Tuesday, February 17, 2009

Data Protection Manager for Hyper-V

I've been doing a lot of work with Hyper-V and System Center Virtual Machine Manager 2008 for a recent project. Backup needs to be addressed as part of this project. So, I started testing out Data Protection Manager (DPM) and found it to be quite nice. I'd been meaning to take a look at DPM, but never got around to it. Overall it looks like a good and reasonable priced solution for MS shops. There is no agent available for non-Windows servers.

The big thing with DPM is that it's disk-based backup with an option to go to tape. Your initial backup on a server is a full backup, but after that, it's all snapshots. Makes a daily backup go much faster. You can archive to tape on a schedule that you determine. So, cool from that perspective.

Now for backing Hyper-V and Virtual Server VMs you have two options. First, install an agent in the VM and backup the VM like a physical server. This option gives you the most flexibility because you can choose what data to back up and what data to restore. However, you also pay for an agent on each VM.

An alternative is host backups. Host backups are done only at the host level, rather than at the guest level. If the OS and applications in the guest are VSS aware (they have a VSS writer), then a backup can be peformed without taking the server down or pausing it. VSS is used to make all data consistent before a snapshot is taken and the vhd files are backed up.

The upside to host based-backups is lower licensing costs. A single DPM license is installed at the host level and all VMs are backed up with this single license. The downside is recovery flexibility. You can only restore an entire VM. However, if you did need specific files, you could restore the VM to an alternate location and then extract the files you need by mounting the vhd. A pain, but doable and may be worth it depending on the $ you are saving.

For more information about backing up VMs on Hyper-V and Virtual Server, check out this link: http://edge.technet.com/Media/DPM-2007-SP1-Protecting-Hyper-V/

Thursday, February 12, 2009

Delegating Management of Exchange 2003 Contacts

I had a client ask for this recently. So, I thought I'd post it up.


The steps are:

  1. Open Active Directory Users and Computers.
  2. Right-click the OU (or domain) you want to delegate Contact administration for and then click Delegate Control.
  3. Click Next.
  4. Add the users or groups that you want to delegate control to and click Next.
  5. Click Create a custom task to delegate and then click Next.
  6. Click Only the following objects in this folder and select the Contact objects checkbox from the list.
  7. Select the Create selected objects in this folder and Delete selected objects in this folder checkboxes and then click Next.
  8. In the permissions list, select the Full Control checkbox and then click Next.
  9. Click Finish.

That should give the user or group permissions to manage and create only contacts for the OU or domain that was selected. By default, these permissions will flow down and be inherited by lower OUs.

The user will then use AD Users and Computers to create the contact objects. If you want to get fancy, you can create a custom view for the user to limit what they actually see. The version of AD Users and Computers that is used by the user will need to be updated with the Exchange 2003 management bits by installing the Exchange 2003 admin tools otherwise, it can’t mail enable the contacts.

Tuesday, February 10, 2009

Finally a Use For IPv6

I finally have a good reason to use IPv6. In my test environments for creating classroom labs and activties, the computers are always using a different IPv4 address range than my internal network. However, with IPv6 automatically enabled in Windows Server 2008 and Windows Vista, I can still copy files directly to the virtual machines from my regular workstation.

IPv6 automatically creates a link-local address for each computer. This allows communication between computers on the same logical network without any manual configuration. This is similar to APIPA addresses in IPv4, except, link-local addresses are done in addition to any other addresses, not as a replacement.

In this setup, I can use regular UNC paths even though the computers are on different IPv4 networks. Sweet.

Also very useful for remote control.

Hyper-V Manager from a Non-Domain Computer

As part of a project I'm working on, I need to remote control a Hyper-V guest using Hyper-V Manager installed on a Vista computer that is not part of the domain. Basically, I don't want to put my regular workstation into my test domain. After a bit of pain, the simplest solution I found is this:
  1. Create an account in the domain running Hyper-V that has the exact same logon name and password as the account being used on the Vista computer.
  2. Configure COM on the Vista computer to allow anonymous remote connections.

Then BOOM! It works. And you can do your screen recordings remotely.

For click-by-click instructions on the configuring COM, see step 7 in this blog: http://blogs.technet.com/jhoward/archive/2008/03/28/part-2-hyper-v-remote-management-you-do-not-have-the-requested-permission-to-complete-this-task-contact-the-administrator-of-the-authorization-policy-for-the-computer-computername.aspx

Monday, February 2, 2009

Groove for File Backup on a Laptop

When my laptop lost the hard drive last week, I was very lucky. Like most people I did not have a backup of anything on my laptop. Luckily there was only one file on there that I cared about and recreating it will take only about an hour. However, I've decided I do need a solution for syncing my laptop files.

I don't run a server in my house right now. So I thought I'd give Groove from MS Office 2007 a try. One of the features in Groove is file synchronization between hosts in a shared workspace.

A few things I've found out:
  • The 64-bit version of Groove 2007 does not support file sharing workspaces. You can still sync files, but all of the files are stored in the Groove database instead of just syncing part of the file system.
  • There is no easy way to save a file into a Groove workspace. You must copy a file into the workspace and then open it from the workspace. While you work on the open file a temp copy is placed on the hard drive. When you close the document, the changed version is placed back into the Groove database. I would have preferred browsing to Groove workspaces through Explorer (Although, there's 3rd party addon for the low low price of $60USD per seat).

In the short-term at least, this appears to be a workable solution for me. It will synchronize my basic Word documents and graphics. But the fact my apps can't save directly to a workspace without first opening the file from that workspace is definitely clunky.