We have been using Microsoft Data Protection Manager (DPM) 2007 to backup number of other servers.

DPM's ability to restore individual items was very appealing and at the time was one of the only products to offer this.

 

DPM Configuration

Our DPM server is an appliance so didn't require any installation.

To backup a SharePoint farm the DPM agent needs to be deployed to Web Front End (WFE) Server(s) only. I made the mistake of also backing up the SharePoint database using the DPM SQL agent, this caused a consolidation error.

Deploying the DPM Agent

• From the DPM Administrators Console select the Management tab
  
• Select Install... from the right hand column
• Enter the server name(s) of the WFE server(s)
• Enter the administrator credentials
• Select the restart method
• Review the Summary
• Deploy the DPM Agent(s)

 

Creating a Protection Group

• From the DPM Administrators Console select the Protection tab
  
• Select Create Protection Group... from the right hand column
• Select the WFE server(s)
• Select the retention policy required
• Review the Summary
• Create the Protection Group

 

Registering the WSS Writer Service

Once the DPM agent has been installed on the SharePoint WFE and the server(s) have been rebooted, the WSS Writer Service needs to be registered.

• Logon to each SharePoint WFE
• Open a Command Prompt using Administrative Rights
• Type "cd c:\program files\Microsoft Data Protection Manager\DPM\bin\"
• Type "configuresharepoint.exe –EnableSharePointProtection"
• You will be promoted to enter a username for the WSSCmdletsWrapper, Enter the Fully Qualified account name of the SharePoint Administrator followed by its password.
• This will need to be done on each WFE server in the farm

 

Checking DPM SharePoint Agent Configuration

Once the DPM Agent has been fully configured you will see the All Protected SharePoint Data option under each WFE server on the Recovery tab of the Administrator Console

 

 

SharePoint Recovery Server

To enable DPM to restore data it needs a server to rebuild the SharePoint farm before extracting the files to be stored.

A Virtual Machine (VM) is ideal for a SharePoint Recovery Server as it is not required from 99% of the time.

The SharePoint Recovery Server should have the following configuration:

• A single server installation with SQL database and SharePoint WFE on the same server.
• The same Operating System (OS) and Service Pack Level as the Original SharePoint Farm
• SQL Server will need to be at least SQL Standard Edition as SQL Express can only be used if all databases to be backed-up are smaller than 4GB. This took me a while to realise as all Microsoft blogs and documents recommend you use SQL Express.
• SQL Server should be the same version and service pack level as the Original SQL Server.
• Microsoft Office SharePoint Server (MOSS) 2007 should be the same version number as the Original Farm
• The DPM Agent & WSS Writer should be installed and registered on the SharePoint Recovery Server

 

Operating System Installation

• Install OS
• Install OS Service Pack(s)
• Install OS Patch(es)

SQL Server Installation

• Install SQL Server Standard 2005 or SQL Server Standard 2008
• Instance Name : MOSSRecovery
• Install SQL Server Service Pack(s)
• Install SQL Server Patch(es)

SharePoint Installation

• Install Microsoft Office SharePoint Server 2007
• Installation Type : Advanced
• Server Type : Complete
• Install WSS & MOSS Services Pack(s)
• Install WSS & MOSS Patch(es)

SharePoint Configuration

• Using SharePoint 3.0 Central Administration Console
• Select the Application Management Tab
• Select Create or Extend Web Application
• Select Create Web Application
• Create a New IIS Web Site
• Name it : DPMRecoveryWebApplication (it must have this exact name)
• Create a new Application Pool, enter a suitable security account and password for this service to use
• Enter a Database Name as DPMRecoveryWebApplication

DPM Agent Installation (instructions above)

• Deploy DPM Agent using DPM Administrator Console
• Register WSS Writer

Create Temp Folders

• Create a Folder called Recovery on the root of the SharePoint Recovery Server. This will hold the database files during a recovery process. The server must have enough free space for the whole SharePoint database no matter how small the file(s) you are recovering.
• Create a Folder called Recovery on the original SharePoint WFE. This folder will hold temporary files during the recovery process.

 

 

Non Disaster Recovery

To recover files back to the original SharePoint farm, use the DPM Administrator Console to:

• Select the Recovery Tab
• Navigate to the SharePoint WFE
• Drill Down to the files you wish to recover
• Right click select Recover...
• Select Recover to Original Site
• Web Front End Server : <Select the SharePoint Recovery Server>
• SQL Instance : <Select MOSSRecovery>
• Database File Location : C:\Recovery
• Temporary File Location : C:\Recovery
• Apply the security settings of the recovery point version

 

Introduction

If you are going to be offering access to your Sharepoint servers via the Internet the chances are you are going to want to offer a secured connection to protect your data during transfer.

Purchasing and installing offers the following benefits:

·          Enables Encryption of data transferred between clients - servers and visa-versa

·          Ensures the end user that the Issuing Authority has verified the identity of the certificate owner.

 

Pre-Requisites

  Before applying for a certificate ensure you have completed the following prerequisites :

·          Domain name has been purchased

·          Firewall configured to allow port 80 & 433 of the server to the Internet.

·          External DNS A-Record updated

·          For this example MOSS installed successfully on Windows Server 2008

·          Certificate Signing Request (CSR) - (See below for details on obtaining this)

 

Generating Your CSR in IIS7

You will need to generate a small text file from the server you are going to install the certificate on.

To do this

• Logon to the server
• Run IIS7 Manager
• Select the Server in the left panel
• Double click Server Certificates in the middle panel

• Select "Create Certificate Request" in the right panel

 

• Complete the Distinguished Name Properties Form (check your spelling)
  • Common name is your Fully-Qualified Domain Name
• Click Next
• Leave the Cryptographic Services Provider Properties as the defaults unless specified differently by your Certificate Authority.
• Click Next
• Enter a location and filename of where you wish the Certificate request to be saved.

This will create a file text with a load of seemingly random characters as its main content.  You will require the contents of this file during your SSL Certificate Application.

 

Purchase SSL Certificate

You will need to purchase your SSL certificate from a trusted Certificate Authority such as

• Thawte : www.thawte.com
• Verisign : www.verisign.com
• Others : List of Other Providers

Certificates cost about £500 - £1000 per year depending on the level of encryption and options required.

 

Information Required for an SSL Certificate Applications

You will need to supply the following information to your Certificate Authority (CA)during your SSL Certificate Application

• Number of Front End Servers
• Operating System (Windows Server 2008 - IIS7)
• Organisation Name, and Address Details
• Domain Name
• Email Address for Technical Contact
• The contents of your CSR file (created using the steps above)

The CA will need to verify a number of details to ensure your organisation is legitimate this normally includes

• Ensuring your organisation exists and is still in business
• Ensuring you own the rights to the domain name
• Ensuring the named contacts work for the organisation and are aware of the application

Once the CA has successful completed its checks they will normally email the Technical Contact with information on how to download the SSL Certificate.

The SSL Certificate is another text file containing random characters similar to the CSR earlier.

 

 Installing the SSL Certificate in IIS7

• Login to the Server the CSR was generated from
• Open IIS Manager
• Select the web server
• Double Click Server Certificates

• Click on Complete Certificate Request... from the Actions menu

• Locate the text file containing the SSL Certificate downloaded from the CA
• Enter a Friendly Name for the Certificate. 

The Certificate has now been installed on the Web Server, we must now associate the Certificate to a website. 

 

Setting the MOSS sites to use SSL (https) in IIS7

• Select the Website you wish to setup https on within IIS Manager
• Click on Bindings... from the Actions menu

 

• Enter 433 from the port number and select the SSL Certificate

 

Configuring MOSS Central Administrator

Login into the Central Administration site for your Sharepoint installation

Click on the Operations link

Click on the Alternate Access Mapping under Global Configuration

 

 

Enter the external the address you need to type to access Sharepoint from the Internet 

Add this to the Internet Zone.

What is Slipstreaming?

Before you can install Microsoft Office SharePoint Server (MOSS) 2007 onto Microsoft Windows Server 2008 it requires that Service Pack 1 (SP1) is integrated into the original installation package.  This process is called Slipstreaming.  Fortunately this process is pretty simple.

This Slipstreaming process can be followed for Windows Sharepoint Services (WSS) 3.0 and any other Office 2007 Workstation / Server application as long as you download the FULLFILE version of the Service Pack.

 

 

Instructions

• Copy the original installation files from your DVD to a new folder called C:\MOSS
• Download Either
  • x86 - "officeserver2007sp1-kb936984-x86-fullfile-en-us.exe" download from here
  • x64 - "officeserver2007sp1-kb936984-x64-fullfile-en-us.exe" download from here
• Save the downloaded file to the root of c:\
• Open a command prompt
• Type "cd c:\"
• Type Either
  • x86 "officeserver2007sp1-kb936984-x86-fullfile-en-us.exe /extract c:\MOSS\updates\"
  • x64 "officeserver2007sp1-kb936984-x64-fullfile-en-us.exe /extract c:\MOSS\updates\"
• Agree to the Licence agreement

When the process has completed C:\MOSS\ will contain your Slipstreamed MOSS SP1 installation.  You can now copy this folder to a network location or burn to a DVD and install on your Windows Server 2008 Server.

After a bit of mucking about with the Searching & Indexing setting, I will explain about this in another blog entry soon, I got the site search to work correctly.

I noticed that PDF documents weren't being returned in any of my searches.  Not only this but it also appeared that PDF files were totally unsupported in MOSS as they would not display an icon in my document libraries.

This is because when MOSS crawls content it needs to open each document to index its contents, it does this by using an iFilter (very Appleesk).

You can get PDF iFilters from Adobe but a company called FoxIt have released both x86 & x64 versions of a PDF iFilter.  You can download that from their website.  www.foxitsoftware.com

Adding a Document Icon

1. Save a copy of an image you wish to see as the PDF document icon to "\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\Template\Images\pdf.gif" - Images should be 15x15 pixels in size.
2. Navigate to "\Program Files\Common Files\Microsoft Shared\Web server extensions\12\Template\Xml\"
3. Edit "DOCICON.XML" in notepad
4. Add the following line <Mapping Key="pdf" Value="pdf.gif"/>
5. Open a Command Prompt and type "iisreset"  - NOTE : this will temporarily stop MOSS from being accessed while IIS restarts. 
   

iFilter Installation Steps

1. Stop the IIS Admin service(s) - NOTE : No one will be able to access MOSS until after Step 3 has been completed.
2. Install FoxIt's iFilter on all indexing servers
3. Open a Command Prompt and type "iisreset"
4. Open the MOSS Central Administration Site
5. Go to the Share Service Administration Site running the search service
6. Select "Search Settings"
7. Select "File Types"
8. Select "Add New File Type"
9. Enter "pdf" click OK
10. Now run a Full Crawl
11. Check the Crawl Log to see that PDF files are successful indexed