This article aims to describe the Restore options available for recovering Exchange backups performed with NMM (Networker Module for Microsoft) 8.2.4. While the procedure is shown with NMM 8.2.4 and Exchange 2010, it would also be applicable with other versions of NMM 8.x, like 8.2.3 and 8.2.2 with minor differences and also would apply to Exchange 2013. Exchange 2007 is not covered here. Exchange 2007 uses Storage groups and has some differences in the restore procedure. If recovery of NMM backups of Exchange 2007 Server is required, follow the NMM User guide for Exchange available at support site https://support.emc.com/products/1136_NetWorker-Module-for-Microsoft/Documentation/.
The goal of this article is to help someone who maybe performing restores with NMM for the first time and also for someone who may have not done the restores for a long time and could use a refresher. While this article covers the different types of restores, its not exhaustive and is not a replacement for the information in the NMM user guide. It compliments the user guide, by being more descriptive of the process.
Types of Restores
There are 3 types of restores. They are covered in the order of their popularity, i.e the most common type of restore is covered first:
Granular Level Restore (GLR).
GLR allows restoring mailbox or mailbox items without having to restore the entire database from backup media. It uses ‘Networker Virtual File system (NwFS)’ to mount the backups on a Data Domain Device or Advance File Type Device.
Following is the advantage of performing GLR:
- Restore of the entire database to Exchange server is not required. This means if you have 1 TB Exchange database to restore, you do not need to allocate 1 TB+ of disk space on the Exchange server to perform the restore. GLR virtually mounts the backup on to the Exchange server, creating a recovery database within Exchange in the process. Once this GLR database is created, one can proceed with the browse and restore of mailbox/mailbox items.
Disadvantages of performing GLR:
- GLR can be slow for restore of large mailboxes that contains 10’s of thousands of mail items. If GLR is get extremely slow for large mailbox restores then restoring the database to the exchange server and then performing mailbox restore may be beneficial from a performance point of view.
- GLR can only be performed from a level FULL backup. GLR from incremental backups is not supported.
- GLR can only be performed from backups done to disk type media, i.e from AFTD (Advanced File Type Device) and from Data domain devices. If backups to tape exists, then GLR from tapes cannot be done. Tape backups can be cloned to a disk media (AFTD or Data Domain) and GLR can then be performed from the disk media.
Prerequisites for GLR
Before GLR can be done, there are certain prerequisites that need to be met
1. Backups are done to either AFTD device or Data domain device.
2. Backups to be restored from must be at level FULL.
3. During NMM install, the GLR feature should be chosen to be installed. Note all Full level backups are GLR enabled, even if GLR was not chosen ding install. Even backups to Tapes are GLR enabled. If GLR was not enabled during backup, GLR is still possible. The GLR feature can be added before performing the restore, to allow for GLR.
Below are the Pre-requisites that are common for both ‘GLR’ and ‘Restore from RDB’ options from NMM GUI:
4. The service account used with NMM, should have the following permissions set:
- The ‘send-as’ and ‘receive-as’ rights need to be set to the Exchange server where the restore is being performed. Following is an example of how to set this permission. Execute this from a elevated Exchange powershell and replace environment specific information:
get-ExchangeServer Apphost2 | Add-AdPermission -user administrator@spring -extendedrights Receive-As, Send-As, ms-Exch-Store-Admin
b. The service account should have a mailbox on a database that’s mounted and it should be initialized with mail. I.e this mailbox should have either sent or received some mail.
5. The MAPI/CDO software needs to be installed. In the NMM user guide for Exchange the following versions are documented for Exchange 2010 and Exchange 2013.
- For Exchange 2010, MAPI/CDO 1.2.1 version 6.5.8244.0 or earlier. Note here that build 8244 or higher does work and you can safely use it. But if you are troubleshooting a GLR browse issue, you can choose to use adhere to this requirement.
b. For Exchange 2013 MAPI/CDO 1.2.1 version 6.5.8320.0 or later.
6. The service account needs to be a member of the following domain groups.
- Domain users
- Exchange Organization Management.
By default Exchange Organization Management group is a member of the local ‘administrators’ group on the Exchange server. If this not the case, then make sure it is.
If there is a requirement to get more granular with rights for the service account, i.e give it no more rights that needed, then create a Exchange role group and assign it the following roles:
Database Copies
Databases
Disaster Recovery
Mailbox Import Export
Mail Recipient Creation
Mail Recipients
View-Only Configuration
View-Only Recipients
Make the service account a member of the role group created above and also ensure this account is a member of the local administrators group on each Exchange server in the cluster.
***Note: if you choose not to get granular with regards to role assignments, in addition to the user being a member of Organization Management group, you would need to assign the ‘Mailbox Import Export’ role to the user performing the restore, when doing restore to ‘PST’.
How do to check if a save set is GLR enabled?:
mminfo -S -s vmmsrv -q ssid=1324416600
ssid=1324416600 savetime=5/7/2018 9:34:02 PM (1525743242) dag-2010.spring.local:APPLICATIONS:Microsoft Exchange 2010carydb3
level=full sflags=vF size=172065988 files=37 insert=5/7/2018
create=5/7/2018 complete=5/7/2018 browse=6/7/2018 11:59:59 PM retent=6/7/2018 11:59:59 PM
clientid=41c107ea-00000004-5add6330-5add6342-00025000-6064a456
*ACTUAL_HOST: apphost2;
*ACTUAL_PATH:
“C:\Program Files\EMC NetWorker\nsr\tmp\7140-1525743109-0”;
*appid: 1;
*backup start time: 1525743242;
*coverid: 1341193800;
*De-duplication: No;
*EXCHANGE_DATABASE_NAME: carydb3;
*GLR_HINT: “E:\Exchangedb\carydb3\”;
*GLR_OFFSET_MAP: Yes; ===> The GLR attributes are seen for GLR enabled save set
*GLR_OFFSET_MAP_FILENAME:
“C:\Program Files\EMC NetWorker\nsr\tmp\1324416600_om.bin”;
*policy action jobid: 128671;
*policy action name: “exchange2010-action: 1525743244”;
*policy name: “Exchange2010: 1525743244”;
*policy workflow name: “Exchange2010-wkfl: 1525743244”;
*snap_sessionid: 1525742832;
*ss data domain backup cloneid: 1525743244;
*ss data domain dedup statistics: “v1:1525743244:172465188:2157958:2157958”;
group: Exchange2010-grp;
Clone #1: cloneid=1525743244 time=5/7/2018 9:34:04 PM retent=6/7/2018 flags=F
frag@ 0 volid=1508963247 file/rec= 0/0 rn=0 last=5/7/2018
Now that we have covered the prerquisites for GLR, let’s review the procedure to perform GLR.
- Launch Networker User for Microsoft user GUI as ‘administrator’
- Select the client to restore from. In a DAG setup, this would be the DAG name. In the standalone setup, this would be the hostname of the Exchange server
3. Select GLR (Granular Level Recovery) option:
4. Select the desired database and browse time for restore:
5. Choose ‘Recover Options’. If you are troubleshooting a GLR restore issue and need to increase debug setting, you can set the debug setting here. This step is optional:
6. Select ‘Start Recover’
7. Click on ‘Monitor’ to follow the progress of the restore:
Notice it creates a RDB database. The name of the database starts with ‘GLR’ and the date and time of restore is appended to this to form the database name
8. When the restore is complete it, you will receive a pop up windows. Be careful, this window may be behind the main NMM window, so look out for this:
9. Once you click ‘ok’ to the above, the GUI will switch to the ‘recover’ section. Be patient over here as it may take some time for the GUI to refresh and show new information:
10. If after some time the GUI does not refresh, you can press ‘F5’ to manually refresh and then you can navigate to the mailboxes by click on the ‘+’ to expand the GLR db and then the mailboxes:
11. Select the desired mailbox or mailbox folders or individual items and the click ‘Recover’ to start recover of mailbox items. By default the recover will place the recovered items back into the original mailbox. In this case it’s the mailbox of ‘roger’
12. Look to the ‘Monitor’ pane to check for progress and completion:
13. Verify the restore by logging into the mailbox of the user. You will see the mail items recovered under a new folder labelled with date and time of restore. Expand to find the recovered items:
This concludes the procedure for GLR Restore.
Restore to RDB:
If GLR is not an option, e.g if the backup data resides on tape or if GLR is not fast enough, then restoring the database to RDB is the next option. Following are the advantages of restoring to RDB:
- Once the restore is completed, recovering mailbox items from RDB is faster than restoring from GLR.
- Restore can be done from Full and incremental backups. GLRs can be done only from FULL level backup.
Disadvantage of restore to RDB:
- Requires free disk space to restore the full database. If you are restoring a 1 TB database, you need 1 TB+ free disk space. Restore cannot be done to a Network share. It needs to be done to a local disk.
2. May take a long time to do the restore as its restoring Full database.
Procedure for RDB restore.
- Launch the ‘Networker Module for Microsoft’ GUI as ‘administrator’
- Select ‘Database Recover’. Note, the selection of ‘RDB Data Recover’ implies recover mailbox data from RDB. This can only done after recover to RDB has been complete. So the first step to recover from RDB is to recover the database to RDB and this is done through ‘Database recover’
3. Select the desired database from the desired browse time. Change browse time if needed. Then choose ‘Advance Recover’. From ‘Advanced Recovery’ window, select ‘Recovery Database (RDB) Recovery’
4. If you are troubleshooting a restore failure and what to run the restore in Debug, select ‘Recover Options’ and then choose the debug level. We will perform this restore in normal level.
5. In ‘Manage RDB’ window, select ‘Create’. Note if you have a previously created RDB, either select that RDB for ‘RDB overwrite’ or delete the previous RDB and ‘Create’ a new one. Deletion and creation of RDB can all be done from ‘Manage RDB’. Having more than one RDB will cause browsing issues.
6. Specify a name for RDB and specify file paths for EDB and logs:
7. Click ‘Create’
8. Select the RDB and click ‘Next’
9. Review the selections and click ‘Next’
10. Click ‘Recover Options..’ and select Debug level, if you want to run the restore in debug mode for troubleshooting. Click ‘Next’ to proceed with restore
11. Switch to the ‘Monitor’ view to monitor the progress of the restore. Once the restore has completed successfully, you will see this pop up window tilted ‘Recovered RDB Mailbox Items’. Look out for this window. Sometimes, this may get hidden behind the main NMM GUI. Click ‘ok’ to continue
12. Once you click ‘ok’ above, then click ‘recover’ -> Exchange 2010 Recover Session -> ‘RDB Data Recover’. This will allow you to browse the contents of the RDB database.
13. Depending on the size of the DB, it may take some time for the RDB DB to show. Expand to see the listing of mailboxes.
14. The process of recovering mail items from RDB from this point on is identical to the restore of mail items from GLR.
The third type of restore is not a very common type of restore: Recovering a database and overwriting it. Disaster Recovery Situation
If there is a need to perform Disaster Recovery of the Exchange databases, due to data corruption or some other DR situation, then use the procedure below: (Note this is a destructive process as it will overwrite the existing database. So be sure this is what you want to do)
For Standalone Exchange servers:
1. Start the ‘Networker Module for Microsoft’ GUI as ‘administrator’
2. Choose ‘Database Recovery’
3. Choose the database that need to be restored and the required browse time. Then click ‘Recover’
4. The above message indicates that the ‘This database can be overwritten by a restore’ property on the database needs to be set. This can be done through Exchange PowerShell as or through Exchange Management Console. Once this is done. Try the restore again.
5. As usual, you get to choose to enable ‘Debug’ logging under ‘Recover options..’
6. Under ‘Exchange’ Tab, you get to pick a few options that are relevant to this type of restore. These options have bee explained below. The default choices are shown below:
‘Include Existing logs (Roll-forward Recovery’. This option is useful if the database and logs were on separate volumes and the volume containing logs is still available, or even if both DB and logs are on the same volume and only the ‘edb’ file is corrupt and the logs are good, then you can do the restore of the backup and then perform a roll forward recovery using the logs on the disk. This will bring the database to the most recent state with minimum or no data loss.
‘Include only logs from this restore (Point-in-time recovery)’. Select this option when point in time restore is required, i.e the database will be recovered to the time of the last backup.
‘Put database online after restore’. By default the restore process will replay the logs and put the database online after restore. If this is not required, then click on this option again to deselect it and select ‘Do not replay the transaction logs’. If ‘Do not replay the transaction logs’ is selected then the logs are restored, but they will need to be manually replayed using ‘eseutil’
‘Deleted Database Target’, This is used if a flat file restore of database is required. This option bypasses VSS method of restore and simply restores the ‘edb’ and ‘logs’ as files to the target directory. Further processing is required to mount the database.g. Once the desired options are selected, click ‘Start Recover’ to start the restore. Progress of the restore can be monitored under the ‘monitor’ tab
For Database Restore of a database that’s replicated in a DAG configuration, you first have to suspend the replication, otherwise the following error is seen in the Monitor tab:
NMM … Using client name APPHOST1, the version of the Exchange server is Exchange 2010.
96585:nsrsnap_vss_recover:NMM .. Initialization success — Exchange shell successfully initialized. Required for Exchange 2010 or Exchange 2013.
NMM .. MailboxStore [carydb3] is in replicated state, please suspend the replication on all DAG nodes and perform restore after that.
Once the replication is suspended, then the rest of the procedure to restore the database is same as in the standalone Exchange server. Also note, the restore cannot be done on the server hosting the passive copy. It has to be done on the server hosting the active copy of the database. Once the restore is successful, you will see this message below:
Recovering Public Folder Database
Public folder Databases are implemented differently in Exchange 2010 vs Exchange 2013. In Exchange 2010, public folders databases are just like mailbox database’s but are identified separately as Public Folder database. They are not replicated through the DAG mechanism, but can use ‘Public Folder Replication’ for high availability. Public folder database cannot be recovered to an RDB
In Exchange 2013 and Exchange 2016 public folders are supported through public folder mailbox. This mailbox is stored in a regular mailbox database that allows support for high availability through DAG. This means Public folder database can be restored to RDB.
In Exchange 2010, NMM considers public folder databases as ‘Standalone Databases’ and backs them up as part of the DAG, if configured to include Standalone Database. The backups are indexed to the ‘DAG’ client index.
In Exchange 2016, since public folders are part of regular mailbox database (you could have a database dedicated to public folders), the backups for this follows the same workflow as regular mailbox database.
To restore Public Folder database for Exchange 2010, the method for restore would be same as restoring a mailbox database (Overwrite existing database). However they cannot be recovered to RDB and GLR cannot be done on them. The only choice is to overwrite the database. Note public folder databases belong to a specific Exchange server and restore can only done back to that server. So if a public folder resides on Server-A, it cannot be restored to Server-B, it has to be restored to Server-A. When you bring up the NMM GUI, if you see a ‘X’ on the database name as below:
This means that the Public folder database ‘Public_Folder01’ is not owned by the Exchange server on which the NMM GUI is opened and was not backed up from this server and is not available for recovery. If the database is browsed from the server that owns it, it would show as below:
What if you want to restore a Public Folder Database, but do not want to overwrite the existing database?. Flat file restore comes to the rescue. I will not be covering Flat File restore in this post.
Recovering a mailbox/mailbox items to PST file
1. NMM supports the restore of a mailbox /mailbox items to a PST file. The most important thing to remember here is that an additional ‘role’ is required for the NMM service account to allow for this restore. And this role is ‘Mailbox Import Export’ Role. By default this role is not assigned to the role group ‘Exchange Organization Management’.
Below command will list the roles assigned to the custom role group ‘nmm-backup-group’. Note the role ‘Mailbox Import Export’ is assigned to this role group. If this role and the others mentioned below are assigned to the service account of NMM, then you are all set to do restore to PST. If not assign this role manually:
Get-ManagementRoleAssignment -roleassignee nmm-backup-group | select name,role
Name Role
—- —-
Database Copies-NMM-Backup-Group Database Copies
Databases-NMM-Backup-Group Databases
Disaster Recovery-NMM-Backup-Group Disaster Recovery
Mail Recipient Creation-NMM-Backup-Group Mail Recipient Creation
Mail Recipients-NMM-Backup-Group Mail Recipients
Mailbox Import Export-NMM-Backup-Group Mailbox Import Export
View-Only Configuration-NMM-Backup-Group View-Only Configuration
View-Only Recipients-NMM-Backup-Group View-Only Recipients
2. Another prerequisite for restore to PST is a UNC path for the target location. The restore cannot be done to a local path. Create a UNC path. This share can be local or on a different server. Below is a share that’s been created on C:pst-restore. This share has read/write permission for ‘Everyone’
[PS] C:Windowssystem32>net share
Share name Resource Remark
——————————————————————————-
ADMIN$ C:Windows Remote Admin
C$ C: Default share
E$ E: Default share
IPC$ Remote IPC
Address E:Program FilesMicrosoftExchange ServerV14Mailboxaddress
“Access to address objects”
PST-Restore C:PST-Restore
The command completed successfully.
3. Perform GLR as explained before or Restore to RDB and then restore from RDB. Select the required mailbox or mail items, then under ‘Recover Options..’ , ‘Exchange’ Tab, specify path to PST Target. Notice the UNC path “\apphost1pst-restorerogerpstroger.pst”
4. Review the selection and then click ‘Start Recover’
5. Check the ‘Monitor’ tab to review the status of the restore.
6. When the restore is complete, the PST file can be found under the UNC path:
