Microsoft’s Data Protection Manager (DPM) 2007 is a next generation backup and restore solution that protects Microsoft file and application servers, focusing on block-level continuous data replication to disk for fast recovery, and tape storage for long-term archiving. With comprehensive functionality and reliability, coupled with unusual simplicity in configuration and operation, DPM simplifies IT operations with a streamlined restore procedure for stress-free recovery in the event of a disaster.
In comparison with other Microsoft server products, Data Protection Manager is easy to install on Windows Server 2008. With the exception of the Single Instance Storage (SIS) component, all prerequisite software is included and installed as part of setup. Because DPM must run on a dedicated machine, there are no other services or applications that might break, allowing the setup procedure to do all the heavy lifting.
DPM can be installed on Windows Server 2003 or 2008 and requires a minimum of 2 gigabytes of RAM. Both 32- and 64-bit architectures are supported. Storage for replicated data can be provided by direct attached storage (DAS) or a storage area network (iSCSI or Fibre Channel), but USB and firewire disks are not supported. Tape drives and libraries must be physically attached to the DPM server. Microsoft provides a handy spreadsheet for estimating the amount of storage required, but currently only estimates the space needed to replicate Exchange workloads.
In addition to licensing the DPM server, each device that needs to be protected requires a management license: either standard or enterprise. Standard management licenses are for protecting file servers and system state data. An enterprise management license is required for everything else, including the DPM System Recovery Tool (SRT), which provisions bare-metal recovery to similar hardware and is provided as a separate download.
While not compulsory, DPM is better able to manage storage if disks are added to the storage pool. You should note that DPM cannot use space that is assigned to volumes using Windows Disk Management on disks that are part of the storage pool. Let’s add a disk that’s directly attached to the DPM server to the storage pool:
Your disk(s) should now appear as part of the storage pool in the Disks tab (Figure 1).
Unlike some other backup solutions, one agent covers all workloads that DPM is capable of protecting. In principle, DPM agents can be push-installed using the administrator console, but the recommended method is to manually install the agent on servers that DPM will protect or use Group Policy software distribution. When you install the agent manually on a server, it will make the necessary changes to Windows Firewall to allow communication with the DPM server. On a server that you want DPM to protect:
Protection Groups allow you to collect data sources protected by DPM, such as SQL databases, and assign shared protection configuration. For instance, one Protection Group might contain all databases that need continuous protection, while another group contains file shares that are backed up daily. Let’s create our first Protection Group:
Figure 4 shows the administrator console Protection tab after all replicas have been successfully created.
Users can restore files from DPM recovery points without intervention from the help desk. This functionality is not enabled by default, it requires the Active Directory schema to be extended, and pre-Vista clients must have the Shadow Copy Client software installed.
Because of security changes in Windows Server 2008, extending the AD schema to support DPM End-user Recovery with the administrator console fails, so I advise using the following method, which works with Windows Server 2003 and 2008 domains:
Users will now be able to see previous versions of files provided by DPM recovery points by right clicking a file in Windows Explorer, selecting Properties from the menu and then the Previous Versions tab.
The restore process is simple and reliable, and provides almost zero data loss for applications such as Exchange and SQL by restoring to the last recovery point and then replaying transaction logs to bring databases up to date. DPM simplifies complicated recovery procedures with wizards, providing options for different recovery scenarios. In this example, we’ll restore a file to get a feel for the recovery process:
Troubleshooting Incompatible Filter Driver Errors
Microsoft Knowledge Base article containing information about how to configure IIS after applying SQL 2005 service pack 2. See Problem 2 at the bottom of the article.
DPM 2007 falls short of receiving full marks, as there are some scenarios during configuration where simple guidance is omitted, such as a warning when adding disks that contain volumes to a storage pool. Other minor annoyances are that applying SQL 2005 Service Pack 2 breaks reporting in DPM, incompatible filter drivers on protected servers might cause replica synchronization to fail, and extending the AD schema to support End- User Recovery in the administrator console fails for Windows Server 2008 domains. However, once these problems are resolved, DPM proves to be a reliable product.
Monitoring and alerting capabilities are comprehensive, and while the built-in reports are limited, custom reports can be created with the help of the included SQL views. An additional bonus for some organizations may be that DPM 2007 SP1 supports integration with offsite backup provider Iron Mountain.
When faced with the prospect of restoring a complex application server, such as Exchange 2007, you want to be sure that your backup software will provide a simple, intuitive and reliable solution, increasing the chances of a quick and successful restore. DPM provides a refreshing change from complicated and error-prone backup solutions, but its biggest disadvantage is lack of support for non-Microsoft products.