Sunday, April 14, 2013

Windows Server 2008 + Knowing what is in your AD Tool Kit

Work in progress…

AD Recycle bin
http://koppihle3.blogspot.com/search?q=recycle

AD Tombstoning 
http://technet.microsoft.com/en-us/magazine/2007.09.tombstones.aspx

Video 1 of 1 (demo on restoring an AD object)
http://www.youtube.com/watch?v=hs3YqQVv-M0

AD LDS backup (Windows Backup or dsdbutil)
http://technet.microsoft.com/en-us/library/cc730941(v=ws.10).aspx

AD LDS restore (Windows Backup or dsdbutil)
http://technet.microsoft.com/en-us/library/cc725903(v=ws.10).aspx

AD LDS editing
http://technet.microsoft.com/en-us/library/cc732675(v=ws.10).aspx

AD AD LDS Snapshots step by step
http://technet.microsoft.com/en-us/library/cc753609(v=ws.10).aspx

Video 1 of 4 (explanation of who what and why)
http://www.youtube.com/watch?v=36cqfV38Q5Y
Video 2 of 4 (minute 6 is start of demo of process)http://www.youtube.com/watch?v=JUoiq_wYSUg'
Video 3 of 4 (this is video is the gold of the demo) http://www.youtube.com/watch?v=dQxCjmh_v8E
Video 4 of 4 (continued explanation including limitations)http://www.youtube.com/watch?v=Vn7DCDZYVNQ


Here are screen shots from my AD Snaphots Lab:

Snapshot Creation (input highlighted):

clip_image001

Snapshot Mount (input highlighted):

clip_image002Note: leave this window open

Snapshot View from Explorer:

clip_image004

Note: You may be able to restore files and folders by browsing the now mounted snapshot using explorer to copy/paste items.

Accessing Snapshot Using dsamain using port 50389 (input highlighted):

clip_image005

Note: You MUST leave this open till you are done working with the DB

Note: Please see unmounting instructions below


Opening mounted snapshot using LDP.exe:

Select Connection:

clip_image006

Enter in server name and port you assigned. In this cas 50389:

clip_image007

After it loads Bind the connection:

clip_image008


Opening mounted snapshot using ADSIedit.msc:

Select Action Connect to as shown below

clip_image009

Select Advanced: (demo is on same system)

clip_image011

Enter in the port and select OK:

clip_image013

You can then view the data additionally as shown below you can mount your current live instance as well and compare:

clip_image014


Google or Bing for “Directory Service Comparison Tools” to find tools to compare and restore from snapshots.

Unmounting Snapshot

When finished go to the dsamain command prompt window that is still open. Press Ctrl+C and close the window.

Next go to your ntdsutil command prompt window and unmount the snapshot as shown below:

clip_image015

Enter ? for a list of possible commands. You will likely want to delete the snapshots.

clip_image016

Wednesday, April 10, 2013

Server 2008 R1 Backup Setting up Email Alerts

This will provide you basic alerting based on the events you select. If you setup events for every possible backup event this will take some time. I would more likely setup the most common success and failure warning. Before proceeding you must have an SMTP server configured internally and ready to use:

Open event viewer

Select “Applications and Service Logs”> “Microsoft”>”Windows”>”Backup”>”Operational” as shown below:

clip_image001

Note: Before we start let me preface this with you do not want to “Attach a Task To this Log…” on the root of “Operational”, though it is possible, because it gives you NO information other than something posted to the backup operational log. So it will send you lots of emails with no information. You might as well just check the server logs daily.

clip_image002

So go to the Successful backup task in our event logs “Event ID 4” as shown below:

clip_image004

Right Click and select “Attach Task To This Event…” as shown below:

clip_image005

“Next”:

clip_image007
“Next”:

clip_image009

Select “Send and e-mail” as sown below and “Next”

clip_image011

Now this is the important part. Setup your from and to email address along with your SMTP server. The Subject Line and Text is what you want to make informative. For example [Success] Backup completed if multiple servers you may want to indicate the server name in the subject and/or the text. And select “OK” as shown below:

clip_image012

You will then receive the following prompt letting you know the “Scheduled Task” was successfully created:

clip_image013

Note: To modify the settings on these events go to scheduled tasks and edit the tasks as needed. For example if you want to change email addresses, add more details, or delete the event alert completely.

Repeat the process for other event items such as failures or running low on space and updated the subject lines to correspond with the event. Now you see why you do not want to use the blanket approach as it will just send you empty emails as the “event” itself is not in the email it is just a trigger.

For example here is the email I received (everything I need to know is in the Subject):

clip_image014

Note: I would recommend setting up both success and failure email rules rather than just success. If you don’t actively monitor it, it is easy to forget you haven’t received a successful email in days, weeks, or even worse months or years!

Additionally you can include failure troubleshooting steps or contact information in the alert emails such as the following for failure “Event ID 49” backup drive not found:

clip_image015

Server 2008 SMTP Relay through GMX as a Smarthost

Access your SMTP configuration using IIS 6.0 Manager as shown below:

clip_image001

Select the SMTP server as shown below:

clip_image002

Right Click and select Properties:

clip_image003

The “Access” tab is how you lock down what is sending through your SMTP server by limiting the Authentication, Connection, and Relay Settings as shown below:

clip_image005

For Example the setting below will only allow the address 192.168.0.2 to connect to the SMTP server:

clip_image007

Another Example the setting below will only allow the address 192.168.0.2 to relay through the SMTP server and allow authenticated is unchecked:

clip_image009

Now to configure our relay I assume by this time you have already setup a free email account with www.gmx.com

Select the “Delivery” tab and “Outbound Security” as shown below:

clip_image011

Select “Basic authentication” and enter in your GMX.com username and password as shown below and click “OK”:

clip_image013

Note: if using other email providers as a SMTP relay you may need to enable TLS (check with your email provider)

You should not need to Modify the Outbound Connections TCP port for GMX:

clip_image015

Note: If you are using other email providers such as Gmail you may need to modify the TCP port (check with your email provider)

Select the “Delivery” tab and “Advanced” as shown below:

clip_image017

In the “Smarthost” field enter in “smtp.gmx.com” as shown below and select “OK”

clip_image019

Stop and restart SMTP and you should now be able to send through your SMTP server using GMX as your smarthost.

Note: you will likely have to add that email address as a non-junk non-spam address on email filtering.

Server 2008 R1 SMTP Installation

To install SMTP go to “Server Manager”>”Add Features”> and install ” SMTP”

clip_image001

Note: I recommend installing the feature “Telnet Client” as well to aid in troubleshooting later.

After the installation completes to manage SMTP and FTP on Server 2008 R1 you must use IIS 6.0 Manager as shown below:

clip_image002

When using the IIS 6.0 MMC when you open SMTP you will likely receive the error “No Such Interface Supported” . This is a common problem to fix it open a command prompt as an administrator and register the DLL’s using the following command:

C:\Windows\System32\inetsrv>regsvr32 smtpsnap.dll
C:\Windows\System32\inetsrv>regsvr32 smtpadm.dll

Close and reopen the IIS 6.0 MMC and the error should go away.

I have noticed there are some other items that are a bit off with this SMTP version such as SMTP logging does not appear to work properly. Thus the need for installing the Telnet client for testing and thoroughly locking down your SMTP environment.

Please see my other SMTP configuration tech notes on SMTP usage/relay scenarios

For more on telnet testing of SMTP: http://support.microsoft.com/kb/153119