the new directory that contains the new folder "sepmail".

z.B.  „gv_rw_tmp=E:\sepmail“.

The source of the inbox storage for the backup should be known to the Exchange Administrator. If this is not the case it is necessary to start a manual test backup with the program exmerge.exe. In the directory in which the file Exmerge.exe was started the protocol ExMerge.log can be found. You can get the source from this protocol and enter it in SEP sesam.


Excerpt from a sample backup of Exmerge.log



[16:46:08] Set search preferences
[16:46:08] Filter used: '(objectClass=msexchPrivateMDB)'
[16:46:08] Successfully executed directory search
[16:46:08] Ending Routine:  (CADRoutines::GetExchangeServerStorageGroupInfo)
[16:46:08] Entered Routine:  (CADRoutines::GetMailboxesHomedOnExchangeServerDatabases)
[16:46:09] Mailbox '/o=Erste Organisation/ou=Erste administrative Gruppe/cn=Configuration/cn=Servers/cn=RUOFFNIX4/cn=Microsoft       
System Attendant' will be ignored as its DN contains strings in the ignore list
[16:46:09] Mailbox '/o=Erste Organisation/ou=Erste administrative Gruppe/cn=Configuration/cn=Connections/cn=SMTP          
(RUOFFNIX4)/cn={DF244735-E26F-49FF-9A5D-41D343F7CFEF}' will be ignored as its DN contains strings in the ignore list
[16:46:09] Mailbox '/o=Erste Organisation/ou=Erste administrative 
Gruppe/cn=Recipients/cn=SystemMailbox{DF244735-E26F-49FF-9A5D-41D343F7CFEF}' will be ignored as its DN contains strings in the  
ignore list
[16:46:09] Found 13 mailbox(es) homed on database 'FIRST SAVEGROUP/INBOXSTORAGE (RUOFFNIX4)'.
[16:46:09] Ignored 3 mailbox(es) homed on database 'FIRST SAVEGROUP/INBOXSTORAGE (RUOFFNIX4)'.
[16:46:09] Found 13 mailbox(es) homed on the specified databases.
[16:46:09] Ignored 3 mailbox(es) homed on the specified databases.


The path to save the inbox database, in this example, would be

FIRST SAVEGROUP/INBOXSTORAGE


The content in the line source, in this example, in full is:

FIRST SAVEGROUP/INBOXSTORAGE/ruoffnix4,0:100

  • This call consists of the source of the savegroup

(FIRST SAVEGROUP/INBOXSTORAGE/)

  • After this the hostname of the exchange server follows

RUOFFNIX4

  • Then, separated with a comma, the output of what has to be saved

,0:100 This input makes it possible to backup the first 101 inboxes of the system.



Further Options: 1. This makes it possible to backup the mailboxes of the users 1-101 FIRST SAVEGROUP/INBOXSTORAGE/ruoffnix4,0:100

0:100

2. This command is used to save the mailboxes from the first to the last user

FIRST SAVEGROUP/INBOXSTORAGE/ruoffnix4,0:-1

0:-1

3. Here the account of the user administrator is saved. Several users can be specified with their names as long as they are separated with a comma. However the input field is limited to a certain number of characters which is why using numbers, as explained above, lends itself to this.

FIRST SAVEGROUP/INBOXSTORAGE/ruoffnix4,Administrator

Administrator

In order to find our which users are saved when 0:10 is entered there is an option to check this in Exmerge. The sorting method of SEP sesam is the same.

Microsoft empfiehlt mehrere kleinere Sicherungsgruppen anzustoßen, da immer jedes Postfach einzeln extrahiert wird und dass zu lange dauern könnte. Im Sesam ist dies zu realisieren wenn man mehrere Aufträge erstellt.

Example:

1.Task with the source

FIRST SAVEGROUP/INBOXSTORAGE/ruoffnix4,0:30

2.Task with the sourve

FIRST SAVEGROUP/INBOXSTORAGE/ruoffnix4,31:61

Add these tasks to a group and start them together.

Further References