All those System Administrators running their Exchange Server 2007 on a Windows 2003 (64-bit) server have the previlage to get access to the traditional NTBackup utility to backup their exchange stores. But those who are running their Exchange Server 2007 on Windows 2008 (64-bit) must have faced the dilema of which tool to use to backup their mail stores. This is because Windows Server Backup in Windows Server 2008 no longer supports Exchange-aware backups or restores. In order to back up and restore Exchange Server 2007 Service Pack 1 (SP1) on Windows Server 2008, you must use an Exchange-aware application that supports the Volume Shadow Copy Service (VSS) writer for Exchange 2007, such as Microsoft System Center Data Protection Manager, a third-party Exchange-aware VSS-based application, or a third-party Exchange-aware application that uses the streaming backup APIs locally on the Exchange server to make a backup locally on the Exchange server.

What does all this mean? Nothing but shelling out extra $$$ to invest in a backup solution unless you are interested in a very simple backup solution to assure that the logs get truncated and you have backup copies which you can restore. Here is a basic hack which can help one save a couple of $$$.

Step #1

Get access to a Windows 2003 R2 Server which is running a 64-bit OS. Assuming that you are not running your production Exchange Server 2007 in 32-bit environment, we require the 64-bit version library files. If you do not have a one handy, you can get the source files and then expand the DLL’s or install one in a virtual environment.

Step #2

Copy the ntbackup.exe, ntmsapi.dll, and vssapi.dll files from C:\windows\system32 into a new folder on your Exchange Server 2007 running on Windows 2008. I created a folder called NTBackup under Program Files and placed them there.

NT Backup Exchange 2007

Step # 3

Right click Ntbackup.exe and choose “Run as administrator”.

Your should see the Exchange Server Information Store as part of your backup wizard.

Select the Information Stores that you want to backup. Choose the Backup media or filename and the path where you want to store your backups. Once you have finished the configuration, click on Start Backup and the exchange store backups should start.

Once the backup is complete, you should see all the transaction logs getting truncated (hope circular logging is not enabled) and also the mail store would be stamped with the Last Full Backup date and time stamp.

One thing to note though: you cannot back up a storage group in a Standby Continuous Replication (SCR) environment. Backups of storage group copies are available for Local Continuous Replication (LCR) or Cluster Continuous Replication only.

Here is a quick check list for System Engineers and Data Base Administrators to lock down MS SQL Server and secure the database server:

Communication: If possible and if budget permits, do not expose the SQL Server directly to the Internet. Allow the communication from a web server to the SQL database server over an internal IP address.

Strong Passwords: Ensure that the server uses a strong password for the “sa” account. Use a combination of letters, numbers and symbols. This make it difficult for Brute Force hacks to guess the password.

Authentication: Keep this to Windows Authentication if possible and avoid setting SQL to run under Mixed Mode. Windows Authentication will require SQL server to check the Active Directory and moreover the logins will not be stored in the SQL server.

Service Packs and Updates: Make sure that the SQL Server is always patched with the latest Service Pack and Security Updates. This ensures that the latest security vulnerabilities are addressed and blocked.

Service Accounts: Run both MSSQLSERVER and SQLSERVERAGENT under the Domain User permissions. Do not run them under any Administrator account. This ensures very less damage in case the user account or the server is compromised.

Block Ports: If there is no need to expose the MS SQL Server to the Internet, block port 1433 and 1434 at the firewall. This means that the SQL Server will not be accessible from the Internet, thus making it hard for outside attackers to reach to the server. It also prevents worms and viruses.

Backups: Encrypt and compress the backup files. Put a password on the backups and store them to a safe location. Do not keep them on the server.

 Exchange 2003 Standard and Enterprise offers the feature to monitor the Server status of the Exchange Servers. If some of the monitored services and other Resources (RAM, CPU, Services) are in “Warning State” or “Critical State” we can receive a status e-mail or a customized action provided by a script notification can be run. This article explains in detailed steps how to configure Monitoring and E-Mail notification.

In the first step we have to configure a Server for monitoring and select/configure the resources to monitor. To do so, open the Exchange System Manager Snap-In and select the appropriate Server object in the Servers container.

Right-click the Server object and open the Properties for it.

Once the Properties dialog box is open, select the Monitoring tab as shown above.

There are many resources available for monitoring. We can add the following resources:

• Available Virtual Memory
• CPU Utilization
• Free disk space
• SMTP queue growth
• Windows 2003 Service
• X.400 queue growth

Many other 3rd party monitoring tools like Nagios can do most of the monitoring and so we will only add the two most critical items which are not monitored by Nagios. These are:

• Available Virtual Memory
• SMTP queue growth 

In the first step, we will add the Available Virtual Memory instance. Click on the Add button under Monitoring tab. A dialog box similar to the one shown below will open.

Select the Available Virtual Memory from the list and click on OK.

Configuring virtual memory monitoring is very similar to configuring CPU utilization monitoring. We have skipped the CPU Utilization Monitoring. Set the duration to 5 minutes, the warning threshold to 15% and the critical threshold to 10% for Available Virtual Memory. Once the values are set, click on OK.

Follow the process for adding another instance and select SMTP Queue Growth this time from the list.

If SMTP queues start backing up, it often indicates that there is a major problem. It shows that message transport has failed, the Internet connection has failed, or someone is using the server to send spam. In any event, we need to know that there is a problem.

We must input a warning and a critical state threshold value, but these values are entered in minutes. The idea is that we must tell Exchange how many minutes the queue should be constantly growing for before we generate a warning or a critical state message. We can use any values that we want, but I recommend setting the warning threshold at 10 minutes and the critical state threshold at 15 minutes.

Close the dialog boxes and the Properties once done. The next step is to configure an E-Mail notification for the recipients of the “Warning” and “Critical” state conditions. To do so, open the Notifications object under Tools.

Click on New and select E-mail Notification.

In this Property dialog box we can specify the monitoring Server and the Servers / Connectors to monitor. We also have to select the State (Critical and warning) for which we configure E-Mail notification.

First we will configure the Warning State notification.

In the “To” field select a recipient for the notifications. 

Change the Email server value to some other server in your organization which runs SMTP. If you do not have any, I suggest setting up a basic MS SMTP service in IIS. This is because when the monitored Server is the same Server as the monitoring Server we can run into trouble. The Server cannot send us an E-Mail notification when it is in an critical state and is unable to send E-Mails.

Next step is to configure E-mail Notifications for Critical State. Follow the same steps that we went through earlier for Warning state notification except for the fact that this time we will select Critical from the drop down.

Once done, close all the property pages and dialog boxes. We are done with the setup.

Now when one or more of the configured resources run into a “Critical” or “Warning” state we receive a E-Mail from an account “WMI@SERVERNAME” with a error message with the server name in the subject line and the condition of the resource / service in the E-Mail body.

Technorati Profile

Many WordPress uses prefer to host their web sites on a Linux server so that they can get rid of the index.php that get’s in to the URL by using mod_rewrite module on Linux. This is not supported on Windows Server’s IIS.

The main idea is to make the URL more simple and SEO friendly. Normally, when you setup PermaLinks in IIS, we get something like this:

http://www.yourwordpresssite.com/index.php/2009/08/02/your-blog-post/

This means that each link to the post carries index.php in the URL which is not good. Outlined below are steps that can help to achieve the same results for a WordPress site on a Windows Server running IIS.

STEP: 1

Get the URL rewriting component on the Windows Server hosting your WordPress site. If you are not in control of the server or are not the server administrator, you can request the setup of the component from them. Click here to download the component from the vendor’s site. The component is absolutely free and distributed under GNU General Public License.

STEP: 2

Once the component is downloaded, copy the wp-url-rewriting.dll file to the Windows Server’s SYSTEM32 directory. Register the component so that it is available to IIS by using the REGSVR32 WP-URL-REWRITING.DLL command from the command prompt.

Note: You may get an error that the DLL entry point was not found, but let that not bother you.

STEP: 3

Once the DLL is registered, login to your WordPress admin area and navigate to PermaLinks and change the common setting to use Custom Structure. Add /%category%/%postname%/ as the choice and Save Changes.

That’s it! We are done. WordPress should now show the URL’s without the index.php in it.

I invite everyone to share their experience or any other methods that they might have used.