Veeam Explorer for AD – the search filter is invalid

These blog posts serve more as a reminder to myself than anything else, especially if I can’t find any other information regarding the problem encountered. So as is tradition, my next post is again about documenting an error I’ve witnessed that was simple and easy to resolve but easily forgotten (at least for me it is).

So my job involves a fair bit of demonstrating what features and capabilities Veeam has along with knowledge transfers. I especially love showing off the Veeam Explorer’s, they certainly making restoring application items a breeze for the most part. I find one of the easiest and quickest ways to demonstrate what the Veeam Explorer’s are all about is to demonstrate a quick restore using Veeam Explorer for Microsoft Active Directory.

With full permission granted, I like to make a small adjustment to the ‘description’ field for an inactive user that lives on the domain, making a small typo for example. After making the change, loading up Veeam Explorer for AD, letting Veeam filter out the unchanged data between production and the restore point, finding the change I introduce and attempting to restore the original ‘description’ value back. Usually, this goes without a hitch but this time Veeam came up with the below error.

Continue reading

VeeamON 2017

Hey Guys,

What a whirlwind the last couple of days have been, between the long haul flights to get to NOLA, jet lag, attending sessions, networking and catching up with old acquaintances it really all starts to blur together. All I can say is, Veeam knows how to put on a good show and they have certainly repeated their success from last VeeamON.

The sessions included a broad range of topics and for the ones I did make it to were always packed and full of great content. In regards to new features and announcements, there were several stand-outs for me

– Integration with object-based storage (S3,Glazier,Blob + More)
– Veeam Continuous Data Protection (Zerto should be worried)
– Veeam Backup for Office 365 v2 to support SharePoint Online and OneDrive for Business

Instead of writing about all the newly announced features including the above, I thought it would be better to simply link to all the other wonderful posts done by fellow Vanguards.

Continue reading

Veeam Explorer for Sharepoint is unable to find content database

Ran into this Veeam error today when demonstrating Veeams Explorer for SharePoint to a customer.

The customer was using a supported version of SharePoint and Veeam was configured to use a licensed version SQL 2014. After checking over the backup job settings and ensuring no errors or warnings were being thrown I hit the Veeam forums. Fortunately, someone else had seen the same problem which you can find here.

“The Application-aware logic uses NetBIOS names to locate corresponding SQL servers during backup and in some cases (where SQL server for the site collection is specified using IP address or SQL Server alias, for example), Veeam B&R still does not have the required information, even provided that application-aware backup was successful. If this is your case (I believe support will be able to verify that), you can configure SQL server mapping manually via the registry, as far as I know, there’s an ability to do that.”

Continue reading

Collected SQL Server transaction logs do not match any existing database backup: [DB Name]

Experienced this error ‘Collected SQL Server transaction logs do not match any existing database backup: [DB Name]’ recently for a customer, 

Luckily there is a Veeam KB article on for this error which can be found here.
Unfortunately, the solution provided ‘ Start the Backup Job (right click the job > Start).’ didn’t fix the problem. Well to be precise, it worked for about 24 hours and then the error returned.

Continue reading

Missing vSphere tags from Veeam Console UI

So working on a Veeam project recently and noticed I couldn’t add vSphere tags to any jobs. Now I won’t go into the benefits of using vSphere tags in this post, I’ll leave that up to this excellent write-up by Luca Dell’Oca which can be found here.

missing vSphere tags

So checking the usual culprits and researching online I found someone with a similar issue on the Veeam forums here but I still couldn’t resolve the issue. I checked vCenters FQDN IP address which was set correctly and that I could indeed query vSphere tags from vCenter using PowerCLI without any problems. I bounced the Veeam B&R server, checked event logs and eventually ran out of ideas to try.

Continue reading

Implementing the 3-2-1 backup rule with Veeam & Azure

One of the tried and tested rules that can effectively address any failure scenario is called the 3-2-1 backup rule. This backup rule is becoming more and more important as organisations continue to virtualise their mission critical data, making the protection of that data becomes more vital than ever.

The 3-2-1 rule became a popular concept thanks to Peter Krogh, a well-known photographer who wrote that there are two groups of people: those who have already had a storage failure and those who will have one in the future.

In other words, the 3-2-1 backup rule means you should have 3 copies of your production data, on 2 different types of media and 1 offsite.

The purpose of this post is focused on getting your backup data offsite, and how we can leverage Microsoft Azure and Veeam together to help meet the 3-2-1 backup rule.

 

How can I get my data offsite to Azure?

Well, there are currently three main ways to get your data offsite and into Azure Cloud.

Figure 1: Veeam to Azure

Option 1

The first method is to utilise an on-premises storage appliance called a StorSimple. The StorSimple can be deployed either as a physical appliance or as a virtual software appliance which caters for the majority of organisations requirements. By utilising the StorSimple capability to automatically archive Veeam backup data out to blob based Azure storage, we can achieve offsite backups. The StorSimple is a great bolt-on solution for existing Veeam deployments with relatively quick deployments and easier to use interfaces.

The flexible architecture of StorSimple is ideal for customers who want to externalise more than just their backups and is ideal for large volumes with usage of Azure native storage.

Limitations that should be considered are the extra appliance that needs to be deployed and maintained. Also, consider that while there is a virtual software appliance available there is a cost for any physical appliances that are acquired. A faster internet connection is recommended to meet any established recovery point objectives (RPO).

Figure 2: Veeam to StorSimple to Azure

If Veeam requires access to the archived data within Azure, the StorSimple will automatically pull the data back. A fast internet connection is recommended to ensure your offsite backup requirements can be met. No additional Veeam licenses are required for this option.

Option 2

Option two is to externalise with a dedicated link to an Azure site as Site to Site Link (Azure ExpressRoute), SSL Direct Link to Azure or using a private network (vNet) in Azure.

Offsite storage is made available by configuring a link between the on-premises Veeam server and the Azure storage which is used to store the offsite Veeam backup data. Optionally a virtual machine can be created in Azure to provide WAN Acceleration to improve performance.

The benefits of this method is available to all organisations, no appliance needs to be deployed taking up valuable rack space or consuming resources living on your hyper-visor hosts as a virtual appliance. This option also does not require any additional Veeam licenses.

Figure 3: Direct to Azure

Things to consider are the link that is necessary which may impact on performance and possibly workload that may share the link. Costs associated with the Azure ExpressRoute need to be considered as well. This option is not recommended for multi-location infrastructures as it can be complex.

Option 3

The third option is to send backups offsite to Azure using Veeam Cloud Connect.

Veeam Cloud Connect is a technology that enables sending backup data to an offsite location managed by a Service Provider or the organisation themselves.

Figure 4: Veeam Cloud Connect for the Enterprise

There are two flavours of Veeam Cloud Connect:

a. Veeam Cloud Connect for the Enterprise

Veeam Cloud Connect for Enterprise allows enterprise organisations to operate their own Hybrid Cloud by acting as their own service provider, they configure the necessary infrastructure in Azure to receive and manage the off-site backup data.

There are several considerations for this option as it is geared towards enterprise customers. Veeam Cloud Connect for the Enterprise requires the organisation to own the Enterprise Plus edition of Veeam – also if the customer is not in an Enterprise Agreement (EA) with Microsoft, then there is a 100 socket minimum of Veeam Enterprise licenses. If the organisation owns an EA with Microsoft, then there is no socket minimum. In either case the customer must match licenses 1 to 1.

For example, if ACME company has an EA with Microsoft and owns 86 sockets of Veeam Enterprise Plus, they would purchase 86 sockets of Veeam Cloud Connect Enterprise. Without the EA they would be required to purchase 100 sockets.

b. Veeam Cloud Connect

A service provider will host the offsite backup storage in Azure which is presented to organisations with on-premises Veeam. The service provider’s backup data can be encrypted at the source (before it leaves your network perimeter), in flight and at rest. This method is the easiest way to externalise to Azure, its ideal for multi-site configurations and you keep the same interface and console.

Figure 5: Veeam Cloud Connect

Veeam Cloud Connect is included within the Veeam Availability Suite, Veeam Backup & Replication and Veeam Backup Essentials for all organisations at no additional charge and with no additional licensing required. However, organisations will need to acquire a subscription to the appropriate storage resources from a service provider of your choice in order to use it.

 

VeeamOn Giveaway! Win a fully paid trip to New Orleans (EMEA Region Only)

Win a fully paid trip to VeeamOn 2017 in New Orleans.

Do you live in the EMEA region and want to come to VeeamON in New Orleans? Do you want to hear about all the new Veeam features and talk directly to vendors and partners? Perhaps you’re interested in having a go at LabWarz to test your skills amongst the best? If you haven’t secured your ticket yet here is one opportunity you shouldn’t let pass.

Veeam is allowing me to raffle off a trip for one to VeeamOn 2017.  To enter this raffle simply tell me a story regarding Veeam. Whether it’s that time Veeam uncovered that 6-month-old snapshot, helped you reclaim all those over-provisioned vms, that time Veeam saved your bacon or something just interesting and cool.

So tell me why you should be at VeeamON 2017 because if you are the lucky one who is selected you will receive a fully paid trip to VeeamOn 2017. Yes, that even includes flights, hotel stay and conference attendance!

If you are based in EMEA and wish to enter this raffle, simply comment your story below.

Don’t forget to include your full name. The deadline for the raffle draw is April 7th (CET).

 

**UPDATE**

Thank you to everyone that entered the raffle, the lucky recipient has been drawn and notified.

 

Common Veeam B&R Mistakes

Just a small write up regarding the some of the most common Veeam B&R mistakes that I’ve seen lately.

1.Backing up the Veeam B&R Server
It may come as a bit of shock but you shouldn’t actually back up the Veeam B&R server using a backup job in Veeam. In most cases, Veeam won’t be bothered by this but on occasion, Veeam can experience the following symptoms.

  • Disconnection from the configuration database.
  • Disconnection from remote Veeam Backup & Replication agents.
  • Disconnection from network storages (for example, storages presented via iSCSI) and so on

This is caused by the freezing caused during snapshot creation and committing so instead, you should rely on Veeams built in ‘Configuration Backup’ function.

2.Veeam Configuration Backup not setup properly
This is by far the most common mistake but the easiest to fix. By default the Veeam B&R server will backup it’s configuration up at 10:00 AM every day to the default backup repository. Often I see this is left in its default state and the backup files are neither copied offsite or encrypted. Getting this configuration backup files offsite is simple and easy so in my mind, there is no reason not to do this.

  • If you have an offsite site you can configure a file copy job
  • If you are using tapes you can use the file to tape job
  • Alternatively, I’ve seen customers use dropbox or google drive to get the configuration backup files offsite.

Why do we care about getting the configuration file offsite? Well, partly because you should always use the configuration backup functionality to back up and restore the configuration of the Veeam B&R server. Secondly, its a lot faster to restore using the configuration backup compared to manually reconfiguring Veeam from scratch.

Enabling encryption for the backup configuration is also critical. If you don’t enable encryption for the Veeam configuration backup this means all those credentials used for the application aware processing will be lost in the event of restoring the configuration backup to a fresh Veeam B&R server. I’ve only migrated one Veeam B&R instances with no encryption for the configuration backup enabled, I learnt pretty quick to always enable it after spending hours reconfiguring it.

3. 1-Click Failover not setup properly

1-Click failover is an awesome feature that reduces the complexity of managing failovers. It’s basically a failover plan which handles the startup order, the delay between startups and automates the running of scripts in a single operation. You could initiate a failover plan using a mobile phone in bed at 3 o’clock in the morning without ever getting out of bed if you really wanted to.

So utilising 1-click failover plans through Veeam Enterprise Manager (VEM) during a disaster means VEM can’t be down. It’s important to note that we can initiate a failover plan through the Veeam B&R console without VEM and it’s really only a minor issue if VEM is offline but I’ve seen customers first hand specifically plan to use the web portal to start their failover plans. Well, that’s great except if VEM is running from the production site.

In this instance, it was managing/federated with the B&R server at DR which was handling the replication but in the event of a total production site loss, this customer would lose access to VEM and the web portal. Luckily it’s not a big deal since the customer could still access failover plans through the DR B&R server. At best a minor inconvenience which delays failover.

I’ve also seen lately customers with a limited budget having a single vCenter managing both production ESXi hosts and the hosts in DR. If Veeam is configured to replicate through the production vCenter to the managed DR ESXi hosts you are going to have a bad day during failover.In this scenario, you can either run up a second vCenter in DR, configure Veeam to replicate directly to a standalone host which introduces its own headaches (SureReplica) or plan to manually power on the vCenter replica first at DR. If your only vCenter at production is a physical server it might be time to consider virtualising it.

4. No Backup Verification

I usually don’t raise an eyebrow when customers choose not to test their replicas but not verifying your backups never has a valid excuse in my book. What’s the point of backing up if you don’t know that you can recover?

Now backups are the always the first thing that comes to my mind when disaster strikes and while it’s a good thing that Veeam replicas can still function as a kind of backup with their guest os file level restores and more but their recovery points are much more limited. I like to consider backups are all about RPOs and retention while replicas are focused on RTOs, Instant VM Recovery tends to blur the lines a bit, though.

If you don’t have the correct licensing for SureBackup, it doesn’t matter. Run up an Instant VMRecovery and test in an isolated network.

What about just using SureReplica but no SureBackup, well I certainly would feel more comfortable knowing I could at least restore recent copies of data from the replica but anything outside of the replica restore points retention will be an unknown regarding recoverability.

6. MS Dedup Backup Repository setup incorrectly

Microsoft DeDupe can be a great for reducing the size of your backup files in the backup repository. Unfortunately, there are few key settings that need to be set at the time of the volume creation as it’s not possible to apply the settings after the volume is created.

For a better explanation of how DeDupe should be configured, check out this awesome article over at kool-aid

http://www.koolaid.info/windows-server-deduplication-veeam-repositories/

Other worthy contenders would be

  • Not excluding Veeam from the A/V
  • Job Chaining instead of scheduling
  • Not following the 3-2-1 backup rule
  • Not using vSphere Tags
  • Backup Jobs using guest indexing when you aren’t not using 1-click restores.