Monthly Archives: November 2015

Backup Workloads to Windows Azure Backup Server

Microsoft  has come up with a new component in Azure called Microsoft Azure backup Server which can backup  not only the data but also the work loads of different Applications like SQL, Exchange, Sharepoint etc

This new component Microsoft Azure backup server inherits the functionality of System Center Data protection Manager for workload backup but it neither provide protection on tape nor can integrate with System Center

Prerequisites for Installing Microsoft Azure Backup Server:

  1. The server in which Microsoft Azure backup server is to be installed should be joined to domain
  2. The server should be connected to internet
  3. The server should meet the requirements of .Net 3.5, .Net 4.0, and Windows Management Framework 4.0. (Windows Management Framework can be downloaded here)

Steps for preparing Microsoft Azure backup Server

  1. Create a backup Vault in Azure Portal
  2. Download the Vault Credentials
  3. Use Vault Credentials to authenticate with Azure Backup Service
  4. Download Microsoft Azure Backup Server
  5. Install Azure Backup Server

Methods to backup :

Disks ( D2D) Disk to Disk

Azure ( D2D2C) Disk to Disk to Cloud

Deployment Scenarios : We can deploy Azure backup Server in 

  1. An Azure Virtual Machine
  2. A Windows Virtual Machine in VMWare
  3. A Hyper-V Virtual Machine
  4. A Physical Stand Alone server.

Exceptions: 

  1. Microsoft Azure Backup server cannot be installed on a machine which has the SCDPM or SCDPM RA agent installed.
  2. Microsoft Azure Backup server cannot be installed on a machine that has Microsoft Azure Backup agent installed and registered with an Azure Backup vault.

Creating a Backup Vault  in Azure Portal :

Sign in to Azure Management Portal ( http://Manage.windowsazure.com)

1

Navigate to New > Data Services > Recovery Services > Backup Vault and choose Quick Create

1

What is the vault credential file?

The on-premises server (Windows client or Windows Server or Data Protection Manager server) needs to be authenticated with a backup vault before it can back up data to Azure. The authentication is achieved using “vault credentials”.

The vault credential is used only during the registration workflow. It is the user’s responsibility to ensure that the vault credentials file is not compromised. If it falls in the hands of any rogue-user, the vault credentials file can be used to register other machines against the same vault. However, as the backup data is encrypted using a passphrase which belongs to the customer, existing backup data cannot be compromised. To mitigate this concern, vault credentials are set to expire in 48hrs. You can download the vault credentials of a backup vault any number of times – but only the latest vault credential file is applicable during the registration workflow.

Download Vault Credentials 

  1. Sign in to Azure Management Portal
  2. Click on Recovery Services , select the backup vault created and select the cloud icon2
  3. Save the Vault Credentials in a location which is accessible by Azure Backup Server

Download Azure Backup Server:

3

4

Install the Azure Backup Server as per your infrastructure requirements

Advertisements

Installing a new Active Directory Forest in Azure Virtual Network

Step by Step Procedure to install a new Active Directory Forest in Microsoft Azure Portal

Technical Description:

We are all aware of implementing an Active Directory Infrastructure in On-Premise environment, and we know how to join them to the domain.

We can achieve this scenario in Microsoft Azure by following some additional steps which are different from On-premise implementation

How does this differ from On-Premise:

  1. Create a Virtual Network in Azure
  2. Create A VM in Azure Portal
  3. Set a static IP address by power shell command (Get-AzureVM -ServiceName AzureDC1 -Name AzureDC1 | Set-AzureStaticVNetIP -IPAddress <> | Update-AzureVM)
  4. Attach a Virtual Disk to newly Created VM
  5. Install Windows Server Active Directory ( This step is same as on-prem)
  6. Set DNS address on the Virtual Network properties
  7. Reset DNS server for Azure Virtual Network
  8. Create a VM and join to the domain

Considerations :

Azure network is not connected to On premise Network. For connecting Azure Network to On premise, we have to set up a Site-Site VPN in Azure portal.

  1. Creating Virtual Network in Azure Portal 

Sign in to Azure portal

1

Navigate to New-> Network services-> Virtual network-> Custom Create

2

Virtual Network Details : Enter a name for your Virtual network

Region : Choose a region which is closest

DNS and VPN : Leave DNS server blank and dont select VPN option either

Virtual Network Address Spaces :

Subnet name : Enter a name for your Subnet

Starting IP : 10.0.0.1

CIDR:/24 (256)

2. Create a VM in Azure Portal :

We have to create 2 VM’s. One VM is for AD and other VM is to join to the domain.

Navigate to New->Compute-Virtual Machine->From Gallery

4

Choose windows server 2012 Data Center image

5

Create a cloud Service and Select the virtual network which was created earlier

Map it to storage account and select the availability set if created earlier. Or else create them

6

Reserve a static IP address for VM that will run the DC role. To reserve a static IP address, download the Microsoft Web Platform Installer and install Azure PowerShell and run the Set-AzureStaticVNetIP cmdlet. For example:

‘Get-AzureVM -ServiceName AzureDC1 -Name AzureDC1 | Set-AzureStaticVNetIP -IPAddress 10.0.0.4 | Update-AzureVM

4. Attach a Virtual Disk to the Newly Created VM 

7

8

5. Install Windows Server Active Directory

This is same as we do in On-prem.  Add Active Directory Domain Services from the roles and proceed for the next steps. Be sure that the Sysvol location should be changed from default C drive to the other drive which we added before

6. Set DNS address on the Virtual Network properties 9

7.Reset DNS server for Azure Virtual Network

Reset the DNS forwarder setting on the new DC/DNS server.

  1. In Server Manager, click Tools > DNS.
  2. In DNS Manager, right-click the name of the DNS server and click Properties.
  3. On the Forwarders tab, click the IP address of the forwarder and click Edit. Select the IP address and click Delete.
  4. Click OK to close the editor and Ok again to close the DNS server properties.
  5. Restart the DC and join with Domain Credentials

8. Create a New VM and join to the domain.

Create a new VM from the gallery and select the Cloud service and Virtual Network which were created.

Go to the server manager and change the VM from workgroup to the domain. Enter the domain credentials to join the VM to the domain