DTAM5002919 Users Guide

Double-Take Application Manager Users Guide
Double-Take Application Manager Users Guide Revision 5.0.0 published November 2007 Double-Take, GeoCluster, and NSI are registered trademarks of Double-Take Software, Inc. Balance, Double-Take for Virtual Systems, Double-Take for Virtual Servers, and Double-Take ShadowCaster are trademarks of Double-Take Software, Inc. Microsoft, Windows, and the Windows logo are trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries. All other trademarks are the property of their respective companies. 2007 Double-Take Software, Inc. All rights reserved.
Double-Take Support for Application Failover

The Double-Take file system replication process is application independent and replicates any file system changes (including permissions and attributes) written to NTFS, FAT or FAT32 file systems by any application or process, subject to specific exceptions called out in the Users Guide or readme file. Maintaining point-in-time consistent file system replicas and providing server monitoring and automatic or manual failover of the server name and IP address are the primary functions of Double-Take, and Double-Take Software offers support to qualified customers should these functions fail to operate in accordance with our published documentation, regardless of what application or process is manipulating the data. Double-Take Software may provide application notes and other documents that provide implementation guidelines on how to use Double-Take functions and replicas to manually or automatically failover or recover many popular third-party applications and a general process to accomplish failover or recovery of many other third-party applications. While these steps are believed to be accurate for the specific configuration, Double-Take version, and application versions originally tested, due to the number of possible configurations and variables, Double-Take Software can only test selected combinations and may provide only limited support for the operation and configuration of third-party applications or the behavior of those applications before, during, or after failover, in its discretion. In cases where Double-Take Software has no direct access to or experience with a particular application or configuration, Double-Take Software support may also be limited to only the actual replication of the file system data and failover (name and IP address) of the server. For assistance in validating, implementing or troubleshooting these or other possible configurations with third-party applications, Double-Take Software and its partners may offer professional services on a fee basis to apply best practices for assisting with third-party applications to recover automatically or manually using replicated data. This, and any other, application note is provided solely for the convenience of our customers and is not intended to bind Double-Take Software to any obligation. Although we try to provide quality information, Double-Take Software makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained in this document.
Table of Contents
Chapter 1: Introduction ........................................................................................1
1.1 About the Double-Take Application Manager ..........................................................................................1 1.2 Supported configurations ...............................................................................................................................1
1.2.1 Exchange ...................................................................................................................................................................................... 1 1.2.2 SQL ............................................................................................................................................................................................... 2 1.2.3 SharePoint ................................................................................................................................................................................... 3 1.2.4 File server .................................................................................................................................................................................... 3
1.3 Requirements ....................................................................................................................................................4

1.3.1 Exchange Manager requirements ........................................................................................................................................... 5 1.3.2 SQL Manager requirements .................................................................................................................................................... 6 1.3.3 File server requirements .......................................................................................................................................................... 6 1.3.4 SharePoint requirements ......................................................................................................................................................... 6
1.4 Related documentation ...................................................................................................................................7

1.4.1 Users guide ................................................................................................................................................................................ 7 1.4.2 Application notes ....................................................................................................................................................................... 7 1.4.3 Readme files ................................................................................................................................................................................ 7
Chapter 2: Navigating the user interface ............................................................8

2.1 Install the Double-Take Application Manager ...........................................................................................8 2.2 Start the Double-Take Application Manager .............................................................................................9 2.3 Menu options .................................................................................................................................................. 10 2.4 Changing Double-Take Application Manager preferences .................................................................. 11 2.5 Using the online help .................................................................................................................................... 12
Chapter 3: Protecting an Exchange Server ......................................................13

3.1 Exchange configuration workflow ............................................................................................................. 13 3.2 Verify the Exchange environment (recommended) .............................................................................. 13 3.3 Select a task .................................................................................................................................................... 14 3.4 Select a domain .............................................................................................................................................. 14 3.5 Select source and target servers ............................................................................................................... 15
3.5.1 Enter server login information .............................................................................................................................................16 3.5.2 Using clustered Exchange servers .......................................................................................................................................16
3.6 Configure protection settings .................................................................................................................... 16 3.7 Failover settings ............................................................................................................................................. 17

3.7.1 Failover enabled .......................................................................................................................................................................17 3.7.2 Failover type .............................................................................................................................................................................17 3.7.3 Services ......................................................................................................................................................................................20 3.7.4 Resources (cluster only) ........................................................................................................................................................21 3.7.5 Method to monitor for failover ...........................................................................................................................................21 3.7.6 Failover monitoring options ..................................................................................................................................................22 3.7.7 Failover trigger .........................................................................................................................................................................22 3.7.8 Manual intervention required ...............................................................................................................................................22
3.8 Connection settings ...................................................................................................................................... 22

3.8.1 Route ..........................................................................................................................................................................................23 3.8.2 Protected storage groups ......................................................................................................................................................23 3.8.3 Mirror type ...............................................................................................................................................................................23 3.8.4 Enable compression ................................................................................................................................................................23
3.9 Advanced settings .......................................................................................................................................... 24

3.9.1 Replication set rules ...............................................................................................................................................................24 3.9.2 Failover/failback scripts ..........................................................................................................................................................25 3.9.3 Force AD replication ..............................................................................................................................................................26 3.9.4 Target(ed) domain controller ...............................................................................................................................................26 3.9.5 Advanced settings ....................................................................................................................................................................26
3.10 Saving configuration changes .................................................................................................................... 27
Chapter 4: Protecting an Exchange Cluster with a Like-Named Cluster .....28

4.1 Prerequisites ................................................................................................................................................... 28 4.2 Permissions ..................................................................................................................................................... 28 4.3 Multiple EVS .................................................................................................................................................... 28 4.4 Standby cluster configuration ..................................................................................................................... 29 4.5 Enabling protection ....................................................................................................................................... 31 4.6 Dealing with a failure .................................................................................................................................... 32
4.6.1 Graceful failover ......................................................................................................................................................................32 4.6.2 Site failure failover ...................................................................................................................................................................32 4.6.3 Differences in failback .............................................................................................................................................................32
Chapter 5: Protecting a SQL Server .................................................................33

5.1 SQL configuration workflow ...................................................................................................................... 33 5.2 Select a task .................................................................................................................................................... 33 5.3 Select a domain .............................................................................................................................................. 34 5.4 Select source and target servers ............................................................................................................... 35
5.4.1 Add or manage servers ..........................................................................................................................................................36 5.4.2 Enter server login information .............................................................................................................................................36

5.6.1 Failover enabled .......................................................................................................................................................................38 5.6.2 Failover type .............................................................................................................................................................................38 5.6.3 Services ......................................................................................................................................................................................40 5.6.4 Method to monitor for failover ...........................................................................................................................................41 5.6.5 Failover monitoring options ..................................................................................................................................................41 5.6.6 Failover trigger .........................................................................................................................................................................41 5.6.7 Manual intervention required ...............................................................................................................................................41

5.7.1 Route ..........................................................................................................................................................................................42 5.7.2 Protection mode .....................................................................................................................................................................42 5.7.3 Mirror type ...............................................................................................................................................................................45 5.7.4 Enable compression ................................................................................................................................................................45

5.8.1 Replication set rules ...............................................................................................................................................................46 5.8.2 Failover/failback scripts ..........................................................................................................................................................47 5.8.3 Advanced settings ....................................................................................................................................................................47
5.9 Saving configuration changes ...................................................................................................................... 48
Chapter 6: Protecting a File Server ...................................................................49

6.1 File server configuration workflow ........................................................................................................... 49 6.2 Select a task .................................................................................................................................................... 49 6.3 Select a domain .............................................................................................................................................. 50 6.4 Select source and target servers ............................................................................................................... 51

6.6.1 Failover enabled .......................................................................................................................................................................53 6.6.2 Failover type .............................................................................................................................................................................54 6.6.3 Services ......................................................................................................................................................................................56 6.6.4 Method to monitor for failover ...........................................................................................................................................56 6.6.5 Failover monitoring options ..................................................................................................................................................57 6.6.6 Failover trigger .........................................................................................................................................................................57 6.6.7 Manual intervention required ...............................................................................................................................................57

6.7.1 Route ..........................................................................................................................................................................................57 6.7.2 File shares ..................................................................................................................................................................................58 6.7.3 Mirror type ...............................................................................................................................................................................58 6.7.4 Enable compression ................................................................................................................................................................58

6.8.1 Replication set rules ...............................................................................................................................................................59 6.8.2 Failover/failback scripts ..........................................................................................................................................................60 6.8.3 Items to failover .......................................................................................................................................................................60 6.8.4 Advanced settings ....................................................................................................................................................................61
6.9 Saving configuration changes ...................................................................................................................... 61
Chapter 7: Protecting a SharePoint Server ......................................................62

7.1 SharePoint configuration workflow .......................................................................................................... 62 7.2 Supported uses of Application Manager for SharePoint ...................................................................... 63 7.3 Select a task .................................................................................................................................................... 63 7.4 Select a domain .............................................................................................................................................. 64 7.5 Select SharePoint front end ........................................................................................................................ 65 7.6 Select source and target servers ............................................................................................................... 65

7.8.1 Failover enabled .......................................................................................................................................................................67 7.8.2 Failover type .............................................................................................................................................................................68 7.8.3 Services ......................................................................................................................................................................................70 7.8.4 Add/Remove SharePoint services ........................................................................................................................................70 7.8.5 Method to monitor for failover ...........................................................................................................................................71 7.8.6 Failover monitoring options ..................................................................................................................................................71 7.8.7 Failover trigger .........................................................................................................................................................................71 7.8.8 Manual intervention required ...............................................................................................................................................71

7.9.1 Route ..........................................................................................................................................................................................72 7.9.2 Protected databases ................................................................................................................................................................72 7.9.3 Mirror type ...............................................................................................................................................................................73 7.9.4 Enable compression ................................................................................................................................................................73
7.10 Advanced settings ....................................................................................................................................... 73

7.10.1 Replication set rules .............................................................................................................................................................74 7.10.2 Failover/failback scripts ........................................................................................................................................................74 7.10.3 Items to failover ....................................................................................................................................................................75 7.10.4 Advanced settings .................................................................................................................................................................75
7.11 SharePoint settings ..................................................................................................................................... 76 7.12 Saving configuration changes .................................................................................................................... 77
Chapter 8: Validate the Configuration ..............................................................78 Chapter 9: Enabling Protection for a Server ....................................................79
9.1 Enable protection .......................................................................................................................................... 79 9.2 Disable protection ........................................................................................................................................ 80 9.3 Monitor protection status ........................................................................................................................... 80
9.3.1 Protection status states .........................................................................................................................................................80 9.3.2 Protection detail states ..........................................................................................................................................................81
9.4 Verify target data viability (Exchange only) ............................................................................................. 82

9.4.1 Relocating the SMTP pickup path and queues ..................................................................................................................84
Chapter 10: Failover, Failback, and Restoration ..............................................85

10.1 DNS failover, failback, and restoration .................................................................................................. 85
10.1.1 Initiating automatic failover .................................................................................................................................................85 10.1.2 Initiating manual failover ......................................................................................................................................................86 10.1.3 Failback and restoration ......................................................................................................................................................86
10.2 Identity failover, failback, and restoration ............................................................................................. 87

10.2.1 Initiating a failover .................................................................................................................................................................87 10.2.2 Failback and restoration ......................................................................................................................................................87 10.2.3 Recovering to the original source .....................................................................................................................................88 10.2.4 Rehoming the Exchange objects to the source ..............................................................................................................89
10.3 Re-enabling protection .............................................................................................................................. 89
Appendix A: Recommended Credentials.......................................................... 90

Double-Take Application Manager Credentials ............................................................................................ 90 Exchange Credentials .......................................................................................................................................... 94 SQL Credentials ................................................................................................................................................... 95 SharePoint Credentials ....................................................................................................................................... 96
Appendix B: Rebuilding the Source ................................................................... 97

Rebuilding the original Exchange source ........................................................................................................ 97 Rebuilding the original SQL source .................................................................................................................. 98
Appendix C: Exchange and SQL Failover with Blackberry ............................. 99

Configuring Blackberry services for failover .................................................................................................. 99
Appendix D: Using the DNS Failover (DFO) Utility...................................... 100 Appendix E: Using the Target Data Verification (TDV) Utility ................... 103 Appendix F: Using the Exchange Failover (EFO) Utility............................... 105
Introduction
This document describes how to use the Double-Take Application Manager interface to create and validate your application configuration. The Application Manager lets you quickly configure protection for an application without requiring you to have advanced knowledge of either Double-Take or your application. The Application Manager works by gathering information about your source and target environments, then configuring Double-Take to protect the source.
1.1 About the Double-Take Application Manager

The Double-Take Application Manager is used to simplify the setup of standard Double-Take connections. The Application Manager discovers all servers running a designated application in your environment so that you can determine which servers are not protected. It gathers information about the environment from various sources (including Double-Take, Active Directory, and DNS) and automatically configures Double-Take to protect that environment. It also performs a health check to make sure that your configuration is correct. This check not only helps to reduce configuration errors, but it also simplifies the setup process.
1.2 Supported configurations

1.2.1. Exchange
Exchange 2000 Source : Target Topology One : One Many : One One : Many Cascaded (chained) Cluster Support Cluster : Cluster Cluster : Standalone Standalone : Cluster Application Configurations 2000/2003 front-end server 2000/2003 back-end server 2007 consolidated roles 2007 distributed roles Domain Topology Single forest Multiple forest Parent > child Child > child Yes No Yes Yes Yes No Yes Yes Yes No Yes Yes No Yes N/A N/A No Yes N/A N/A N/A N/A HT, MBX, and CA only MBX only No No No Yes Yes No MBX only MBX only No Yes No No No Yes No No No Yes No No No Exchange 2003 Exchange 2007
1 of 106
Using the Double-Take Application Manager with Exchange in clustered environments

The Double-Take Application Manager can be used in the following cluster configurations with Exchange 2003:

Standalone source to clustered target Clustered source to standalone target Multi-node cluster to another multi-node cluster Multi-node cluster to a single-node cluster (requires GeoCluster PLUS) Single-node cluster to a multi-node cluster (requires GeoCluster PLUS) Cluster protection is not supported in Double-Take Application Manager for Exchange 2000. The Application Manager does not support configurations where Exchange and the domain controller are on the same node of a cluster. To obtain application notes for the manual process to configure protection for Exchange 2000 clusters, you must contact Double-Take Software technical support. Current contact information for technical support is available at http://www.doubletake.com/support/.
NOTE:
1.2.2. SQL
SQL Server 2000 Source : Target Topology One : One Many : One One : Many Cascaded (chained) Cluster Support Cluster : Cluster Cluster : Standalone Standalone : Cluster Application Configurations Named instance Database only Domain Topology Single forest Multiple forest Parent > child Child > child Yes No Yes Yes Yes No Yes Yes Yes Yes Yes Yes No No No No No No Yes Database mode only No No Yes Database mode only No No SQL Server 2005
Using the Double-Take Application Manager with SQL in clustered environments

The Double-Take Application Manager is intended to be used for one-to-one configurations in non-clustered SQL environments. If you want to use SQL in a clustered environment, refer to one of the following application notes, available from http://support.doubletake.com:

Guidelines for using Microsoft SQL Server 2000 with Double-Take Guidelines for using Microsoft SQL Server 2005 with Double-Take
2 of 106
1.2.3. SharePoint
SQL 2000 Source : Target Topology One : One Many : One One : Many Cascaded (chained) Cluster Support Cluster : Cluster Cluster : Standalone Standalone : Cluster Application Configurations WSS MOSS 2007 Domain Topology Single forest Multiple forest Parent > child Child > child Yes No Yes Yes Yes No Yes Yes Yes Yes Yes Yes No No No No No No Yes No No No Yes No No No SQL 2005
1.2.4. File server

Windows 2000 Source : Target Topology One : One Many : One One : Many Cascaded (chained) Cluster Support Cluster : Cluster Cluster : Standalone Standalone : Cluster Domain Topology Single forest Multiple forest Parent > child Child > child Yes No No No Yes No No Yes, as long as the child domain has a DNS server. If the DNS server resides in the parent domain, then validation will fail.
3 of 106
Windows 2003 Yes No No No
Yes No No No
No No No
No No No
1.3 Requirements
The Double-Take Application Manager will run from any client (or server) on any Microsoft Windows operating system that has access to the domain in which the servers are located. The Double-Take Application Manager requires the following minimum system configuration:
Two servers that meet one of the following operating system requirements:

Microsoft Windows 2000 Service Pack 4 or later Microsoft Windows 2003

NOTE:
In order to use the Target Data Verification feature (available only for Exchange), the target must be running Windows 2003 server, Service Pack 1 or later.
Two licensed copies of Double-Take version 4.4.2 or later

NOTE:
In order to protect a file server, you must be running Double-Take version 4.5.2 or later.
A copy of the most recent version of the Double-Take Application Manager

NOTE:
Double-Take Software recommends that you run Double-Take Application Manager from either a third administrative client that is running a supported operating system, or from the Double-Take target. If you are using a 64-bit machine, you must install the 64-bit version of .NET Framework version 2.0 or later prior to installing the Double-Take Application Manager. See the Double-Take Software support website to obtain the most recent version of the Double-Take Application Manager.

.NET Framework version 2.0 or later. If you do not have .NET Framework version 2.0 installed, Application Manager will prompt you to install it Microsoft Installer version 3.0 or later (as required by the .NET Framework version 2.0) An active internet connection (required during the Double-Take Application Manager installation to download the Microsoft Admin Pack and/or SQL Server 2005 Backward Compatibility components containing the SQLDMO libraries)
NOTE:
Alternatively, these packages are available on the Double-Take Software support website and can be downloaded to a different server, from which you can use an internal file share or removable media to copy the files to the Application Manager client.
If the DNS server is running Windows Server 2000, you must have the DNS Windows Management Instrumentation (WMI) Provider installed on the sources primary DNS server to allow the DFO to modify DNS resource records during failover. To download the DNS WMI Provider, use the following link:
ftp.microsoft.com/reskit/win2000/dnsprov.zip

The target must have drive letters that match the drive letters where the protected application stores data Double-Take Application Manager does not support single-label DNS domain names (that is, domain names that do not include a suffix such as .com, .corp, .net, and so on). The program files for your application must be installed in the same location on the target and the source
In addition, your environment must adhere to requirements specific to the application you are protecting. For additional requirements, see:

Exchange Manager requirements on page 5 SQL Manager requirements on page 6 File server requirements on page 6 SharePoint requirements on page 6
4 of 106
1.3.1. Exchange Manager requirements

If you are using the Double-Take Application Manager for Exchange, your system must meet the following requirements:
Two licensed copies of Microsoft Exchange Server that meet one of the following requirements:
Exchange Server 2000 with Service Pack 3 or later

NOTE:
Cluster protection is not supported for Exchange 2000.
Exchange Server 2003

NOTE:
Double-Take Software recommends that the Exchange version be the same as the operating system version (for example, Windows Server 2000 running Exchange Server 2000, or Windows Server 2003 running Exchange 2003). The source and target servers must both be running a Microsoft-supported operating system/Exchange combination. Both source and target Exchange versions must be identical.

Exchange 2007
NOTE:

The source and target servers must both be running a Microsoft-supported operating system/Exchange combination. Both source and target Exchange versions must be identical. Exchange 2007 requires that the Application Manager be run from the target server.

To use the Application Manager for Exchange, Double-Take must be running under the localsystem account. The client or server that is running the Application Manager must have access to the domain in which the Exchange servers are located. The source and target Exchange servers must be in the same root forest domain. The source and target servers must be part of the same Exchange Administrative Group. The Exchange configurations on the source and target servers must be identical for the following components:

Storage groups Location of storage groups (log and data files) Log file prefixes Database locations (log and data files) Message Transfer Agent (MTA) location Queue paths

In a parent\child domain, at least one domain controllers in the child domain must designated as a global catalog server. The Application Manager does not support configurations where Exchange and the domain controller are on the same node of a cluster. While installing Exchange Server 2003 on a domain controller is a supported operation, it is not generally recommended. Double-Take Software also does not recommend this configuration. If you must use Exchange Server 2003 on a domain controller, review the following Microsoft Knowledge Base articles:
http://support.microsoft.com/kb/822179 http://support.microsoft.com/kb/332097 http://support.microsoft.com/kb/305065 http://support.microsoft.com/kb/304403 http://support.microsoft.com/kb/875427
5 of 106
1.3.2. SQL Manager requirements

If you are using the Double-Take Application Manager for SQL, your system must meet the following requirements:
Two licensed copies of Microsoft SQL Server that meet one of the following requirements:

SQL Server 2000 with Service Pack 4 or later SQL Server 2005
NOTE:
If you are using SQL Server, you will be prompted to download and install the Microsoft SQL Server 2005 backward compatibility components. This package includes the SQLDMO library, which is required to run the Application Manager. You should use the same version and service pack of SQL Server on both the source and target servers. The only exception would be that you may use a newer version of SQL Server on the target server to perform a failover while in Database Only protection mode (for instance, when using Double-Take Application Manager to facilitate a migration from SQL Server 2000 on the source to SQL Server 2005 on the target). You can NOT failback when using different versions of SQL Server on the source and target.
To enable the Application Manager to work with MSDE (SQL Express 2000) and SQL Server 2005 Express, Named Pipes and TCP/IP need to be added to the Enabled Protocols. By default, these are disabled. They must be enabled to accept remote connections.

For MSDE, you must run the svrnetcn.exe command, which is located in the C:\Program Files\Microsoft SQL Server\80\Tools\Binn directory. For SQL Server 2005 Express, you must launch the SQL Server Configuration Manager, expand SQL Server 2005 Network Configuration, and for Protocols for MSSQLSERVER enable Named Pipes and TCP/IP.

To use the Double-Take Application Manager for SQL, the user logged on to Windows must be a member of the SQL Server sysadmin role on the source and target servers. The source and target SQL servers must be in the same domain; otherwise, the SQL Server service on both the source and target servers must be configured to start with the same domain user account. In order to protect SQL named instances, both the source and target SQL Servers must have named instances with the exact same name installed prior to configuring protection.
1.3.3. File server requirements

If you are using the Double-Take Application Manager for file servers, your system must meet the following requirements:
Two licensed copies of Double-Take version 4.5.2 or later

NOTE:
Double-Take Software strongly recommends that the target server be a dedicated standby server which does not host any critical applications. During failback for file servers, the Server service is re-started, which could also re-start any dependent services. File server protection is currently only supported in a flat domain.
1.3.4. SharePoint requirements

If you are using the Double-Take Application Manager for SharePoint, your system must meet the following requirements:

Windows SharePoint Services (WSS) version 3 WSS components of Microsoft Office SharePoint Server (MOSS) 2007 SQL Server 2000 or SQL Server 2005 back-end SharePoint protection is currently only supported in a flat domain.
NOTE:
6 of 106
1.4 Related documentation

Before you begin to configure your solution, make sure that you have complete documentation for your operating system, application, and Double-Take.
1.4.1. Users guide

The following document(s) contain additional information that you may need while setting up this solution:
Double-Take Users Guide or online documentation The Double-Take Users Guide contains a list of Double-Take error codes. This reference is useful for troubleshooting.
NOTE:
1.4.2. Application notes

While the Double-Take Application Manager greatly simplifies the process of configuring your application for use with Double-Take, Double-Take Software recognizes that in some environments a manual process for application configuration is more desirable. However, the manual process is much more time consuming and labor intensive. Double-Take Software has application notes which provide guidelines on using manual processes to configure your application with Double-Take. To obtain application notes for the manual process for Exchange configurations, you must contact Double-Take Software technical support. Current contact information for technical support is available at http://www.doubletake.com/support/. Application notes for using SQL are available for download from the Application Notes page of the Double-Take Software support web site (http://support.doubletake.com).
1.4.3. Readme files

The following readme files contain additional reference information related to the Double-Take Application Manager:

Readme_Application_Manager.htmThe readme file contains information about known issues and workarounds in the current release of the Application Manager. Readme_DFO.htmThe DNS failover utility (DFO.exe), which is called in the failover scripts, automatically updates DNS
resource records in order to seamlessly redirect network clients. The DFO readme file documents DFO syntax, known issues, and workarounds. The readme files can be found in the folder where the Double-Take Application Manager is installed (the default installation location is either \Program Files\Double-Take\ or \Program files\Application Manager.)
7 of 106
Navigating the user interface

The Application Manager interface is designed to guide you through the process of configuring protection for your servers. The default configuration parameters have been selected to be appropriate for most configurations; however, you may need to modify them for your specific environment. Any changes you make to non-machine specific configuration settings (such as Missed Packets) will become the default the next time you run the Application Manager. When you launch the Application Manager, you will see the main Application Manager window. The Setup tab of the Application Manager window leads you through the steps to configure protection for a server using standard Windows-style controls. Enter information in fields, select options from drop-down menus, click buttons, and use menu options to configure protection. After protection has been set up, use the Monitor tab to view information about the current source/target pair. Based on the current protection status and/or failover state, the Failover, Monitoring, and Protection button text on the Monitor tab will be updated to display the available command. If the Application Manager is not in a state that will allow any of these options to be executed, the corresponding button(s) will be grayed out (disabled). The interface provides tooltip-style online help. When you place the pointer over a field in the Application Manager, a tooltip will appear to provide additional information about the field.
2.1 Install the Double-Take Application Manager

If you have not done so already, install the Double-Take Application Manager by running the Application Manager installation file downloaded from the Double-Take Software support website or from your installation media. If you install .NET during the Application Manager installation, you may be required to reboot your system prior to the installation of Application Manager. After the reboot, the installation should continue.
NOTE:
When installing the Application Manager on a Windows 2000 machine using Remote Desktop Protocol (RDP), you will need to run the installer twice to complete the installation. This issue is documented in Macrovision Knowledgebase Article #Q111503.
When the installation autorun file is launched, the Application Manager will detect the platform that the server is running on (that is, whether it is on 32-bit or 64-bit). When you select Install Application Manager, the correct version of Double-Take Application Manager will be installed automatically.
NOTE:
On 32-bit systems, if Double-Take is installed before the Application Manager is installed, then the Application Manager will be installed to the same location as Double-Take. If the Application Manager is installed before Double-Take, then the Application Manager will be installed to the \Application Manager directory that is created. On 64-bit systems, Double-Take is installed to the Program Files directory (not \Program Files <x86>). When the Application Manager is installed, the Application Manager will be installed to the \Program Files folder where Double-Take resides. If the Application Manager is installed before Double-Take, then the Application Manager will be installed to \Program Files\Application Manager. If Double-Take is subsequently installed, it will be in a separate directory (that is, the Application Manager will be installed to \Program Files\Application Manager and Double-Take will be installed to \Program Files\DoubleTake).
For the initial setup, the Double-Take Application Manager only needs to be installed on one system. For managing failover and failback, the Application Manager should be run from either the target server or an administrative workstation.
8 of 106
The Double-Take Application Manager installation requires an active internet connection. This is necessary in order to download the Microsoft Admin Pack and SQL server backward compatibility (SQLDMO) files. In addition, if you do not have .NET Framework version 2.0 installed, you will be prompted to install it. Microsoft Installer version 3.0 or later is required to install the .NET Framework.
NOTE:
Alternatively, these packages are available on the Double-Take Software support website and can be downloaded to a different server, from which you can use an internal file share or removable media to copy the files to the Application Manager client.
2.2 Start the Double-Take Application Manager

Launch the Application Manager by selecting Start, Programs, Double-Take, Application Manager. The Double-Take Application Manager will open. If you have not yet set up protection, the window will show the Welcome screen. If you have previously configured protection for a source/target pair, the Application Manager will show the Monitor tab with information about the last protected pair.
You can protect servers for a different application by selecting one of the following options in the Tasks area on the left pane:
Protect Exchange ServerTo protect an Exchange server, click this option. The right pane will display the Manage Exchange page, which will lead you through the steps to protect an Exchange server. Continue with Protecting an Exchange Server on page 13. Protect SQL ServerTo protect a SQL server, click this option. The right pane will display the Manage SQL page, which will lead you through the steps to protect a SQL server. Continue with Protecting a SQL Server on page 33. Protect File ServerTo protect a file server, click this option. The right pane will display the Manage File Server page, which will lead you through the steps to protect a File server. Continue with Protecting a File Server on page 49. Protect SharePoint ServerTo protect a SharePoint server, click this option. The right pane will display the Manage SharePoint Server page, which will lead you through the steps to protect a SharePoint server. Continue with Protecting a SharePoint Server on page 62.

9 of 106
2.3 Menu options

Based on the current protection status and/or failover state, the Protection, Monitoring, and Failover/Failback menu options will be updated to display the available command. If the Application Manager is not in a state that will allow any of these options to be executed, the corresponding menu option(s) will be grayed out (disabled). The following menu options are available on the main Application Manager window:
File menu

NewSelect to protect an Exchange server, SQL server, File server, or SharePoint server. ExitExit the Double-Take Application Manager OptionsModify Double-Take Application Manager display preferences, including the clearing of cached credentials Delegate Rights (Exchange Only) Assign Exchange administrative rights to an account Configure ProtectionLaunch the Configure Protection screen ValidateValidate the source/target configuration Enable/Disable ProtectionEnable or disable protection for the source server Enable/Disable MonitoringEnable or disable failover monitoring for the source server Failover/FailbackInitiate manual failover or failback View source DFO logLaunch a viewer to examine the log file generated by the dfo.exe utility on the source server. View source ExchFailover log (Exchange only)Launch a viewer to examine the log file generated by the
Tools menu

Actions menu

exchfailover.exe utility on the source server.

View target DFO logLaunch a viewer to examine the log file generated by the dfo.exe utility on the target server. View target ExchFailover log (Exchange only)Launch a viewer to examine the log file generated by the exchfailover.exe
utility on the target server.

Manage SQL Servers (SQL and SharePoint only)Extended options for selecting SQL servers and testing SQL services on those servers This is the same window that is displayed when you click the Advanced Find button on the SQL Manager
main page.
Verify Target Data (Exchange only)Verify that the target stores will mount with the replicated data without forcing a
re-mirror.
Help menu

View Welcome PageReturn to the initial Double-Take Application Manager screen, from which you can check for
product updates or access the Double-Take Software website.

View Online HelpLaunch the Double-Take Application Manager online help View Users GuideLaunch the Double-Take Application Manager Users Guide PDF AboutView the Application Manager revision number and copyright information
10 of 106
2.4 Changing Double-Take Application Manager preferences

To change display preferences for the Double-Take Application Manager, select Tools, Options. The Options dialog box will appear.
Service Listen PortEnter the value for the Double-Take port to be used for Application Manager communication. The
default port is 1100. You can also change the port through the Double-Take Management Console. To specify the rate at which the Application Manager updates the protection status, clear the Enable automatic adjustment of refresh interval checkbox, then enter the desired Refresh Interval. You can enter a value between 1 and 30,000 seconds. If you want the refresh interval to be updated automatically, select the Enable automatic adjustment of refresh interval checkbox.
NOTE:
If the Application Manager appears to be running slowly, it may be because the refresh interval is set to a long interval. Set a shorter refresh interval, and make sure that the automatic adjustment option is not selected.
Maximum log file size(Default = 10 MB) Enter the maximum size for the dtam.verbose.log file. When the maximum size is reached, the dtam.verbose.log file is renamed to dtam.verbose.prev.log and subsequent actions are logged to a new dtam.verbose.log file. Enable verbose logging(Default = selected) When enabled, all user interactions with Double-Take Application Manager are logged to the dtam.verbose.log file.
To have the Protection Details section on the Monitor tab expanded by default, select the Always show protection details checkbox. Select the Display statistics values in bytes checkbox if you always want to show these values in bytes, rather than in MB, GB, or TB. If you want Double-Take Application Manager to automatically reconnect to the last protected source/target pair when it is re-started, select the Load last selected server upon startup checkbox. To clear the cached user name and password, click the Clear Cached Credentials button. Click OK to save your changes, or Cancel to discard your changes and exit the Options dialog box.
11 of 106
2.5 Using the online help

To view additional information about a task in the Double-Take Application Manager interface, from the Help menu, click View Online Help. This will launch the online help file in your internet browser. To search for information about a topic, use tabs on the left pane:

The Contents tab provides a table of contents for the help file. Click a topic to view the topic in the right pane. The Index tab provides a list of terms. Click on a term to view the help topic(s) that include that term. The Search tab allows you to enter a word or words. When you click the Search button, a list of all topics that include that term appears. Click on the topic title to view the topic. While viewing the online help and readme (.htm) files in Internet Explorer, a message may appear stating that Internet Explorer has restricted the file from showing active content. You can disable this setting by modifying your Internet Explorer security settings. In Internet Explorer, select Tools, Internet Options. On the Advanced tab, scroll down to the Security section, then enable Allow active content to run in files on My Computer.
NOTE:
12 of 106
Protecting an Exchange Server

3.1 Exchange configuration workflow
To configure protection for your Exchange servers using Application Manager, you will complete the following steps:
1. 2.
Install Exchange on the source server and apply any Exchange service packs or patches. Use the default installation options for Exchange. Install Exchange on the target, placing it in the same Exchange organization as the source and verifying that the installation location for the target is the same as the source. Apply any Exchange service packs or patches. Use the default installation options for Exchange with the following considerations:

The target must be a unique installation (that is, two Exchange servers must be available for a protection pair) Logical drive mapping must be the same on the source and target, and must assigned prior to running the Application Manager.
3. 4. 5. 6. 7. 8. 9.
Install Double-Take on the source and target Exchange servers. See the Double-Take Getting Started guide for more information.
Install the Double-Take Application Manager on page 8 Verify the Exchange environment (recommended) on page 13 Select a task on page 14 Select a domain on page 14 Select source and target servers on page 15
(Optional) Configure protection settings on page 16
10. Validate the Configuration on page 78
To protect your Exchange server, you will complete the following steps:
1. 2. Enable protection on page 79 Monitor protection status on page 80
In the event of a failure, you will need to perform some additional tasks. These tasks are described in Failover, Failback, and
Restoration on page 85. NOTE:
If you need to protect any data that is stored on a non-mailbox server role (for example, SMTP queue data), you will need to configure protection for that data separately. In addition, you may need to manually update the DNS setting for the client access server to point to the target site.
3.2 Verify the Exchange environment (recommended)

Before you use Double-Take Application Manager, complete the following tasks to verify that the environment is properly set up.
1. 2. 3.
With both Exchange servers online, use Active Directory Users and Computers to move an existing user from the source to the target and then back to the original source. Verify that you can create a new user on the target. To verify connectivity, create an Outlook profile for the new user on a client machine and connect to the target.
13 of 106
3.3 Select a task

To protect an Exchange server, open the Application Manager (Start, Programs, Double-Take, Application Manager), then on the Tasks area on the left pane, select Protect Exchange Server. The Manage Exchange page will appear in the right pane. Make sure that the Setup tab is in view.
NOTE:
You can also launch Double-Take Application Manager for Exchange by using the command line /EXCHANGE option (DTAM /EXCHANGE).
If you have previously configured protection for a source/target pair, the Manage Exchange page will be populated with information about the protected pair.
3.4 Select a domain

The Domain Name on the main window will be populated automatically with the root domain where the Application Manager client resides. This is necessary because the Exchange server objects are always located in the root Active Directory Configuration container. If you want to change the domain, type in a domain name for a trusted root domain that the Application Manager client can connect to, then press Tab or click on another field. If the domain you entered doesnt exist or you do not have the credentials to modify Active Directory for the new domain, the Domain Login window will appear. You will be prompted to enter the domain name, user name, and password to use for logging in to the domain.
NOTE:
Domain names must include a suffix, such as .com, .corp, or .net.
14 of 106
You may enter a user name for a different domain by entering a fully-qualified user name. The fully-qualified user name must be in the format NetBIOS domain name\username or username. If you enter a non-qualified name, the default domain will be used.
NOTE:
When the Double-Take Application Manager launches, it selects the forest root automatically. The domain that is entered MUST be the root of the forest domain, since this is where all Exchange server objects reside (even if the Exchange server is a member of a child domain).
3.5 Select source and target servers

The Application Manager will automatically attempt to populate the Source Server and Target Server lists with any servers in the specified domain that are running Exchange. If you select a source/target pair for which you have previously enabled and disabled protection, you may use the existing configuration settings (provided that the source/target connection is not currently active, in which case the existing settings will always be used). When you select Configure or Validate, a prompt will appear, asking if you want to re-use the previous configuration information. Click Yes to re-use the previous information, or click No to revert to the Application Manager default settings.
NOTE:
If the IP address(es) for the source or target server have changed since you originally configured protection (for example, if you configure the source or target in a staging area and then send it to a production location), you must re-configure the protection settings. When you are prompted to re-use the previous protection configuration, click No, then click the Configure Protection button.
1.
In the Source Server field, select the Exchange server that you want to protect. If this is your first time to log in to the selected server, you will be prompted to enter server login information. See Enter server login information on page 16 for more information about logging in to servers.
NOTE:
If you attempt to select a source that is currently unavailable, a prompt will appear stating that the source is not available and that if the source is failed over, you should first select the target. If you select the target, then select the source (as recommended in the prompt), the same prompt appears (though you would expect to get a prompt to failover). The ability to failover using the Application Manager will not be available until a failover condition has been met in accordance with the failover monitor settings set in the configuration section.
2.
In the Target Server field, select the backup Exchange server that will protect the source server in the event of a failure. The target must be in the same Exchange admin group as the source.
Notice that after you select a server to protect, the Protection Status changes to Unprotected.
NOTE:
If you select a target that is monitoring a connection that has met a failover condition and requires manual intervention, a prompt will appear, asking if you want to initiate failover.
15 of 106
3.5.1. Enter server login information

After you select a server for the first time, you will be prompted to enter a user name and password to use for logging in to the selected server. The login account MUST be a member of the Double-Take Admin local security group for the selected server. For more information about permissions, see Recommended Credentials on page 90.
You may enter a user name for a different domain by entering a fully-qualified user name. The fully-qualified user name must be in the format domain\username or username@domain. If you enter a non-qualified name, the DNS domain will be used. Entering the credentials for the logged-on user may be valid. The Application Manager will attempt to use the same user name and password the next time you select a server.
3.5.2. Using clustered Exchange servers

Exchange virtual servers (EVS) are selectable in the same way as physical servers; however, physical servers that are members of a cluster (called a node) are not shown in the server drop-down list. These nodes are selectable by selecting the sources like-named equivalent. For more information about setting up protection for a cluster with a like-named cluster, see Protecting an Exchange Cluster with a Like-Named Cluster on page 28.
NOTE:
Cluster protection is not supported in Double-Take Application Manager for Exchange 2000.
3.6 Configure protection settings

If you do not need to change the configuration settings, continue with Validate the Configuration on page 78. If you have already enabled protection for a connection and need to change the configuration parameters, you will first need to disable protection, as described in Disable protection on page 80. To change the default configuration parameters, click Configure from the main Application Manager window, or select Actions, Configure Protection from the menu. The Configuration Protection window will appear. The Configure Protection window has tabs for configuring failover, connection, and advanced settings. The following sections describe the options on each of these tabs.
16 of 106
3.7 Failover settings

The Failover tab includes options that will be applied during Exchange failover.
3.7.1. Failover enabled

Select the Failover enabled option to enable or disable failover for the selected source/target pair.
3.7.2. Failover type

Failover Type indicates what name resolution method will be used to redirect users to the target Exchange server in the event of a source failure. By default, DNS Failover is selected.
DNS failover
DNS Failover is the recommended method for failover. Use this option if you want to failover by updating the DNS records associated with the source. This will modify all source server A, CNAME, MX, and PTR-type DNS resource records to point to the target. In DNS Failover, the DNS records for the source server are modified to point to the target servers IP address. This allows clients to resolve the source Exchange server name to the target servers network name and IP address at failover time. DNS Failover eliminates duplicate server name and IP addresses on your network.
17 of 106
After you select the DNS Failover option, click Configure. The Configure DNS Failover window will appear.
In the top portion of the window, you can add additional DNS server IP addresses. Type the IP address into the DNS Server field, then click Add. The list box under the DNS Server entry field contains all DNS IP addresses for the source and target servers. The label after the DNS IP address indicates whether the DNS IP address belongs to the source, target, or both.
NOTE:
To remove an IP address from the DNS server list, select the IP address, then click the Delete button.
Enter the following information for DNS failover:

Source IPSelect the checkbox next to the source IP address(es) to be monitored for failover. Target IPSelect the target IP address to be used when failover occurs.
If one or more IP addresses are configured for the SMTP virtual server on the target, the first IP address will be the default target IP address for all source IP addresses.
NOTE:
If the target is monitoring multiple source IP addresses for failover, each monitored source IP address must be mapped to a unique target IP address.
Update TTLTo specify the value the Application Manager will establish for Time to Live (TTL) on the sources affected DNS records, select the Update TTL checkbox, then enter the desired update interval (in seconds). The default is the
current maximum TTL of all the sources A records. The recommended value is 300 seconds (5 minutes).
UsernameEnter the user name that will be used to access/modify DNS records. The login account MUST be the DNS Admin for the domain in which the DNS server resides. For more information about permissions, see Recommended Credentials on page 90.
You may enter a user name for a different domain by entering a fully-qualified user name. The fully-qualified user name must be in the format domain\username or username@domain. If you enter a non-qualified name, the DNS domain will be used by default. The domain name is obtained from the DNS server name, provided that reverse lookup in DNS is enabled. For more information about enabling reverse lookup, refer to your Microsoft documentation.
PasswordEnter the password that will be used to access/modify DNS records.
18 of 106
After you have entered the information, click the Test button to validate that DNS failover is configured correctly for the selected DNS server(s) and that the specified credentials are sufficient to update DNS. When the DNS configuration is complete, click OK to save your entries and return to the Configure Protection window.
NOTE:

If you are running Windows Server 2000 on the primary DNS server hosting zones or domains that contain source and/or target resource records, you must have the DNS WMI Provider installed on that DNS server. The Dynamic updates setting for the DNS zone should be set to Secure only. Otherwise, you must disable dynamic registration on the source server in order to prevent the source from reclaiming its DNS record. If a hosts file entry for the source server exists on the client machine, errors may occur during a failover and failback. Reverse lookup in DNS should be enabled. For more information about enabling reverse lookup, refer to your Microsoft documentation. DNS registration for the private (devoted to Double-Take) NIC IP should be disabled. If your Exchange server is using a public IP address to receive email, you will have to change the public advertised DNS MX record to reflect the target IP. Consult your service provider for instructions. To allow external email to be delivered to the target server when the source is unavailable, you should create an additional external MX record for the target server. The target MX record should have a lower priority than the source. Please refer to your router or firewall documentation for more information. For more information about using the DNS Failover utility, access the dfo.exe help by typing dfo.exe /?.
In order to set the primary DNS server with which the Application Manager will communicate during failover, you must launch Double-Take Application Manager using the command line /Advanced option (DTAM /Advanced). When launched in the Advanced context, the Client DNS Server field will appear on the Configure DNS Failover window. Use the Client DNS Server field to select the primary DNS server.
Identity failover
Select this option if you want to failover by transferring the source IP and name to the target. When using identity failover, it is possible that a name and/or IP address conflict can occur either during failover or when the original source server comes back online. To avoid this conflict, use DNS Failover.
NOTE:
Double-Take Application Manager cannot be used for failover or failback when the Identity failover method is selected. (However, the Failover Control Center can still be used to initiate failover). DNS failover reduces downtime and provides other benefits. It is recommended for most environments.
In Identity Failover, the targets physical identity is modified to match the source during a failover. This includes the target adopting the source servers name, primary IP address, and drive shares. Identity failover may be required in the following situations:

Access to the domain controller or DNS server is not available (for example, due to permissions) from the account that Double-Take runs under on the source/target servers. If you determine that the time it takes to propagate the necessary DNS or Active Directory changes to the rest of your environment is not acceptable. The time needed to propagate these changes depends on your Active Directory Replication and DNS server settings.
19 of 106
After you select the Identity Failover option, click Configure. The Configure Identity Failover window will appear.
Enter the following information for Identity failover:

Source IPSelect the source IP address(es) to be monitored for failover. Target NICSelect the target NIC to be used when failover occurs. Target IP AddressesThis area displays the IP address(es) of the selected target NIC. IP Address(Default = selected) Select the IP Address checkbox if you want the specified source IP address to be
monitored.
NOTE:

If you are in a WAN environment and choose Identity Failover, you should NOT failover the IP address.
Server Name(Default = selected) Select the Server Name checkbox if you want the source name to be added to the
target when failover occurs.

Shares(Default = selected) Select the Shares checkbox if you want the source file shares to be added to the target when
failover occurs.
Active Directory Hostname (SPNs)(Default = NOT selected) This option will automatically remove the host SPN
(Service Principle Name) from Active Directory for the source and add it to Active Directory for the target during failover.
NOTE:
You should NOT select this option when using Exchange.
After the Identity failover configuration is complete, click OK to save your entries and return to the Configure Protection window.
3.7.3. Services
Double-Take Application Manager will determine the appropriate Exchanges services to start/stop based on your operating system/Exchange configuration. You should only modify this selection if there are additional services that need to be started along with Exchange during the failover/failback process (such as BlackBerry). Modifying the default configuration for services may affect whether data can be successfully replicated. Do not modify the services to start/stop unless you are very familiar with Double-Take and Exchange.
20 of 106
To add a service, click Add. In the Add Service window, select the Service name from the drop-down box, then click Add. Alternately, you can manually enter a service, then press Enter. By default, most services must be stopped on the target for replication to occur properly. When you are finished entering services, click Add to return to the Failover configuration window.
To remove a service, select one or more services, then click Remove. You can only remove services that you added manually using the Application Manager. Services will be started in the displayed order (top-to-bottom starting with the left column) and shutdown in reverse order (bottom-to-top starting with the right column). To re-arrange the order in which services are started/stopped, first add any additional services. Select a service in the list, and use the up and down arrow buttons to move the service to the appropriate position in startup/shutdown order.
3.7.4. Resources (cluster only)

If you are using clustered Exchange servers, during configuration, you will select resources instead of services to bring online and offline during failover. The Resource selection works exactly like the service selection functionality.
NOTE:
If you are using Exchange in a cluster-to-standalone configuration and have selected a source cluster server, a button will appear in the Services/Resources area, allowing you to toggle between services to start on the target, and Resources to start on the source.
3.7.5. Method to monitor for failover

The method to monitor for failover specifies the ping method to use when monitoring source IP addresses.
Network Access (ICMP)Double-Take failover uses ICMP pings to determine if the source server is online. If a network
device, such as a firewall or router, between the source and target is blocking ICMP traffic, failover monitors cannot be created or used.
Replication Service (UDP)The Double-Take service on the target server sends a ping-like UDP request to the source Double-Take service, which replies immediately to confirm it is running. This method is useful when ICMP is blocked on routers between the source and target.
21 of 106
3.7.6. Failover monitoring options

The amount of time before failover begins is calculated by multiplying the Failover Interval by the Missed Packets. For example, if the Failover Interval is set to 5 seconds and the Missed Packets setting is 5, a failover condition will be identified after 25 seconds of missed source activity.
NOTE:
In a cluster environment, make sure to include a cushion to account for the time it takes for the cluster to failover.

Monitor Interval (sec)(Default = 5) How often the monitor checks the source machine availability. Missed Packets (sec)(Default = 5) How many monitor replies can be missed before assuming the source machine has
failed.
3.7.7. Failover trigger

If you are monitoring multiple IP addresses, select one of the failover trigger options:

All Monitored IP Addresses FailFailover begins when all monitored IP addresses fail. One Monitored IP Address FailsFailover begins when any of the monitored IP addresses fail.
3.7.8. Manual intervention required

(Default = selected) Manual intervention allows you to control when failover occurs. When a failure occurs, a prompt appears and waits for you to initiate the failover process manually. Disable Manual Intervention Required only if you want failover to occur immediately when a failure condition is met.
3.8 Connection settings

The Connection tab includes options that will be applied to the specified source/target connection.
22 of 106
3.8.1. Route
This setting identifies the Target IP Address that the Double-Take data will be transmitted through. You should only change this setting if you want to select a different route for Double-Take traffic. On a machine with more than one NIC, this increases the flexibility of configuring Double-Take activity. For example, you can separate regular network traffic and Double-Take traffic on a machine. The default ports will be used. In a cluster, the route should be set to the name of the Exchange virtual server (EVS) dependent IP.
3.8.2. Protected storage groups

The Protected storage groups area displays the storage groups, mailbox, and public folder stores. Select the Exchange storage groups that you want to protect. By selecting individual storage groups to protect, you can reduce the amount of data being replicated and filter out storage groups that do not need to be protected or failed over. Only the users associated with the selected storage groups will be failed over. By default, all storage groups are selected for an Exchange source. The replication set that the Application Manager generates will include the directories and files needed to protect the selected storage groups. It is recommended that you protect all storage groups.
NOTE:
If you do not select all storage groups, you should make sure that other backups are available from which to recover the storage groups that are not failed over. Double-Take Software recommends that you place all query-based distribution groups in a single organization container and give the target server full control rights to the container and all child objects.
You can also select non-application specific data under the Volumes folder.
NOTE:
If Override Generated Rules is selected on the Advanced tab, this control will be disabled.
To refresh the tree view to show new source directories or files that may have been added or removed, select the logical node, then click the Refresh button. If a node in the volumes branch is selected, then the items under that node will be refreshed.
3.8.3. Mirror type

The following options specify what files you want sent from the source to the target during a mirror:

FullCopies all of the directories and files in the replication set to the target machine. If a mirror has already been
completed, another full mirror will overwrite the data on the target.
Checksum(Default) This option compares the date, time, and size, and for those files that are different, a checksum
calculation comparison is performed. A checksum calculation is a formula applied to blocks of data to determine if the binary make-up of the block is identical. If the checksums on the source and target machine are the same, the block is skipped. If the checksums on the source and target machine are not the same, the block on the source is sent to the target. With this option, the entire file is not overwritten; only the block that is received from the source is overwritten.
NOTE:
The Mirror type setting also applies to the restoration connection.
3.8.4. Enable compression

This setting enables compression of data that is transmitted from the source to the target. Significant improvements in bandwidth utilization have been seen in Wide Area Network (WAN) configurations, or in any case where network bandwidth is a constraint. Compression may be used in Local Area Network (LAN) configurations, though it may not provide any significant network improvements. You can specify compression for different source/target connections, but all connections to the same target will have the same compression settings. By default, compression is disabled. To enable it, select Enable Compression, then set the level from minimum to maximum compression.
23 of 106
3.9 Advanced settings

The Advanced tab includes advanced configuration options.
3.9.1. Replication set rules

A replication set defines what directories/files are to be protected by Double-Take. By default, Application Manager selects all of the necessary directories/files to protect Exchange based on your source server configuration. These include all storage groups (system and log files), each database store (mailbox and public folder system and log files), Message Transfer Agent (MTA) files, and SMTP queues (pickup path and queuepath). By default, the Application Manager-generated replication set will be named xdag01_<target server name>. You should only modify the replication set rules if there are additional directories/files specific to your configuration that must also be protected with Exchange. Modifying the default configuration for replication set rules may affect whether data can be successfully replicated. Do not modify the replication set unless you are very familiar with Double-Take and Exchange. In order to change the replication set rules, first select the Override Generated Rules checkbox. When this box is selected, the Protected Storage Groups control on the Connection tab will be disabled. To add a replication set rule, click Add. In the Add Repset Rule window, enter the rule path (the directory that you want to protect or exclude), select whether to include/exclude the path, and whether the directory should be recursive or non-recursive, then press Enter. When you have entered all of your replication set rules, click Add to return to the Advanced configuration tab.
NOTE:
You will need to manually verify that the rule path is correct since the Application Manager does not validate rule paths
24 of 106
To remove a rule, select one or more rules, then click Remove. You can only remove rules that you added manually through the Application Manager. Rules that are automatically added by Application Manager cannot be removed or changed through the Application Manager interface.
NOTE:
If you want to protect the Badmail folder, you will need to manually add it to the replication set.
To reset the rules to the auto-generated rules and to re-enable the Protected Storage Groups control, remove the selection from the Override Generated Rules checkbox.
3.9.2. Failover/failback scripts

Scripts are executed at different points during the failover/failback process to perform the actions necessary to make Exchange available on the appropriate server. Scripts perform steps such as starting/stopping services, modifying mailbox values in Active Directory to point users to the appropriate server, and modifying DNS entries on the DNS server to point users to the appropriate server. Editing scripts is an advanced feature. Do not edit scripts unless you fully understand what each command is doing.
NOTE:
Any manual edits to the failover/failback scripts should be made carefully and tested prior to deployment in order to make sure that the changes are correct. If you remove the /username entry from the DFO command line in the PostFailover script, DNS failover will fail.
Three scripts are automatically generated by Application Manager during configuration. The scripts are copied to the Double-Take installation directory on the specified server using the administrative share for that servers drive.
Failover ScriptA post-failover script (Post_failover.txt) is executed after the core failover processes have
completed on the target server. The primary functions of the post-failover script are to start the Exchange services on the target and to modify DNS and Active Directory entries as necessary.
Failback ScriptA pre-failback script (Pre_failback.txt) is executed before failback processing occurs on the target server. The primary functions of this script are to stop Exchange services on the target and to move DNS and Active Directory entries as necessary. Restore ScriptA post-restore script (Post_restore.txt) is provided on the source to perform actions that are generally required after data has been restored from the target to source after a failover/failback. The primary function of this script is to restart Exchange services on the source server and rehome the public folders hosted on the source server. NOTE:
The post-restore script must be run from the source server.
By default, Application Manager generates all the required scripts for you automatically based on your system configuration. You can also edit the scripts to add, modify, or delete specific commands. To edit a script, click on the button for the script you want to update and the script file will be displayed using your machines default editor. Enter your changes, then save the script file. Any change you make to the script in the editor will be copied to the appropriate server when configuration changes are accepted, thus overwriting any changes that have been made outside the Application Manager. The scripts can be overwritten by certain operations during setup. For example, any changes to configuration options done in the Application Manager will overwrite previous script changes. If you want to make permanent changes to a script, you must modify the appropriate .txt file within the Exchange Failover installation directory. If there is more than one client machine that will be configuring failover, the change must be made to all the appropriate .txt files (Post_failover.txt, Post_restore.txt, and Pre_failback.txt). Before running Application Manager multiple times (for example, when re-enabling protection after a failover/failback), save a copy of your post-restore and pre-failback batch files. After Application Manager executes, replace the default script file(s) with the customized file(s) that you saved.
25 of 106
3.9.3. Force AD replication

(Default = selected) When selected, replication is initiated from the domain controller with which the source or target server communicates. This will be done each time the Exchange Failover utility (exchfailover.exe) is executed from within the failover/failback scripts. For more information about using the Exchange Failover utility, see Using the Exchange Failover (EFO) Utility on page 105. Disable Force AD Replication if you do not want Active Directory changes to be replicated.
Max wait time for AD replication (min)Enter the maximum time you want to wait for Active Directory replication to
complete before continuing on with the failover/back process. The default is 30 minutes.
NOTE:
The wait time is a factor determining when failover is complete. If replication exceeds the amount of time specified, a log entry is created and replication continues. If it is exceeded, failover is not reported as incomplete or failed.
3.9.4. Target(ed) domain controller

This field allows you to specify the name of the domain controller where updates will be made during failover and failback. If this field is left blank, the default or Active Directory-determined domain controller will be used.
NOTE:
You must enter the name of the domain controller. IP addresses are not valid for this field.
By default, the domain controller is resolved through Windows.
3.9.5. Advanced settings

The following options allow you to control what functions Application Manager will perform during configuration. By default, Application Manager performs all of these functions. Individual functions should only be disabled for testing or debugging purposes.
NOTE:
These options are only available when you launch Double-Take Application Manager using the command line /Advanced option (DTAM /Advanced).
Click the Restore PF Trees button to add the target back to the PF list to which the source belongs. Clicking this button copies the owning PF tree setting from the sources' public folders to the targets'. This setting is cleared when protection is enabled, which prevents SMTP queuing issues when trying to deliver messages to the target, but is never restored. If you want to have an active target server, you can use this button to restore it to a pre-Application Manager state.

Server Name (Default = selected) Select the Server Name checkbox if you want the source name to be added to the

Shares (Default = selected) Select the Shares checkbox if you want the source file shares to be added to the target when
failover occurs.
Active Directory Hostname (SPNs)(Default = selected) Select the Active Directory Hostname (SPNs) checkbox if you
want to automatically remove the host SPN (Service Principle Name) from Active Directory for the source and add it to Active Directory for the target during failover. If you are using Active Directory, you should enable this option; otherwise, you may experience problems with failover.
Create Replication Set(Default = Selected) Application Manager will automatically create a replication set that includes
all of the necessary directories/files that must be protected for your specific configuration. This should only be disabled if you have customized your replication set and do not want to overwrite it.
Create Failover Scripts(Default = Selected) Application Manager will automatically generate the failover/failback scripts
and copy them to the appropriate server. This should be disabled only if you have customized your script files and do not want them to be overwritten.
Create Connection(Default = Selected) Application Manager will create the appropriate connection between the source and target using the automatically-generated replication set. This should only be disabled if you would like to verify the replication set that is created by Application Manager prior to connection. Create Failover Monitor(Default = Selected) Application Manager will create a failover monitor on the target to monitor the source for failure. This monitor will use the failover parameters specified during configuration, as well as the script files that have been created. 26 of 106
3.10 Saving configuration changes

After you have changed the configuration parameters, click OK to apply the settings. If you click Cancel, any changes you have made will be discarded and the previous configuration parameters will be used. When you have finished configuring the optional protection options, continue with Validate the Configuration on page 78.
NOTE:
If you close the Double-Take Application Manager prior to enabling protection, your changes will not be saved. You must enable protection in order to save your configuration settings for a source/target pair.
27 of 106
Protecting an Exchange Cluster with a Like-Named Cluster

This section describes the process used to configure protection for an Exchange 2003 cluster with a like-named (also known as a standby) cluster. When you protect a cluster with a like-named cluster, the Double-Take Application Manager moves the EVS (Exchange virtual server) location from the source cluster to the target cluster. By moving the EVS, the process of moving users and public folders from one server to another is not needed, because they will continue to use the same mail store on the target as they were on the source. This, coupled with the ability to reduce the TTL (Time to Live) value of the EVS DNS record (optional), allows a more seamless failover.
4.1 Prerequisites
Before you can use the Double-Take Application Manager to protect a cluster with a like-named cluster, you must complete the following:

Each target server node must have the same version and service pack level of Exchange as is installed on the source nodes. The target must have a resource group that has the same name as the resource group on the source. The target resource group only needs to contain physical disk resources, which MUST use the same drive letters that are used by the physical disk resources on the source. Like-named cluster support is only available for clusters running Exchange 2003.
NOTE:
4.2 Permissions
When protecting a cluster with a like-named cluster, you can perform the setup, failover, and failback with the following permissions:

The user must be a member of the local Double-Take Admin group. The user must be a member of the cluster Administrator group. The user must be delegated Exchange View Only access through Exchange System Manager. (Optional) In order to change the TTL within DNS during failover, the user must be a member of the DnsAdmins group.
4.3 Multiple EVS

The instructions in this chapter also apply to setting up multiple EVS. To use multiple EVS, set up multiple like-name jobs for each EVS on your source cluster.
NOTE:
Because the first installed EVS is the only one that has the MTA resource (Message Transfer Agent), if you do not failover all Exchange virtual servers, then any user who is in a different mail store than the first one will not be able to route mail.
28 of 106
4.4 Standby cluster configuration

The process for protecting a cluster with a like-named cluster is similar to protecting a standard cluster. The following instructions point out the differences in configuration. For more information about basic protection functions, see the section Protecting an Exchange Server.
1. 2.
In the Source Server field, select the source cluster that you want to protect. In the Target Server field, select the same server.
NOTE:
The server name will be appended with the suffix (like-named)
3.
After you select a like-named cluster for the target, you will need to configure the like-named cluster. After you select the target server, the Like-named cluster setup dialog box will appear.
29 of 106
4.
Enter the following information:

Target ClusterEnter the name of one of the target nodes, then click Connect. NetworkSelect the NIC to which you will assign the IP. IP Address (to create)Enter a new IP address for the target to use when it stands in for the source. Subnet MaskEnter the subnet mask to use for the new IP address. Storage ResourcesThe Application Manager will automatically select the required storage resources on the target, provided that they exist (for example, if the source and target both have E:\ and S:\). Verify that the drive letters where Exchange data is located are selected. NOTE:

You can not de-select a storage resource that exists on both the source and target. If the drive letters on the source and target do not match, then not all required data will be selected automatically. You will need to select it manually. The selected storage resources must be in the same group.
5. 6.
When you are finished, click OK to return to the Manage Exchange window. On the Manage Exchange window, click Configure to open the Configure Protection window, then select the Failover tab.
7.
DNS Failover is the only option available for configuring protection with like-named clusters. For more information about DNS failover, see DNS failover on page 17.
30 of 106
8.
If you want to modify DNS configuration options, click Configure. The Configure DNS Failover window will appear.
9.
On the Configure DNS window, you can modify the TTL value for the DNS record. You can also specify the user credentials needed to modify DNS. When you are finished, you can click Test to test the DNS configuration for the selected DNS server(s), or click OK to return to the Configure Protection window.
NOTE:
Decreasing the TTL value will increase the speed at which clients get the updated information.
10. After you have changed the configuration parameters, click OK to apply the settings and return to the Manage Exchange window. If you click Cancel, any changes you have made will be discarded and the previous configuration
parameters will be used.

11. Click Validate to validate the selected cluster pair. The validation proceeds exactly like validation for other methods of
failover.
12. Click Enable Protection to enable protection for the source cluster.
4.5 Enabling protection

After protection is enabled, the Double-Take Application Manager creates four resources on the target cluster: two generic script resources, an IP address resource, and a temporary name resource. The temporary name resource is the source EVS name with _LN appended to the end. The Application Manager uses the temporary name resource for the connection between the source and target clusters. The Application Manager gets the order of the source cluster resources from the Microsoft Cluster DLL, then builds the scripts with the resources in order and based off the sources resources configuration.
NOTE:
Three scripts are automatically generated by the Application Manager during configuration. The scripts are copied to the Double-Take installation directory on the specified server using the administrative share for that servers drive.
Failover ScriptA post-failover script (post_failover_LN.txt) is executed after the core failover processes have completed on the target server. The primary function of the post-failover script is to start the resources on the target. Failback ScriptA pre-failback script (pre_failback_LN.txt) is executed before failback processing
occurs on the target server. The primary function of this script is to stop resources on the target.
Restore ScriptA post-restore script (post_restore_LN.txt) is not executed automatically, though it is
provided on the source to perform actions that are generally required after data has been restored from the target to source after a failover/failback. The primary function of this script is to restart resources on the source server. After the four resources are online and the mirroring has completed, the source cluster is considered protected and the Application Manager starts monitoring the source for complete source failure.
31 of 106
4.6 Dealing with a failure

4.6.1. Graceful failover
At the user's discretion, the Double-Take Application Manager can perform a graceful, or soft failover. A soft failover means the source cluster remains up and running while the EVS is transferred to the target cluster. This can be accomplished by using the failover button in Double-Take Application Manager. The steps the Application Manager takes to transfer the EVS from the source cluster to the target are the same as during a site failure failover, which is described in Site failure failover on page 32. The only difference is that in a soft failover, the source cluster resources are taken offline gracefully.
4.6.2. Site failure failover

If the Double-Take Application Manager detects that the source cluster has failed completely, it will display a prompt asking if a failover is desired. The time it takes for the Application Manager to realize a complete source cluster failure varies greatly. At times, the prompt can be seconds after the failure, or, it might take several minutes. If you want the prompt to appear more quickly and you know that the source cluster has failed, you can decrease the amount of wait time by closing the Application Manager, then re-opening it. When a failover is initiated, the following steps occur:
1. 2. 3.
The Double-Take Application Manager waits on the target replication queue to empty. The exchfailover.exe utility fails over the virtual protocols of the EVS. The resources are created on the target cluster.

The resources are created in the same order as they appeared on the source cluster. The resources are configured exactly as they were on the source cluster.
4. 5.
The resources are brought online. The DNS failover utility is used to lock the source DNS record.
4.6.3. Differences in failback

The process used to failback to the source cluster is the same as any other cluster failover method. The only difference is the EVS is now on both the source and target clusters. To failback to the source cluster, bring the source cluster online, then use the Double-Take Application Manager to failback.
NOTE:
When you bring the source cluster online, an identical network name will still be active on the target. Because of this, when the source cluster tries to bring up the EVS on the source, the network name resource will fail and consequently the group will not come online on the source. You should allow the source cluster to finish trying to bring the resources online before using the Application Manager to failback.
32 of 106
Protecting a SQL Server

5.1 SQL configuration workflow
To configure protection for your SQL servers using Application Manager, you will complete the following steps:
1. 2.
Install SQL on the source server and apply any SQL service packs or patches. Use the default installation options for SQL. Install SQL on the target, verifying that the installation location for the target is the same as the source. Apply any SQL service packs or patches. Use the default installation options for SQL with the following considerations:

The target must be a unique installation (that is, two SQL servers must be available for a protection pair) Logical drive mapping must be the same on the source and target, and must assigned prior to running the Application Manager.
3. 4. 5. 6. 7. 8. 9. 1. 2.
Install Double-Take on the source and target SQL servers. See the Double-Take Getting Started guide for more information.
Install the Double-Take Application Manager on page 8 Select a task on page 33 Select a domain on page 34 Select source and target servers on page 35

Validate the Configuration on page 78 Enable protection on page 79 Monitor protection status on page 80
To protect your SQL server, you will complete the following steps:
Restoration on page 85.
5.2 Select a task

To protect a SQL server, open the Application Manager (Start, Programs, Double-Take, Application Manager), then on the Tasks area on the left pane of the Double-Take Application Manager, select Protect SQL Server. The Manage SQL page will appear in the right pane. Make sure that the Setup tab is in view.
NOTE:
You can also launch Double-Take Application Manager for SQL by using the command line /SQL option (DTAM /SQL).
33 of 106
If you have previously configured protection for a source/target pair, the Manage SQL page will be populated with information about the protected pair.
5.3 Select a domain

The Domain Name on the main window will be populated automatically with the domain where the Application Manager client resides. If you want to change the domain, type in a domain name for a trusted domain that the Application Manager client can connect to, then press Tab or click on another field. If the domain you entered doesnt exist or you do not have the credentials to modify Active Directory for the new domain, the Domain Login window will appear. You will be prompted to enter the domain name, user name, and password to use for logging in to the domain.
NOTE:
The user account should have administrator permissions. For more information about permissions, see Recommended
Credentials on page 90.
34 of 106

If this is your first time to select a SQL server to protect, you may need to click the Advanced Find button to add servers to the Source Server and Target Server fields. For more information, see Add or manage servers on page 36. If you select a source/target pair for which you have previously enabled and disabled protection, you may use the existing configuration settings (provided that the source/target connection is not currently active, in which case the existing settings will always be used). When you select Configure or Validate, a prompt will appear, asking if you want to re-use the previous configuration information. Click Yes to re-use the previous information, or click No to revert to the Application Manager default settings.
NOTE:
1.
In the Source Server field, select the SQL server that you want to protect. If this is your first time to log in to the selected server, you will be prompted to enter server login information. For more information about logging in to servers, see Enter server login information on page 36.
NOTE:
2.
In the Target Server field, select the backup SQL server that will protect the source server in the event of a failure.
Notice that after the source and target servers are selected, the Protection Status on the Monitor tab changes to Unprotected.
NOTE:
If you first select a target that is monitoring a connection that has met a failover condition and requires manual intervention, then select the protected source server, a prompt will appear, asking if you want to initiate failover.
35 of 106
5.4.1. Add or manage servers

If the servers you need do not appear, click the Advanced Find button, or select Actions, Manage SQL Servers. The Manage SQL Servers window will appear.
To discover all servers in the domain, click the Search button. The Discovered Servers list will be populated with all servers that the Application Manager can discover that reside in the domain. To directly add a server to the drop-down list on the Manage SQL main page, select the server in the Discovered Servers list, then use the >> button to move it into the Current Servers list. To add a non-discovered server to the Current Servers list, enter the server name in the field next to the Add button, then click the Add button.
NOTE:
In environments with a very large number of servers in Active Directory, you may experience significant delays while the Application Manager searches for SQL servers. To override the automatic scan for SQL servers, you can launch Double-Take Application Manager through the command line using the /nosqlsearch option (DTAM /nosqlsearch). This will cause the Application Manager not to populate the Source and Target fields automatically. You will then need to click the Advanced Find button and add the source and target SQL servers manually.
After a server has been added to the Current Servers list, you can manage that server. Select the server, then select one of the following options:

RemoveClick the Remove button to remove the selected server from the drop-down list on the Manage SQL main
page.
Test SQLClick the Test SQL button to determine if SQL is installed and accessible for the selected server.
When you have finished adding, managing, or testing servers, click OK to save your changes, or Cancel to return to the Manage SQL main page without saving.

36 of 106


The Failover tab includes options that will be applied during SQL failover.
37 of 106

Select the Failover Enabled option to enable or disable failover for the selected source/target pair.

Failover Type indicates what name resolution method will be used to redirect users to the target SQL server in the event of a source failure. By default, DNS Failover is selected.
DNS failover
DNS Failover is the recommended method for failover. Use this option if you want to failover by updating the DNS records associated with the source. This will modify all source server A, CNAME, MX, and PTR-type DNS resource records to point to the target. In DNS Failover, the DNS records for the source server are modified to point to the target servers IP address. This allows clients to resolve the source SQL server name to the target servers network name and IP address at failover time. DNS Failover reduces the risk of duplicate server name and IP addresses on your network. After you select the DNS Failover option, click Configure. The Configure DNS Failover window will appear.
NOTE:

Source IPSelect the checkbox next to the source IP address(es) to be monitored for failover. Target IPSelect the target IP address to be used when failover occurs. NOTE:
38 of 106
NOTE:

If you are running Windows Server 2000 on the primary DNS server hosting zones or domains that contain source and/or target resource records, you must have the DNS WMI Provider installed on that DNS server. The Dynamic updates setting for the DNS zone should be set to Secure only. Otherwise, you must disable dynamic registration on the source server in order to prevent the source from reclaiming its DNS record. If a hosts file entry for the source server exists on the client machine, errors may occur during a failover and failback. Reverse lookup in DNS should be enabled. For more information about enabling reverse lookup, refer to your Microsoft documentation. DNS registration for the private (devoted to Double-Take) NIC IP should be disabled. If dynamic updates are enabled on a standard primary zone, the source server will be able to update its DNS records after failover. To prevent this, configure DNS to use an Active Directory-integrated zone. For more information about using the DNS Failover utility, access the dfo.exe help by typing dfo.exe /?.
Identity failover
NOTE:
In Identity Failover, the target will adopt the source servers name, primary IP address, and drive during a failover. Identity failover may be required in the following situations:

Access to the domain controller or DNS server is not available (for example, due to permissions) from the account that Double-Take runs under on the source/target servers. If you determine that the time it takes to propagate the necessary DNS or Active Directory changes to the rest of your environment is not acceptable. The time needed to propagate these changes depends on your Active Directory Replication and DNS server settings. If you want to failover shares from the source to the target.
39 of 106

Source IPSelect the source IP address(es) to be monitored for failover. Target NICSelect the target NIC to be used when failover occurs. Target IP AddressesThis area displays the IP address(es) of the selected target NIC. IP Address (Default = selected) Select the IP Address checkbox if you want the specified source IP address to be
monitored. If you are in a WAN environment and choose Identity Failover, you should NOT failover the IP address.


failover occurs.
Active Directory Hostname (SPNs)This option will automatically remove the host SPN (Service Principle Name) from Active Directory for the source and add it to Active Directory for the target during failover.
5.6.3. Services
Double-Take Application Manager will determine the appropriate SQL services to start/stop based on your operating system/SQL configuration. You should only modify this selection if there are additional services that need to be started along with SQL during the failover/failback process. Modifying the default configuration for services may affect whether data can be successfully replicated. Do not modify the services to start/stop unless you are very familiar with Double-Take and SQL. To add a service, click Add. In the Add Service window, select the Service name from the drop-down box, then click Add. Alternately, you can manually enter a service, then press Enter. By default, most services must be stopped on the target for replication to occur properly. When you are finished entering services, click Add to return to the Failover configuration window.
40 of 106

Replication Service (UDP)Replication Service (UDP)The Double-Take service on the target server sends a
ping-like UDP request to the source Double-Take service, which replies immediately to confirm it is running. This method is useful when ICMP is blocked on routers between the source and target.


failed.



41 of 106

5.7.1. Route
This setting identifies the Target IP Address that the Double-Take data will be transmitted through. You should only change this setting if you want to select a different route for Double-Take traffic. On a machine with more than one NIC, this increases the flexibility of configuring Double-Take activity. For example, you can separate regular network traffic and Double-Take traffic on a machine. The default ports will be used.
5.7.2. Protection mode

For SQL, you can select one of the following protection modes:
SQL Instance (default) Database Only Database only mode, Many-to-One configurations
SQL Instance (default)

Select SQL Instance protection mode to replicate all of the SQL program and data files (except the \binn directory) to the target SQL server. This will allow the clients to access your production SQL Server data and functionality on the target in the event of a failure.
42 of 106
SQL Instance protection mode requires that the source and target servers both have the exact same version of SQL (major and minor versions) as well as similar logical drive structures (the target must have at least the same logical drives as the source where SQL program and data files are stored). Certain user databases can be de-selected, but the System databases (except for tempdb) are required.
NOTE:

If you are protecting SQL named instances, both the source and target SQL Servers must have named instances with the exact same name installed prior to configuring protection. When using named instances, all named instances will appear in the Protected Databases area. You can either de-select an entire instance, or select specific databases within each instance. By default, the TcpPort on the source named instance will be different than the TcpPort on the target named instance. However, the Application Manager will still be able to work and there is no need for any additional configuration.
NOTE:
Database Only
The Database Only mode is intended for advanced users only. Select Database Only protection mode to replicate only the .mdf, .ldf, and .ndf files to the target server. The selected database(s) will be attached to the target SQL Server upon failover, allowing clients to access the underlying data. You can also select non-application specific data under the Volumes folder.
NOTE:
To refresh the tree view to show new source directories or files that may have been added or removed, select the logical node, then click the Refresh button. If a node in the volumes branch is selected, then the items under that node will be refreshed. During the configuration and validation process, you will have the opportunity to transfer user logins and permissions (both server and database-level) and certain SQL Server registry and configuration settings to the target server. This will allow users to access the data associated with the selected database(s), but no other server-level functionality will be transferred to the target server (including but not limited to Job Server configuration, Full-Text service configuration, SQL Replication configuration, linked servers, remote servers, backup devices).
NOTE:
When using Database Only mode, any SQL Server replication configured on the protected databases must be configured by the administrator on the target after failover.
43 of 106
If you select Database Only protection mode, you can select a non-system database and map it to a unique path on the target.
NOTE:
You must first select the database in order for the Target Path commands to be visible.
Select the database you want to re-map, then click the ellipse button. The Choose a Target Folder window will appear:
Enter the desired path in the Target Path field, then click OK.
NOTE:
The target database must be either offline or detached from the target before you can enable protection in the Application Manager. The validation test will detect if the target database is still online. Clicking Fix will detach that database on the target.
To confirm the new path, click Apply.

NOTE:
If Database-Only protection mode is used to protect SQL Server, attempting to attach a replicated SQL database(s) on the target server after failover can fail when done outside of the Application Manager. The Double-Take service account (typically the target's LocalSystem account) is the account used to attach/detach databases on failover/failback. When the database is detached by the failback script, the Double-Take service account becomes the owner of those files that make up the database (*.mdf, *.ldf, etc.), and any attempts to manually attach the database may fail if the user account does not yet have NTFS permissions to access the physical files. To change the permissions on an individual file, perform these steps on each file that is part of the database's file list.
1. 2. 3. 4. 5. 6. 7. 8.
In Windows Explorer, select the folder that contains the physical files for the database(s) that need to be manually attached. Right-click, then select Properties. Select the Security tab. Determine if the user account has NTFS permissions for that folder. If the user account does not have specific or inherited permissions, click the Add button. Enter the user account name (such as domain\administrator). After the user account has been added, give the account the necessary permissions to the folder (Full
Control).
Make sure that the subfolders and files are set to inherit these rights, then click OK.
Database only mode, Many-to-One configurations

The following examples describe the SQL many-to-one configurations that can be protected using Double-Take Application Manager.
44 of 106
Example 1: If you have two SQL servers (Source1 and Source2) where each server has only the default instance installed, you can protect databases from both servers' default instance, provided that the database names are unique. Case1: Both source servers default instances have a database named Accounting. You can only protect/failover one
server's copy of the database (because SQL on the target will not allow you to attach more than one copy of the same-named database).
NOTE:
If you select and setup both servers default instances for protection and both source servers fail, the Accounting database on the first source server to be failed over will be attached. The second server to failover will not be able to attach its Accounting database.
Case2: If Source1 has a database named Accounting1, and Source2 has a database named Accounting2, then you can protect and failover the database on both servers without any issues. NOTE:
All database filenames (*.mdf, *.ldf, and *.ndf) must either be:

Uniquely named (for example, accounting1.mdf and accounting2.mdf), or Uniquely located on the target (for example, c:\Source1\accounting1\accounting.mdf and c:\Source2\accounting2\accounting.mdf).
Example 2: If you have two SQL servers (Source3 and Source4) where each has a named instance installed (for example, Source3\instance1 and Source4\instance2), you can protect databases from both servers if the target has at least those two instances installed (Target1\instance1 and Target1\instance2). Case1: Both source SQL servers have a database named Accounting (Source3\instance1|Accounting and Source4\instance2|Accounting). You can protect and failover each SQL servers copy of the database without any
issue.
NOTE:
All the database filenames (*.mdf, *.ldf, and *.ndf) must either be:

Uniquely named (for example, accounting1.mdf and accounting2.mdf), or Uniquely located on the target (for example, c:\Source3\accounting1\accounting1.mdf and c:\Source4\accounting2\accounting2.mdf)
5.7.3. Mirror type


NOTE:

45 of 106


A replication set defines what directories/files are to be protected by Double-Take. By default, Application Manager selects all of the necessary directories/files to protect SQL based on your source server configuration. These include the SQL application data and transaction logs, tempdb files, and SQL error logs. By default, the Application Manager-generated replication set will be named sqldag01_<source server name>_<target server name>. You should only modify the replication set rules if there are additional directories/files specific to your configuration that must also be protected with SQL. Modifying the default configuration for replication set rules may affect whether data can be successfully replicated. Do not modify the replication set unless you are very familiar with Double-Take and SQL. In order to change the replication set rules, first select the Override Generated Rules checkbox. When this box is selected, the Protected Databases control on the Connection tab will be disabled. To add a replication set rule, click Add. In the Add Repset Rule window, enter the rule path (the directory that you want to protect or exclude), select whether to include/exclude the path, and whether the directory should be recursive or non-recursive, then press Enter. When you have entered all of your replication set rules, click Add to return to the Advanced configuration tab.
NOTE:
To remove a rule, select one or more rules, then click Remove. You can only remove rules that you added manually through the Application Manager. Rules that are automatically added by Application Manager cannot be removed or changed through the Application Manager interface.
46 of 106
To reset the rules to the auto-generated rules and to re-enable the Protected Databases control, remove the selection from the Override Generated Rules checkbox.

Scripts are executed at different points during the failover/failback process to perform the actions necessary to make SQL available on the appropriate server. Scripts perform steps such as starting/stopping services, attaching/detaching databases in database-only protection mode, and modifying DNS entries on the DNS server to point users to the appropriate server. Editing scripts is an advanced feature. Do not edit scripts unless you fully understand what each command is doing. Three scripts are automatically generated by Application Manager during configuration. The scripts are copied to the Double-Take installation directory on the specified server using the administrative share for that servers drive.
Failover ScriptA post-failover script (post_failover_sql.txt) is executed after the core failover processes have completed on the target server. The primary functions of the post-failover script are to start the SQL services on the target and to modify DNS and Active Directory entries as necessary. Failback ScriptA pre-failback script (pre_failback_sql.txt) is executed before failback processing occurs on the target server. The primary functions of this script are to stop SQL services on the target and to move DNS and Active Directory entries as necessary. Restore ScriptA post-restore script (post_restore_sql.txt) is not executed automatically, though it is provided on the source to perform actions that are generally required after data has been restored from the target to source after a failover/failback. The primary function of this script is to restart SQL services on the source server.
By default, Application Manager generates all the required scripts for you automatically based on your system configuration. You can also edit the scripts to add, modify, or delete specific commands. To edit a script, click on the button for the script you want to update and the script file will be displayed using your machines default editor. Enter your changes, then save the script file. Any change you make to the script in the editor will be copied to the appropriate server when configuration changes are accepted, thus overwriting any changes that have been made outside the Application Manager. The scripts can be overwritten by certain operations during setup. For example, any changes to configuration options done in the Application Manager will overwrite previous script changes. If you want to make permanent changes to a script, you must modify the appropriate .txt file within the SQL Failover installation directory. If there is more than one client machine that will be configuring failover, the change must be made to all the appropriate .txt files (post_failover_sql.txt, post_restore_sql.txt, and pre_failback_sql.txt). Before running Application Manager multiple times (for example, when re-enabling protection after a failover/failback), save a copy of your post-restore and pre-failback batch files. After Application Manager executes, replace the default script file(s) with the customized file(s) that you saved.

NOTE:


failover occurs.
47 of 106
Create Connection(Default = Selected) Application Manager will create the appropriate connection between the source and target using the automatically-generated replication set. This should only be disabled if you would like to verify the replication set that is created by Application Manager prior to connection. Create Failover Monitor(Default = Selected) Application Manager will create a failover monitor on the target to monitor the source for failure. This monitor will use the failover parameters specified during configuration, as well as the script files that have been created.

After you have changed the configuration parameters, click OK to apply the settings. If you click Cancel, any changes you have made will be discarded and the previous configuration parameters will be used. When you have finished configuring the optional protection options, continue to the section Validate the Configuration on page 78.
NOTE:
48 of 106
Protecting a File Server

6.1 File server configuration workflow
To configure protection for your file servers using Application Manager, you will complete the following steps:
1. 2. 3. 4. 5. 6. 7. 1. 2.
Install Double-Take on the source and target file servers. See the Double-Take Getting Started guide for more information.
Install the Double-Take Application Manager on page 8 Select a task on page 49 Select a domain on page 50 Select source and target servers on page 51

Validate the Configuration on page 78 Enable protection on page 79 Monitor protection status on page 80
To protect your file server, you will complete the following steps:
6.2 Select a task

To protect a file server, open the Application Manager (Start, Programs, Double-Take, Application Manager), then on the Tasks area on the left pane of the Double-Take Application Manager, select Protect File Server. The Manage File Server page will appear in the right pane. Make sure that the Setup tab is in view.
NOTE:
You can also launch Double-Take Application Manager for File Servers by using the command line /fileprint option (DTAM /fileprint).
49 of 106
If you have previously configured protection for a source/target pair, the Manage File Server page will be populated with information about the protected pair.
6.3 Select a domain

NOTE:
The user account should have administrator permissions. For more information about configuring permissions, see
Double-Take Application Manager Credentials on page 90.
50 of 106

You can either type the source and target server names into the Source Server and Target Server lists, or you can click the Advanced Find button and add the servers. For more information, see Add or manage servers on page 52. If you select a source/target pair for which you have previously enabled and disabled protection, you may use the existing configuration settings (provided that the source/target connection is not currently active, in which case the existing settings will always be used). When you select Configure or Validate, a prompt will appear, asking if you want to re-use the previous configuration information. Click Yes to re-use the previous information, or click No to revert to the Application Manager default settings.
NOTE:
1.
In the Source Server field, select the file server that you want to protect. If this is your first time to log in to the selected server, you will be prompted to enter server login information. For more information about logging in to servers, see Enter server login information on page 52.
NOTE:
2.
In the Target Server field, select the backup file server that will protect the source server in the event of a failure.
NOTE:
In a parent/child configuration, you will need to click Advanced Find and manually add the target server. The Application Manager only searches the root domain (or domain entered in Domain Name) and since the target server is in a child domain, it will not be auto discovered.
NOTE:
51 of 106

If the servers you need do not appear, click the Advanced Find button. The Manage Servers window will appear.
To discover all servers in the domain, click the Search button. The Discovered Servers list will be populated with all servers that the Application Manager can discover that reside in the domain. To directly add a server to the drop-down list on the Manage File Server main page, select the server in the Discovered Servers list, then use the >> button to move it into the Current Servers list. To add a non-discovered server to the Current Servers list, enter the server name in the field next to the Add button, then click the Add button. After a server has been added to the Current Servers list, you can click the Remove button to remove the selected server from the drop-down list on the Manage File Server main page. When you have finished adding servers, click OK to save your changes, or Cancel to return to the Manage File Server main page without saving.

After you select a server for the first time, you will be prompted to enter a user name and password to use for logging in to the selected server. The login account MUST be a member of the Double-Take Admin local security group for the selected server. For more information about required account permissions, see Double-Take Application Manager Credentials on page 90.
You may enter a user name for a different domain by entering a fully-qualified user name. The fully-qualified user name must be in the format domain\username or username@domain. If you enter a non-qualified name, the DNS domain will be used by default. Entering the credentials of the logged-on user may be valid. The Application Manager will attempt to use the same user name and password the next time you select a server.
52 of 106


The Failover tab includes options that will be applied during file server failover.

53 of 106

Failover Type indicates what name resolution method will be used to redirect users to the target file server in the event of a source failure. By default, DNS Failover is selected.
DNS failover
DNS Failover is the recommended method for failover. Use this option if you want to failover by updating the DNS records associated with the source. This will modify all source server A, CNAME, MX, and PTR-type DNS resource records to point to the target. In DNS Failover, the DNS records for the source server are modified to point to the target servers IP address. This allows clients to resolve the source file server name to the target servers network name and IP address at failover time. DNS Failover reduces the risk of duplicate server name and IP addresses on your network. After you select the DNS Failover option, click Configure. The Configure DNS Failover window will appear.
NOTE:

UsernameEnter the user name that will be used to access/modify DNS records. The login account MUST be the DNS
Admin for the domain in which the DNS server resides. For more information about required account permissions, see
Double-Take Application Manager Credentials on page 90.
54 of 106
NOTE:

Identity failover
NOTE:

55 of 106

monitored.
NOTE:

If you are in a WAN environment and choose Identity Failover, you should NOT failover the IP address.

failover occurs.
want to automatically remove the host SPN (Service Principle Name) from Active Directory for the source and add it to Active Directory for the target during failover. After the Identity failover configuration is complete, click OK to save your entries and return to the Configure Protection window.
6.6.3. Services
Double-Take Application Manager will determine the appropriate services to start/stop based on your system configuration. You should only modify this selection if there are additional services that need to be started during the failover/failback process. Modifying the default configuration for services may affect whether data can be successfully replicated. Do not modify the services to start/stop unless you are very familiar with Double-Take and the applications running on your server. To add a service, click Add. In the Add Service window, select the Service name from the drop-down box, then click Add. Alternately, you can manually enter a service, then press Enter. By default, most services must be stopped on the target for replication to occur properly. When you are finished entering services, click Add to return to the Failover configuration window.

56 of 106


failed.




6.7.1. Route
57 of 106
6.7.2. File shares

By default, all non-administrative file shares are selected. You can add other data that you want to protect by selecting the checkbox next to it in the tree view.
NOTE:
On a domain controller, you cannot protect the NETLOGON and SYSVOL shares, and they will not be visible in the File Shares tree.
NOTE:
6.7.3. Mirror type


NOTE:

58 of 106


A replication set defines what directories/files are to be protected by Double-Take. By default, Application Manager selects all of the necessary directories/files to protect the file server based on your source server configuration. These include all non-administrative file shares. By default, the Application Manager-generated replication set will be named fileprint_<target server name>. You should only modify the replication set rules if there are additional directories/files specific to your configuration that must also be protected. Modifying the default configuration for replication set rules may affect whether data can be successfully replicated. Do not modify the replication set unless you are very familiar with Double-Take. In order to change the replication set rules, first select the Override Generated Rules checkbox. When this box is selected, the File Shares control on the Connection tab will be disabled. To add a replication set rule, click Add. In the Add Repset Rule window, enter the rule path (the directory that you want to protect or exclude), select whether to include/exclude the path, and whether the directory should be recursive or non-recursive, then press Enter. When you have entered all of your replication set rules, click Add to return to the Advanced configuration tab.
NOTE:
To remove a rule, select one or more rules, then click Remove. You can only remove rules that you added manually through the Application Manager. Rules that are automatically added by Application Manager cannot be removed or changed through the Application Manager interface. To reset the rules to the auto-generated rules and to re-enable the File Shares control, remove the selection from the
Override Generated Rules checkbox. 59 of 106

Scripts are executed at different points during the failover/failback process to perform the actions necessary to make the file shares available on the appropriate server. Scripts perform steps such as starting/stopping services, modifying mailbox values in Active Directory to point users to the appropriate server, and modifying DNS entries on the DNS server to point users to the appropriate server. Editing scripts is an advanced feature. Do not edit scripts unless you fully understand what each command is doing. Three scripts are automatically generated by Application Manager during configuration. The scripts are copied to the Double-Take installation directory on the specified server using the administrative share for that servers drive.
Failover ScriptA post-failover script (post_failover_FilePrint.txt) is executed after the core failover processes have completed on the target server. The primary functions of the post-failover script are to start the services on the target and to modify DNS and Active Directory entries as necessary. Failback ScriptA pre-failback script (pre_failback_FilePrint.txt) is executed before failback processing occurs
on the target server. The primary functions of this script are to stop services on the target and to move DNS and Active Directory entries as necessary.
Restore ScriptA post-restore script (post_restore_FilePrint.txt) is not executed automatically, though it is
provided on the source to perform actions that are generally required after data has been restored from the target to source after a failover/failback. The primary function of this script is to restart services on the source server.
Post Failback ScriptA post-failback script (post_failback_FilePrint.txt) is executed on the target before the post-restore script runs. The primary function of this script is to re-start the server service and all dependent services on the source in order to refresh client connections.
By default, Application Manager generates all the required scripts for you automatically based on your system configuration. You can also edit the scripts to add, modify, or delete specific commands. To edit a script, click on the button for the script you want to update and the script file will be displayed using your machines default editor. Enter your changes, then save the script file. Any change you make to the script in the editor will be copied to the appropriate server when configuration changes are accepted, thus overwriting any changes that have been made outside the Application Manager. The scripts can be overwritten by certain operations during setup. For example, any changes to configuration options done in the Application Manager will overwrite previous script changes. If you want to make permanent changes to a script, you must modify the appropriate .txt file within the Double-Take Application Manager installation directory. If there is more than one client machine that will be configuring failover, the change must be made to all the appropriate .txt files (post_failover_FilePrint.txt, post_restore_FilePrint.txt, post_failback_FilePrint.txt, and pre_failback_FilePrint.txt). Before running Application Manager multiple times (for example, when re-enabling protection after a failover/failback), save a copy of your post-restore and pre-failback batch files. After Application Manager executes, replace the default script file(s) with the customized file(s) that you saved.
6.8.3. Items to failover

Select the items to failover for


failover occurs.
60 of 106

NOTE:

After you have changed the configuration parameters, click OK to apply the settings. If you click Cancel, any changes you have made will be discarded and the previous configuration parameters will be used. When you have finished configuring the optional protection options, continue to the section Validate the Configuration on page 78.
NOTE:
61 of 106
Protecting a SharePoint Server

7.1 SharePoint configuration workflow
The Application Manager can be used to extend the target web front-end into the source SharePoint configuration. The SharePoint databases will be protected by default. Target database server and front-end web server Internet Information Services Microsoft SQL Server (default or named instance) WSS 3.0 or MOSS 2007 (must be installed, but not configured) Double-Take
Source front-end web server Internet Information Services WSS 3.0 or MOSS 2007
Source database server Microsoft SQL Server (default or named instance) Double-Take To configure protection for your SharePoint servers using Application Manager, you will complete the following steps:
1. 2.
Configure each source as a Windows member server. Install Microsoft SQL Server on each source that will be used as a back-end server.
NOTE:
For SQL Server 2005, Microsoft recommends that all service packs be installed independently for each source and target instance. This ensures that operating system files and registry entries are applied appropriately.
3. 4. 5. 6.
Install and configure Windows SharePoint Services (WSS 3.0) or MOSS 2007 on each source that will be used as a front-end server, according to Microsoft guidelines. Configure each Windows 2003 target as a member server in the same Active Directory domain or trusted domain environment as the source. Install Double-Take on each source and target SQL back-end server using the installation defaults. See the Double-Take Getting Started guide for details. Install SQL on the target, verifying that the installation location for the target is the same as the source. Apply the same SQL service packs or patches as the source. Use the default installation options for SQL with the following considerations:

The target must be a unique installation (that is, two SQL servers must be available for a protection pair) Logical drive mapping must be the same on the source and target, and must assigned prior to running the Application Manager. Microsoft recommends that all service packs be installed independently for each source and target instance. This ensures that operating system files and registry entries are applied appropriately.
NOTE:
7. 8. 9.
Install WSS 3.0 or MOSS 2007 on the target server, but DO NOT configure.
Install the Double-Take Application Manager on page 8 Select a task on page 63
62 of 106
10. Select a domain on page 64 11. Select SharePoint front end on page 65 12. Select source and target servers on page 65 13. (Optional) Configure protection settings on page 67 14. Validate the Configuration on page 78
To protect your SharePoint server, you will complete the following steps:
1. 2. Enable protection on page 79 Monitor protection status on page 80
7.2 Supported uses of Application Manager for SharePoint

Double-Take Application Manager for SharePoint supports only SQL instance mode protection. Database-only protection mode is not available. By default, Double-Take Application Manager for SharePoint displays the Advanced options and automatically selects to failover Server Name and Hostname (SPNs). These two options are required to make SharePoint failover work correctly. Double-Take Application Manager for SharePoint, like Double-Take Application Manager for file severs, does not support graceful/soft failover. Only target web servers running a version of SharePoint that is identical to what is installed on the source web front-end can be extended into the source SharePoint configuration. The SharePoint Admin account used to install WSS 3 or MOSS 2007 on the source web front-end is required to extend a target web server into the SharePoint configuration.

7.3 Select a task

To protect a SharePoint server, open the Application Manager (Start, Programs, Double-Take, Application Manager), then on the Tasks area on the left pane of the Double-Take Application Manager, select Protect SharePoint Server. The Manage SharePoint page will appear in the right pane. Make sure that the Setup tab is in view.
NOTE:
You can also launch Double-Take Application Manager for SharePoint by using the command line /SharePoint option (DTAM /SharePoint).
63 of 106
If you have previously configured protection for a source/target pair, the Manage SharePoint page will be populated with information about the protected pair.
7.4 Select a domain

NOTE:
The user account should have administrator permissions. For more information about permissions, see Recommended
Credentials on page 90.
64 of 106
7.5 Select SharePoint front end

Enter the name of the server that functions as the SharePoint front end, then click Get Config to load that servers configuration information into the Application Manager. The source server will be detected and added to the Source Server field.

If this is your first time to select a SharePoint server to protect, you may need to click the Advanced Find button to add servers to the Source Server and Target Server fields. For more information, see Add or manage servers on page 66. If you select a source/target pair for which you have previously enabled and disabled protection, you may use the existing configuration settings (provided that the source/target connection is not currently active, in which case the existing settings will always be used). When you select Configure or Validate, a prompt will appear, asking if you want to re-use the previous configuration information. Click Yes to re-use the previous information, or click No to revert to the Application Manager default settings.
NOTE:
1.
In the Source Server field, select the SharePoint server that you want to protect. If this is your first time to log in to the selected server, you will be prompted to enter server login information. For more information about logging in to servers, see Enter server login information on page 66.
NOTE:
2.
In the Target Server field, select the backup SharePoint server that will protect the source server in the event of a failure.
NOTE:
65 of 106

If the servers you need do not appear, click the Advanced Find button, or select Actions, Manage SQL Servers. The Manage SQL Servers window will appear.
To discover all servers in the domain, click the Search button. The Discovered Servers list will be populated with all servers that the Application Manager can discover that reside in the domain. To directly add a server to the drop-down list on the Manage SharePoint main page, select the server in the Discovered
Servers list, then use the >> button to move it into the Current Servers list.
To add a non-discovered server to the Current Servers list, enter the server name in the field next to the Add button, then click the Add button.
NOTE:
In environments with a very large number of servers in Active Directory, you may experience significant delays while the Application Manager searches for SQL servers. To override the automatic scan for SQL servers, you can launch Double-Take Application Manager through the command line using the /noSQLsearch option (DTAM /noSQLsearch). This will cause the Application Manager not to populate the Source and Target fields automatically. You will then need to click the Advanced Find button and add the source and target SQL servers manually.
After a server has been added to the Current Servers list, you can manage that server. Select the server, then select one of the following options:

RemoveClick the Remove button to remove the selected server from the drop-down list on the Manage SharePoint main page. Test SQLClick the Test SQL button to determine if SQL is installed and accessible for the selected server.
When you have finished adding, managing, or testing servers, click OK to save your changes, or Cancel to return to the Manage SharePoint main page without saving.

66 of 106


The Failover tab includes options that will be applied during SharePoint failover.

67 of 106

Failover Type indicates what name resolution method will be used to redirect users to the target SharePoint server in the event of a source failure. By default, DNS Failover is selected.
DNS failover
DNS Failover is the recommended method for failover. Use this option if you want to failover by updating the DNS records associated with the source. This will modify all source server A, CNAME, MX, and PTR-type DNS resource records to point to the target. In DNS Failover, the DNS records for the source server are modified to point to the target servers IP address. This allows clients to resolve the source SharePoint server name to the target servers network name and IP address at failover time. DNS Failover reduces the risk of duplicate server name and IP addresses on your network. After you select the DNS Failover option, click Configure. The Configure DNS Failover window will appear.
NOTE:

68 of 106
NOTE:

Identity failover
NOTE:

69 of 106

monitored. If you are in a WAN environment and choose Identity Failover, you should NOT failover the IP address.


failover occurs.
Active Directory Hostname (SPNs)This option will automatically remove the host SPN (Service Principle Name) from Active Directory for the source and add it to Active Directory for the target during failover.
7.8.3. Services
Double-Take Application Manager will determine the appropriate SharePoint services to start/stop based on your operating system/SharePoint configuration. You should only modify this selection if there are additional services that need to be started along with SharePoint during the failover/failback process. Modifying the default configuration for services may affect whether data can be successfully replicated. Do not modify the services to start/stop unless you are very familiar with Double-Take and SharePoint. To add a service, click Add. In the Add Service window, select the Service name from the drop-down box, then click Add. Alternately, you can manually enter a service, then press Enter. By default, most services must be stopped on the target for replication to occur properly. When you are finished entering services, click Add to return to the Failover configuration window.
7.8.4. Add/Remove SharePoint services

To stop the target SharePoint services when protection has been enabled, click the Add SharePoint Services button. SharePoint services will be added to the list of services.
NOTE:
If you add the SharePoint services, they will be started upon failover and stopped upon failback. This will result in SharePoint on the target being active only when the target is failed over.
70 of 106



failed.



71 of 106

7.9.1. Route
7.9.2. Protected databases

By default, all of the SharePoint program and data files (except the \binn directory) are selected for replication to the target SharePoint server. This will allow the clients to access your production SharePoint Server data and functionality on the target in the event of a failure. The source and target servers both have the exact same version of SharePoint (major and minor versions) as well as similar logical drive structures (the target must have at least the same logical drives as the source where SharePoint program and data files are stored).
NOTE:
If you using a SQL server named instance for a back-end database server in your SharePoint setup, both the source and target SQL servers must have named instances with the exact same name installed prior to configuring protection. To enable the ability to add or remove SharePoint instances, you can launch Double-Take Application Manager through the command line using the /advanced option (DTAM /advanced). With this option enabled, a dialog box will appear when you select Configure Protection.
NOTE:
To refresh the tree view to show new source directories or files that may have been added or removed, select the logical node, then click the Refresh button. If a node in the volumes branch is selected, then the items under that node will be refreshed. 72 of 106
7.9.3. Mirror type


NOTE:


73 of 106

A replication set defines what directories/files are to be protected by Double-Take. By default, Application Manager selects all of the necessary directories/files to protect SharePoint based on your source server configuration. These include the SharePoint application data and transaction logs, tempdb files, and SharePoint error logs. By default, the Application Manager-generated replication set will be named SharePointdag01_<target server name>. You should only modify the replication set rules if there are additional directories/files specific to your configuration that must also be protected with SharePoint. Modifying the default configuration for replication set rules may affect whether data can be successfully replicated. Do not modify the replication set unless you are very familiar with Double-Take and SharePoint. In order to change the replication set rules, first select the Override Generated Rules checkbox. When this box is selected, the Protected Databases control on the Connection tab will be disabled. To add a replication set rule, click Add. In the Add Repset Rule window, enter the rule path (the directory that you want to protect or exclude), select whether to include/exclude the path, and whether the directory should be recursive or non-recursive, then press Enter. When you have entered all of your replication set rules, click Add to return to the Advanced configuration tab.
NOTE:
To remove a rule, select one or more rules, then click Remove. You can only remove rules that you added manually through the Application Manager. Rules that are automatically added by Application Manager cannot be removed or changed through the Application Manager interface. To reset the rules to the auto-generated rules and to re-enable the Protected Databases control, remove the selection from the Override Generated Rules checkbox.

Scripts are executed at different points during the failover/failback process to perform the actions necessary to make SharePoint available on the appropriate server. Scripts perform steps such as starting/stopping services, attaching/detaching databases in database-only protection mode, and modifying DNS entries on the DNS server to point users to the appropriate server. Editing scripts is an advanced feature. Do not edit scripts unless you fully understand what each command is doing. Three scripts are automatically generated by Application Manager during configuration. The scripts are copied to the Double-Take installation directory on the specified server using the administrative share for that servers drive.
Failover ScriptA post-failover script (post_failover_SharePoint.txt) is executed after the core failover
processes have completed on the target server. The primary functions of the post-failover script are to start the SharePoint services on the target and to modify DNS and Active Directory entries as necessary.
Failback ScriptA pre-failback script (pre_failback_SharePoint.txt) is executed before failback processing
occurs on the target server. The primary functions of this script are to stop SharePoint services on the target and to move DNS and Active Directory entries as necessary.
Restore ScriptA post-restore script (post_restore_SharePoint.txt) is not executed automatically, though it is
provided on the source to perform actions that are generally required after data has been restored from the target to source after a failover/failback. The primary function of this script is to restart SharePoint services on the source server. By default, Application Manager generates all the required scripts for you automatically based on your system configuration. You can also edit the scripts to add, modify, or delete specific commands. To edit a script, click on the button for the script you want to update and the script file will be displayed using your machines default editor. Enter your changes, then save the script file. Any change you make to the script in the editor will be copied to the appropriate server when configuration changes are accepted, thus overwriting any changes that have been made outside the Application Manager.
74 of 106
The scripts can be overwritten by certain operations during setup. For example, any changes to configuration options done in the Application Manager will overwrite previous script changes. If you want to make permanent changes to a script, you must modify the appropriate .txt file within the Double-Take Application Manager installation directory. If there is more than one client machine that will be configuring failover, the change must be made to all the appropriate .txt files (post_failover_SharePoint.txt, post_restore_SharePoint.txt, and pre_failback_SharePoint.txt). Before running Application Manager multiple times (for example, when re-enabling protection after a failover/failback), save a copy of your post-restore and pre-failback batch files. After Application Manager executes, replace the default script file(s) with the customized file(s) that you saved.
7.10.3. Items to failover


Shares (Default = not selected) Select the Shares checkbox if you want the source file shares to be added to the target
when failover occurs.

want to automatically remove the host SPN (Service Principle Name) from Active Directory for the source and add it to Active Directory for the target during failover. If you are using Active Directory, you should enable this option; otherwise, you may experience problems with failover

NOTE:


Shares (Default = not selected) Select the Shares checkbox if you want the source file shares to be added to the target
when failover occurs.

75 of 106
7.11 SharePoint settings

The SharePoint tab includes options you can use to join or extend the target front-end web server to the production SharePoint configuration or web farm. The Application Manager determines the Microsoft SQL server and configuration database used by the source SharePoint web front-end server, then uses that information to connect the specified target web server to the same SharePoint configuration. The target web server specified can be local or remote.
NOTE:
The target web server must have the same version of SharePoint installed as the production SharePoint web server. For best results, SharePoint should be installed but not yet configured on the target web server. In order to extend the target web server, you will also need to add the Sharepoint administrator account to the local Domain Admin group on the target server before you extend the target web front-end server into the farm.
The first five fields will be filled in automatically when you select the Configure Target Web Server checkbox. You can modify these values.

Server NameThe NetBIOS or physical name of the target SharePoint web server. IP AddressIP address for the target web server. TCP PortThe TCP port to be used for communicating with the target web server. Config Database ServerName of the Microsoft SQL Server that hosts the configuration database. Config Database NameName of the configuration database for the production SharePoint web front-end server. SharePoint Admin NameAccount used to install and configure SharePoint on the production SharePoint web front-end server. This should be entered as a fully-qualified domain name (domain\username). SharePoint Admin PasswordPassword for the SharePoint Admin account. Confirm PasswordRe-enter the password to confirm.
76 of 106
When you have finished setting the configuration options, click Connect Server. When you select this button, the SharePoint front-end web server specified in the Server Name field will be extended into the source SharePoint configuration.
NOTE:
After you click the Connect Server button, it is recommended that you connect to both the source and target front-end web servers using a browser. The process of connecting a front-end web server to an existing SharePoint configuration can take several minutes to complete. During this time, you will be able to perform other tasks within the Configure Protection window; however, you will not be able to close the Configure Protection window until the task is complete. You must manually install the Central Administration web application after the target has been extended in order to be able to administrate SharePoint in the event of a failover.

After you have changed the configuration parameters, click OK to apply the settings. If you click Cancel, any changes you have made will be discarded and the previous configuration parameters will be used. When you have finished configuring the optional protection options, continue with the next section, .
NOTE:
77 of 106
Validate the Configuration

Click Validate, or select Actions, Validate, to ensure that the source and target servers are configured correctly for failover. A description of the validation activity being performed is displayed in the status bar at the bottom of the Application Manager window, along with status progress indicator. When validation completes, the status progress indicator is removed.

If you are using DNS Failover and did not enter DNS credentials on the Configure Protection window, you will be prompted to enter a user name and password for accessing/modifying DNS records. If the configuration is good, a green checkmark icon will appear next to a validation message that states that the servers are configured correctly. Continue with the next section, Enable protection. If the validation detects potential configuration issues, an icon will appear next to the message(s). The following table identifies the icons and the validation conditions that they represent. Double-click on a message to view details concerning the issue. On the Validation Details window, review the additional information, and, if available, click Fix and Application Manager will attempt to resolve the issue. If you would rather address the issue manually, click Cancel. After correcting any issues, click Validate again to verify the change was made. Icon Good Unknown Error, FixableIf not fixed, failover cannot occur. Can be fixed by Application Manager. Error, Not FixableIf not fixed, failover cannot occur. Must be fixed manually. Warning, FixableThe Application Manager detected an issue that should be addressed prior to failover. Can be fixed by Application Manager. Warning, Not FixableThe Application Manager detected an issue that should be addressed prior to failover. Must be fixed manually. Validation Status
NOTE:
If you run a validation against a source/target pair that is in a Protected state and the validation detects issues with the target (such as the target is missing or contains incorrect data), the Fix or Fix All button will be disabled. You must disable protection for the source/target pair before you can fix the issue. Then, you can re-enable protection. If the IP address(es) for the source or target server have changed since you originally configured protection (for example, if you configure the source or target in a staging area and then send it to a production location), you must re-configure the protection settings. When you are prompted to re-use the previous protection configuration, click No, then click the Configure Protection button.
78 of 106
Enabling Protection for a Server

Based on the current protection status, the Enable/Disable Protection button (on both the Setup and Monitor tabs) and menu options will be updated to display the available actions. If the Application Manager is not in a state that will allow protection to be enabled, the Enable/Disable Protection button and menu option will be grayed out (disabled). After monitoring has been enabled for a source/target pair, you can view the status of the monitored connection on the
Monitor tab.
You can click the Show/Hide button to display or hide details about the protected pair. For details about changing the units used to display bytes remaining in the mirror and queues, see Changing Double-Take Application Manager preferences on page 11.
9.1 Enable protection

Click Enable Protection, or select Actions, Enable Protection. If you have not already performed a validation check, if you have changed the domain, source, target, or configuration parameters, or if you have disabled the connection, you will be prompted to run a validation check at this time. The Protection Status field will display the current status of the connection. When the initial mirror has completed, the Protection Status will change to Protected and, if you have not manually un-selected Failover Enabled, the Monitoring Status will change to Enabled. A source server can have a Protected status only if the source is currently connected to a target and an Application Manager-generated replication set exists (named xdag01_<target server name> for Exchange and clusters being protected by a like-named Exchange cluster, sqldag01_<target server name> for SQL, or FilePrint_<target server name> for file servers). While there may be other Double-Take connections between the selected source and target, Application Manager only recognizes connections that it has created. Any connection that has been built by Application Manager will be recognized as a valid connection, regardless of the connection state.
79 of 106
9.2 Disable protection

You can disable an existing Application Manager-generated source/target connection monitor within the Application Manager. You must disable protection before you can change any of the Application Manager configuration parameters.
1. 2.
If you select a source that is already protected in the Source Server field, the target server will be filled in automatically and the Protection Status should indicated Protected. Click Disable Protection at the bottom of the window, or select Actions, Disable Protection, to disable protection.
9.3 Monitor protection status

After the initial mirror, your source server is protected. To change whether failover monitoring is enabled, click the Enable/Disable Monitoring button at the bottom of the window, or select either Enable Monitoring or Disable Monitoring from the Actions menu.
NOTE:
You cannot use both the Failover Control Center and the Double-Take Application Manager interfaces to monitor a source/target pair at the same time. Double-Take Software recommends that all monitoring occur from the Application Manager interface. If both interfaces are open and a failover condition occurs, failover will not be initiated until the failover prompt is cleared in both interfaces.
9.3.1. Protection status states

The following table describes the possible protection status states. Protection Status Unprotected Warning Description No Double-Take connection exists Double-Take connection exists, but has issues (such as with target state, mirroring, or replication (for example, if the mirror has been paused outside of the Application Manager or if the target is down). See details for more information. Protected Synchronizing (% complete) Unknown Failing over Failed over Failing back Restoring (% complete) Double-Take connection exists and is active Mirroring is in progress Source server is not selected Failover from the source to the target is in progress Target has assumed source role Failback from the target to the original source is in progress Mirroring (target to source) is in progress
The following table describes the possible monitoring status states. Monitoring Status Disabled Enabled Failover condition met Failing over Failed over Failing back No Double-Take monitor Double-Take monitor is started Source server is down Failover from the source to the target is in progress Target has assumed source role Failback from the target to the original source is in progress Description
80 of 106
9.3.2. Protection detail states

The following table identifies the possible mirror status states. Mirror Status Calculating size Idle Mirroring Paused Removing orphans Verifying Restoring Transmitting (Unknown) The following table identifies the possible replication status states. Replication Status Calculating size Idle Mirroring Paused Removing orphans Verifying Restoring Transmitting (Unknown) The following table identifies the possible transmit modes. Transmit Mode Started Paused Warning (see details) The following table identifies the possible target status states. Target Status Online Mirroring Mirroring Stopped Re-mirror required
81 of 106
Target Status Retrying Paused Pausing Restore Required Replicating Snapshot reverted Target path unblocked Target path blocked (Unknown) (Unsupported)
9.4 Verify target data viability (Exchange only)

After you have configured your servers, you can use the Double-Take Application Manager to run a test that verifies that the database on the target is viable for failover. One benefit of performing the verification test is that you do not have to perform an additional remirror or failover to verify target data viability. In order to perform a database verification, the following prerequisites must be met:

The target server must be running Windows 2003, Service Pack 1 or later. No Exchange data can reside on the system volume. (This is because the system volume cannot be reverted from a snapshot.) See Relocating the SMTP pickup path and queues on page 84. If you are running the Double-Take Application Manager from any server other than the source or target, you must install the Exchange System Manager component on that client (due to a dependency on the cdoexm.dll file). If the current volumes do not have adequate space to contain the snapshots, modify the properties for the Shadow Copies settings on each volume to set the storage location of the snapshots where the Exchange data resides. Target path blocking must be disabled for the connection in the Double-Take Management Console.
While in verification mode, Double-Take will queue on the target in the directory you selected during Double-Take configuration. You should be aware of your data change rate and make sure you have adequate capacity on the volumes configured for the Double-Take target queues. For more information, see the Double-Take Users Guide.
NOTE:
You can also verify target data viability from a command line interface. The TDV.exe utility is available from the DT_Utilities folder. For more information about using the target data verification command line utility, see Using the Target Data Verification (TDV) Utility on page 103.
82 of 106
You can verify the target stores at any time following the successful completion of a mirror. When you select Actions, Verify Target Data, the following window will appear:
The Database Verification window includes the following controls and indicators:

StatusThe overall status of the database verification. Click on the status description for more information. ResultsDisplays the status of the target Exchange Stores and Storage Groups. Initially, the state of the Stores and
Storage Groups is unknown (indicated by a question mark icon); it will change to green when the stores have successfully mounted.

HistoryA log showing the sequence of events. Current activityDuring the validation test and protection restoration, the status messages at the bottom of the screen describe the test progress. OptionsClick to change services and scripts. The Options dialog box will appear. When you are finished with the Options dialog box, click OK to return to the Database Verification dialog box.
ServicesSelect whether you want to start only the core application services, or all of the services you selected on the Failover tab when you configured protection. The Start Selected Services option would be used to include
application add-ons such as Blackberry or anti-virus when configured with failover.

ScriptsEnter the paths for the scripts to run on the target to verify data, and to run prior to restoring normal protection (for example, the first script would move users, and the second script would move them back following the test). NOTE:
Two sample scripts for moving users (moveUserSrctoTgt.vbs and moveUserTgttoSrc.vbs) are installed in the Samples subfolder where the Double-Take Application Manager is installed. You will need to modify these scripts for your environment.
83 of 106
To verify the target data, click the Test button. You will see the History window updated as the test proceeds. The Status field will display Starting test while preparing the target. When the stores finish mounting, the Status field changes to Target online. At this point, the verification is complete and the target application is ready for any other custom testing. You must click the Continue button to revert the target to the pre-test state and transition out of testing mode. If an issue is encountered during the target data verification process, the Undo button will be enabled. Click Undo to revert the target to its pre-test state and remove the snapshots and any other items created for the verification test.
9.4.1. Relocating the SMTP pickup path and queues

Follow these steps to relocate the SMTP pickup path and queues on the source prior to enabling protection and propagating changes to the target using cloning.
1. 2. 3. 4.
Open ADSIEdit.mmc (available from the Windows Server Support Tools). Right-click on ADSI Edit in the left pane and select Connect to. In the Select Well Known Naming Context, choose Configuration. For the MTA Path:
a.
Drill down by double-clicking at each level to the following path (substituting your environment configuration):
CN=Microsoft MTA,CN=Source_Server,CN=Servers,CN=First Administrative Group,CN=Administrative Groups,CN=NewTestOrg,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=DTAMTest,DC=com
b. c. 5. a.
Right-click the MTA object and select Properties. Scroll down to the msExchMTADatabasePath and double-click to edit. Set to a drive other than system. Drill down by double-clicking at each level to the following path (substituting your environment configuration):
CN=SMTP_Virtual_Server_Name,CN=SMTP,CN=Protocols,CN=Source_Server,CN=Servers,CN=First Administrative Group,CN=Administrative Groups,CN=NewTestOrg,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=DTAMTest,DC=com.
For the SMTP Queues:
b. c. d. e. 6.
Right-click the SMTP_Virtual_Server_Name object and select Properties. Scroll down to the msExchSmtpQueueDirectory and double-click to edit. Set to a drive other than system. Scroll down to the msExchSmtpPickupDirectory and double-click to edit. Set to a drive other than system. Repeat steps a-d for each SMTP Virtual server.
Repeat steps 4 and 5 for the target server, or select Disable Protection, run Validation, and choose to Fix the related issues found.
84 of 106
Failover, Failback, and Restoration

If you selected DNS failover, you can use the Application Manager to automate failover, failback, and restoration. If you selected Identity failover, you will need to use the manual processes described in Identity failover, failback, and restoration on page 87. If an error occurs during failover or failback, a message box will appear. You can use the Actions menu to launch the failover and failback log files.
10.1 DNS failover, failback, and restoration

Based on the current protection status and/or failover state, the Failover/Failback button on the Monitor tab and menu options will be updated to display the available command. If the Application Manager is not in a state that will allow failover or failback to be executed, the Failover/Failback button and menu option will be grayed out (disabled). In the Application Manager, there are two ways that failover can be initiated:

Automatically, when a failover condition has been met (such as if the source has gone down) Manually (for instance, when you want to do maintenance or upgrades on the source server)
In order to initiate either an automatic or manual failover, the source and target servers must already be configured so that the Protection Status is Protected and Monitoring Status is Enabled. During failover and failback, the status messages at the bottom of the screen describe the failover or failback progress.
NOTE:

Protection Status and Monitoring Status on the main screen are not updated during failover and failback. The refresh update rate is not automatically updated during failover and failback. When using Application Manager for Exchange:

If your SMTP gateway (or vendor) is configured to send mail to a specific IP address and that IP address is not failed over to the target, you will need to change it during failover. While in a failed over state, you cannot log in to the domain from the source Exchange server. This is because the target has assumed the source server's host Service Principal Names to allow Outlook Web Access to be accessed using the source name. If you need to log in to the domain and OWA is not needed, contact Double-Take Software Technical Support for a workaround.
When using Application Manager for file servers, the failover button will only work after the source server is offline. This is necessary to prevent name conflicts on the network when the name is failed over.
10.1.1. Initiating automatic failover

When the Manual Intervention Required option is selected on the Failover tab of the Configure Protection window, a prompt will occur when a failover condition is met. For more information about setting failover options, see the Failover settings section for your application. If you cleared the Manual Intervention Required option and have failover enabled for your server pair, failover will occur automatically when a failover condition is met.
85 of 106
10.1.2. Initiating manual failover

To initiate a manual failover, select Actions, Failover, or click the Failover button on the Monitoring tab. The Initiate Failover box will appear.
Select either Immediate Failover (to begin failover immediately and not wait for the queues to empty), or Graceful failover (to wait for the target queue to empty before failing over). The queues could contain any messages or data recently sent to the target from the source. If the queues arent empty when the prompt delay is reached, you will be asked whether you want to continue waiting, or to failover immediately.
NOTE:
When failing over a protected File server, the Graceful Failover option is not available. To test failover for a protected File server, the source must either be shut down or disconnected from the network.
Click Initiate Failover to begin failover process. After you select Initiate Failover, the failover process will begin, and the Protection Status and Failover/Monitoring Status indicators on the Monitor tab will display Failing Over.
NOTE:
You cannot cancel or interrupt the failover process. The length of time needed for a failover depends on the number of users and how long it takes to start Exchange services on the target. For a large number of users, the failover process could take a while.
10.1.3. Failback and restoration

After issues on source server are resolved and it is connected and online, failback to the source and restore any modified data. In order to initiate failback, both the Protection Status and Failover/Monitoring Status must be Failed Over.
NOTE:
When using Application Manager for Exchange, any mail stores or storage groups that are created while the source is in a failover state will not failback properly.
If the source server has to be rebuilt, follow the instructions in Rebuilding the Source on page 97. To initiate failback, click the Failback button, or select Actions, Failback. The Initiate Failback window will appear.
86 of 106
On the Initiate Failback window, select the following failback options:

Restore target data prior to failbackSelect this option if you want to restore any modified data from the target back
to the source prior to beginning the failback.

Enable CompressionSelect this option to enable compression of data that is transmitted from the target to the source.
Then, set the level from minimum to maximum compression. The default level is inherited from the source-to-target connection.
Prompt prior to failbackSelect this option if you want a prompt to appear before failing back.
Click Initiate Failback to begin the failback process. The restoration will begin, and the Protection Status will display the progress of the restoration. If you selected Prompt prior to failback, when the restoration is complete a prompt will appear asking if you want to failback. Click Yes to failback to the source. During restoration, the Application Manager will display the percent complete. Although the Application Manager does not display restoration statistics, you can view the connection and current status statistics through the Double-Take Management Console.
10.2 Identity failover, failback, and restoration

The following sections describe the manual processes you can use to manage failover, failback, and restoration. These manual processes are required if you chose to perform Identity failover. You will be using the Double-Take Management Console, Failover Control Center, and/or Text Client to manage identity failover and failback. For more information about using Double-Take, refer to the Double-Take User's Guide.
10.2.1. Initiating a failover

If a failure occurs and the Failover Control Center Time to Fail counter reaches zero (0), a dialog box will appear in the Failover Control Center requiring user intervention to initiate failover. (If the Failover Control Center is not open when the failure occurs, the dialog box will appear the next time the Failover Control Center is opened and you are logged on to the target. See the Double-Take Users Guide for information on monitoring a failure.) Acknowledge the manual intervention prompt to start failover. The post-failover script created earlier will automatically run. During failover, Windows Event Viewer, the Double-Take log, DFO log, and Double-Take Application Manager logs record the failover events. When failover is complete, the target will have the application services started, the databases mounted, and the users pointed to the target.
NOTE:
The DFO and Double-Take Application Manager log files are located in the same directory as the Double-Take Application Manager. If you are failing over Exchange, after the changes have propagated through your environment, clients can connect through Outlook or Outlook Web Access to receive their e-mail. Users that had Outlook open during the failure will need to restart the Outlook client (excluding Outlook Web Access clients on a LAN).
If DNS failover was selected, the clients will have to wait for the IP cache to expire, or type in ipconfig /flushdns in a command window. This time can be adjusted by lowering the TTL (Time to Live) setting within your DNS servers configuration. For more information, refer to your DNS server documentation.
10.2.2. Failback and restoration

If your source experiences a failure, such as a power, network, or disk failure, your target machine will stand in for the source while you resolve the source machine issues. During the source machine downtime, data is updated on the target machine. When your source machine is ready to come back online, the data is no longer current and must be updated with the new data on the target machine. Before you begin to restore to the original source, resolve the issue(s) that caused the failure. If the source server has to be rebuilt, follow the instructions in Rebuilding the Source on page 97.
87 of 106
10.2.3. Recovering to the original source

1. 2.
After repairing/rebuilding the source server offline, bring the server up but leave the network connection disabled by unplugging the cable or disabling the network interface adapter. Stop all of the services on the source so that you can overwrite the data with the newer data on the target. Because the source server cannot communicate with a domain controller because its network connection is still inactive, this will take longer than normal. The following table lists the services that must be stopped, in the order in which they must be stopped. Stop the services appropriate to your application. Exchange 2007 Microsoft Exchange Active Directory Topology Service Microsoft Exchange Anti-spam Update Microsoft Exchange EdgeSync Microsoft Exchange File Distribution Microsoft Exchange IMAP4 Microsoft Exchange Information Store Microsoft Exchange Mail Submission Microsoft Exchange Mailbox Assistants Microsoft Exchange POP3 Microsoft Exchange Replication Service Microsoft Exchange Search Indexer Microsoft Exchange Service Host Microsoft Exchange System Attendant Microsoft Exchange Transport Microsoft Exchange Transport Log Search Microsoft Search (Exchange) World Wide Web Publishing Service Exchange 2000/2003 MSExchangeSA MSExchangeMGMT POP3SVC IMAP4SVC ResVC MSExchangeES W3SVC SMTPSVC MSSqlServer SQLServerAgent MSSearch (SQL 2000)/MSFteSQL (SQL 2005) MSSQLServerADHelper MSDTC MSSQLServerOLAPService MSDTSServer SQLWriter SQLBrowser (SQL 2005) SQL
3. 4. 5.
On the target, open the Failover Control Center (Start, Programs, Double-Take, Failover Control Center). Double-click the target machine that is currently standing in for the failed source to login. Highlight the failed source and click Failback. The failback script created earlier will automatically run. During failback, Windows Event Viewer and the Double-Take log record the failback events. When failback is complete, the services will be stopped on the target and the Failback Complete dialog box will appear.
Do not select Continue or Stop at this time. First, reconnect the source to the network.
6. 7. 8. 9.
After the source is available on the network, select Continue (to restart monitoring) or Stop to disable monitoring. To begin the restoration process, open the Double-Take Management Console on the target (Start, Programs, Double-Take, Management Console). Login to the source machine by double-clicking on it.
10. Right-click on the original connection (xdag01_<target server name> for Exchange, sqldag01_<target server name> for SQL, or FilePrint_<target server name> for file servers) and select Disconnect. 11. Select Tools, Restoration Manager.
88 of 106
12. Complete the appropriate fields on the Restoration Manager.

Original SourceThe source where the data originally resided. Restore FromThe target that contains the replicated data that users have been updating. Replication SetThe name of the replication set. Restore ToThe source where the data will be restored to.
13. Disable Only if backup copy is more recent. This option must be disabled because if the services were stopped on the
source after the time they were stopped on the target, the source files will have a more recent date and time and the target files will not be restored.
14. Identify the correct drive mappings for the data and any other restoration options necessary. For detailed information on
the restoration options, see the Double-Take User's Guide.

15. On the Orphans tab, select to move or delete orphan files on the source. Orphan files, such as out-dated transaction
logs, may keep the database from starting on the source. For more information about orphan files, see the Double-Take Users Guide.
16. Verify that the selections you have made are correct and click Restore. The restoration procedure time will vary
depending on the amount of data that you have to restore. When the restoration process is complete, the restoration status information will no longer appear in the right pane.
17. If you are performing a failback for an Exchange server, continue to the next section, Rehoming the Exchange objects to the source, to complete the restoration process.
If you are performing a failback for a SQL server, continue to Re-enabling protection on page 89 to complete the restoration process.
10.2.4. Rehoming the Exchange objects to the source

After the restoration is complete, you will need to run the Exchange Failover utility (exchfailover.exe) to rehome the informational store databases to the source. For more information about using the Exchange Failover utility, see Using the Exchange Failover (EFO) Utility on page 105.
1. 2.
From a command prompt on the source, run the post_restore.bat file that Application Manager automatically generated. Restart any Outlook clients so that they can access the source.
To re-establish protection of the Exchange data on the source, create a replication set, re-establish the Double-Take connection to the target, and begin failure monitoring as documented earlier in the procedure. If DNS failover was selected, the clients will have to wait for the IP cache to expire, or type in ipconfig /flushdns in a command window. This time can be adjusted by lowering the TTL (Time to Live) setting within your DNS servers configuration. For more information, refer to your DNS server documentation.
10.3 Re-enabling protection

To re-enable protection for your source, repeat the steps in Protecting an Exchange Server on page 13, Protecting a SQL Server on page 33, Protecting a File Server on page 49, or Protecting a SharePoint Server on page 62. You can click the Enable Protection button to re-enable protection for the same source/target pair.
89 of 106
Appendix A: Recommended Credentials

Double-Take Application Manager Credentials
Proper rights must be assigned to the account that is entered when the Application Manager prompts for credentials. If these credentials are not properly assigned, you will be prompted to enter alternate credentials before protection can be enabled.
1. 2. 3. 4. 5. 6.
The user must be a member of the Power Users group on the client machine. The user must be a member of both servers local Double-Take Admin group. The user must be a member of the local Administrators group on each server that will be protected. The user must have permissions to update DNS. The user must have Full Control on the WMI DNS Namespace on the source's primary DNS server. The user must be a member of the domain's DnsAdmins group where the source's primary DNS server is located. You may also need to set permissions to allow the user to manually set SPN update permissions.
In addition, you must assign permissions that are necessary to administrate the protected applications. For more information about how to assign each of these credentials, see the following sections.
Assigning the user to the Power Users group

1. 2. 3. 4. 5. 6. 7.
Select Start, Settings, Control Panel. Double-click Administrative Tools, then double-click Computer Management. In the left pane, select the Groups folder (located under Computer Management\System Tools\Local Users and
Groups\).
Right-click the Power Users group, then select All Tasks, Add to Group. Click Add. In Location, click the domain containing the users and computers you want to add, then click OK. In Name, type the name of the user you want to add to the group. If you want to validate the user or group names that you are adding, click Check Names. Click OK to close all open dialog boxes.
Assigning the user to the Double-Take Admin group

In order for the Application Manager to manage and administer Double-Take, the user running the Application Manager must be a member of both servers' local Double-Take Admin groups. By default, the members of the local Administrators group are added to the Double-Take Admin group when Double-Take is installed. Users added to the local Administrators group following the Double-Take install will need to be explicitly added. The Application Manager does not attempt to impersonate the current logged-on user for these credentials. The Application Manager will prompt the user for these credential whereby they will be cached for later use provided caching of credentials has not been disabled.
1. 2. 3. 4. 5. 6. 7. 8.
Select Start, Settings, Control Panel. Double-click Administrative Tools, then double-click Computer Management. In the left pane, select the Groups folder (located under Computer Management\System Tools\Local Users and
Groups\).
Double-click the Double-Take Admin group. To add a user to the group, click Add. Select the user to be included in the Double-Take Admin group. Click OK to return to the Local Group Properties dialog box. Click OK to return to the User Manager. Exit the User Manager.
90 of 106
Assigning the user to the local servers Administrators group

The user running the Application Manager must have access to both the servers' administrative shares and have rights to modify the SPN permissions. The target's machine account needs to be added to the source's Active Directory computer object for the purpose of updating the SPNs during failover and failback. The administrative shares are used to manage the configuration files and failover scripts on the source and target. To satisfy both of these rights, it is recommended that the user must be a member of the local Administrators group on each server (source and target). Follow these steps to add a user to the Administrators group on each server.
1. 2. 3. 4. 5. 6. 7. 8.
On the first server, select Start, Settings, Control Panel. Double-click Administrative Tools, then double-click Computer Management. In the left pane, select the Groups folder (located under Computer Management\System Tools\Local Users and
Groups\).
Right-click the Administrator group and select Properties. If the user is not already a member of the Administrators group, click Add. In Location, click the domain containing the users you want to add, then click OK. In Name, type Administrator. Click OK to close all open dialog boxes. Repeat for each additional server.
Assigning the user permission to update DNS

In order to update the source DNS records, the user must have the following permissions:

A member of the DNS Admin domain local group One of the following:

A member of the Domain Admins group for the domain in which the DNS server resides, or Full Control on each of the individual DNS records that is associated to the source (native or virtual in the case of clusters) IP and to be updated by the DFO utility.
A member of the Server Operator, at the very least, to Deny the source access to the records. The resource record security can be set through the record properties within the DNSMgmt console. The Domain Admins right surpasses all these individual rights, so this would be all that needs to be added.
NOTE:
The specified user or DNS Admin group must be designated full control on all DNS Zones, both forward and reverse, in which any of the source's DNS records reside. The Full Control must be set for this object and all child objects.
NOTE:
The Application Manager will first attempt to impersonate the current logged-on user before prompting for different credentials.
To be able to make calls to WMI without being part of the Domain Admins group, follow these steps: On the DNS Server:
1. 2. 3. 4. 5. 6. 7.
Run DCOMCNFG. Expand Component Services. Expand Computers. Right-click on My Computer and select Properties. Click the COM Security tab. Click the Edit Limits button under Access Permissions. Add the user to the list and grant them allow rights on both attributes:

Local Access Remote Access
91 of 106
8. 9.
Click OK to return to the Properties window. Click the Edit Defaults button under Access Permissions.

10. Add the user to the list and grant them allow rights on both attributes:
11. Click OK to return to the Properties window. 12. Click the Edit Limits button under Launch and Activation Permissions. 13. Add the user to the list and grant them allow rights on all attributes:

Local Launch Remote Launch Local Activation Remote Activation
14. Click OK to return to the Properties window. 15. Click the Edit Defaults button under Launch and Activation Permissions. 16. Add the user to the list and grant them allow rights on all attributes:

17. Click OK to return to the Properties window. 18. Click OK to close to the Properties window. 19. Expand DCOM Config. 20. Right-click Windows Management and Instrumentation and select Properties. 21. Select the Security tab. 22. Click the Edit button under Launch and Activation Permissions. 23. Add the user to the list and grant them allow rights on all attributes: NOTE:
Even though everyone is listed, that is for local users only. You still need to add the domain user you created.

24. Click OK to return to the Properties window. 25. Click the Customize radio button under Access Permissions. 26. Click the Edit button under Access Permissions. 27. Verify or add the user to the list and grant them allow rights on all attributes:

28. Click OK to return to the Properties window. 29. Click OK to close to the Properties window.
On the remote machine:

1. 2. 3.
Run WBEMTEST. Click the Connect button. Verify the correct namespace is listed (for example, \\DNSServerName\root\microsoftDNS).
92 of 106
4. 5. 6.
In the Credentials section, enter the user name and password. Click the Connect button. If the user has sufficient rights, the buttons located under IWbemServices will become available.
Assigning Full Control on the WMI DNS Namespace

Following validation, there will be a message stating the DNS WMI provider cannot be contacted. This is a false message because DNS Validation passed so it can be ignored. This message does not appear if the user is a member of the Domain Admin group for the domain where the DNS server resides.
1. 2. 3. 4. 5. 6. 7. 8. 9.
Click Start, Run, and type MMC. Click OK. Select File, Add/Remove Snap-in. Click Add and select WMI Control. Click Add, then click Finish. Click Close, then click OK. Right-click WMI Control and select Properties. Select the Security tab. Double-click on Root to expand the tree. Select MicrosoftDNS, then click the Security button. next step.

10. Verify that the user is in the ACL list with the following permissions. If the permissions are not assigned, proceed to the
Execute Methods Full Write Partial Write Provider Write Enable Account Remote Enable Read Security
11. Click Add, then enter the login name for the user account that will be opening Double-Take Application Manager. 12. Click OK to close all open dialog boxes. 13. Restart the Windows Management Instrumentation service.
If you need to verify that WMI is installed on the source's primary DNS server, follow these steps:
1. 2. 3.
On the source's primary DNS server (as listed in the Application Manager), verify that the %Windir%\System32\WBEM directory exists and that it contains WinMgmt.exe. Review WMI security in the WMI Control MMC (or Wbemperm.exe for earlier versions of WMI). You can access this MMC snap-in by going to Start, Run and typing wmimgmt.msc. Ensure that the DNS account that is used by the Application Manager is able to access WMI and the DNS provider namespace.
Assigning the user to the DnsAdmins group

Follow these steps to add a user to the domain DnsAdmins group.
1. 2. 3. 4. 5. 6. 7.
Select Start, Programs, Administrative Tools (Common), Active Directory Users and Computers. Right-click the DnsAdmins group and select Properties. Select the Members tab. To add a user to the group, click Add. In Location, click the domain containing the users you want to add, then click OK. In Name, type the name of the user you want to add to the group. If you want to validate the user or group names that you are adding, click Check Names. Click OK to close all open dialog boxes.
93 of 106
Manually set SPN update permissions

The Write servicePrincipalName permission on the source computer account in Active Directory must be assigned to the account that will modify the SPNs. This is an advanced permission and assigning either of the more general Write or Full Control permissions, which are assigned to Domain Admins by default, which would also be adequate. The permission must be assigned to one of the following:

The target's Double-Take service logon account. If the target's Double-Take service is configured to log on as the System account, the target's Active Directory computer account should be assigned the permissions The account specified in the failover monitor configuration. Start Active Directory Users and Computers. Select View, Advanced. Locate the source's computer account. Right-click on the source computer account and select Properties. Select the Security tab and click the Advanced button. If the account or group you want to add is not listed, click Add to add it. Select the account or group and click View/Edit. Select the Properties tab and check Write servicePrincipalName. Click OK to accept the change.
Use the following procedure to assign the Write servicePrincipalName permission to a user or group:
1. 2. 3. 4. 5. 6. 7. 8. 9.
Exchange Credentials
Proper rights must be assigned to the account that is entered when the Application Manager prompts for credentials. If these credentials are not properly assigned, you will be prompted to enter alternate credentials before protection can be enabled. For Exchange, you must first configure all permissions as described in Double-Take Application Manager Credentials on page 90. In addition, the user must be an Exchange Full Administrator. In order to operate the Application Manager for setup and to manage failover and failback for Exchange, the following permissions are required:
The user running the Application Manager must have rights to manage Exchange in order to query and modify the Exchange Active Directory objects. The Configuration Container resides in the root of the Active Directory forest and contains the Exchange organizational objects. The user running the Application Manager must be an Exchange full administrator at the organizational level, as delegated via the Exchange System Manager at the user level or have delegated rights via the Application Manager delegate rights control. The Application Manager will first attempt to impersonate the current logged-on user before prompting for different credentials.
NOTE:
To clarify, currently rights must be delegated to a specific user and not the group the user belongs to in order for the Application Manager to recognize them.
If Exchange is clustered, the user running the Application Manager must be a member of the Cluster Administrators and local Administrator group for each of the source and target cluster nodes.
Assigning Exchange Full Administrator permission

The user account being used for Double-Take Application Manager cannot be nested in a group under the Exchange Organization that had Exchange Full Admin permissions. Remove the user account from the nested group or explicitly add the user account as an Exchange Full Admin in the Exchange System Manager.
1. 2. 3. 4. 5.
Select Start, Programs, Microsoft Exchange, System Manager. Right-click on the organization name (at the top of the tree) and select Delegate Control. The Exchange Delegation Tool will open. Click Next. If the user is not listed as Exchange Full Administrator under Users of Groups, click Add. You must explicitly add the domain users login name as an Exchange Full Administrator. Click Next to continue.
94 of 106
6.
Click Finish to exit. If the user account being used for Double-Take Application Manager was previously nested in a group, you will need to follow these instructions to explicitly add the user account as an Exchange Full Admin in the Exchange System Manager. Then, in Double-Take Application Manager, select Tools, Option. In the Options dialog box, click the Clear Cached Credentials button. Restart the Application Manager and enter the new credentials.
NOTE:
Delegating Exchange administrative rights

To assign Exchange administrative rights to a user through the Double-Take Application Manager, select Tools, Delegate
Rights. The Delegate Rights dialog box will appear.
The Domain will be populated automatically with the domain where the Application Manager client resides. In the Username field, enter the user name for the account that needs to be assigned Exchange administrative rights. If the currently logged-on user does not have sufficient rights to assign Exchange administrative rights, select the Use credentials checkbox, then enter the appropriate values for a user who does have sufficient permissions to assign these rights in the Domain, Username, and Password fields.
NOTE:
The domain entered on the Delegate Rights dialog box must be the DNS domain name; you cannot use the NetBIOS domain name. For a description of the specific rights that are delegated to Exchange administrators, see Microsoft Knowledge Base article 823018, available at http://support.microsoft.com/kb/823018
SQL Credentials
Proper rights must be assigned to the account that is entered when the Application Manager prompts for credentials. If these credentials are not properly assigned, you will be prompted to enter alternate credentials before protection can be enabled For SQL, you should first configure all permissions as described in Double-Take Application Manager Credentials on page 90. In addition, the user must have SQL Server System Administrator permission. In order to operate the Application Manager for setup and to manage failover and failback for SQL, the following permissions are required:

The user must be assigned the System Administrator role on the SQL server in order to query and Administer SQL. If the SQL Server service is not using the same domain user account on the source and target servers, the SQL Service Principal Names (SPNs) of the source and target servers must be modified.
NOTE:
The Application Manager will fix this during validation granting permission to the local system account on the target. For more information, see Manually set SPN update permissions on page 94.
95 of 106
Assigning SQL Server System Administrators permission

The user must be assigned the System Administrator role on the SQL server.
1. 2. 3. 4. 5. 6. 7. 8.
Start SQL Server Enterprise Manager (SQL Server 2000) or SQL Server Management Studio (SQL 2005). Expand the Security folder under the server. Select Logins. Create a login for the user, if one does not already exist. Select Server Roles. Double-click the System Administrators (SQL Server 2000) or sysadmin (SQL Server 2005) role. Click Add, select the user, and click OK. Click OK on the Server Role Properties dialog box to save the change.
SharePoint Credentials
Proper rights must be assigned to the account that is entered when the Application Manager prompts for credentials. If these credentials are not properly assigned, you will be prompted to enter alternate credentials before protection can be enabled For SharePoint, you should first configure all permissions as described in Double-Take Application Manager Credentials on page 90. In addition, the user must have the same permissions as are required for SQL. For more information, see SQL Credentials on page 95. The source SharePoint configuration (for either standalone or farm) has an administrator account that must be specified when you are installing and configuring SharePoint. You will need to use that farm administrator account when logging into the Application Manager (domain\username). Additionally, the account you use must have local administrator (or equivalent) rights on the following servers:

Source front-end web server Source back-end SQL server Target front-end web server Target back-end SQL server
In order to extend the target web server, you will also need to add the Sharepoint administrator account to the local Domain Admin group on the target server before you extend the target web front-end server into the farm.
96 of 106
Appendix B: Rebuilding the Source

Rebuilding the original Exchange source
The following steps guide you through rebuilding a source with the same name and IP address as the original source.
1.
Install Windows on the source, if necessary, configuring it as a Windows 200x member server with the same name and IP address as the original source. Target Repaired Source
Repaired source connected to the network Windows member server with original source name and IP address
2. 3.
Reverted back to original configuration by failback
Apply any Windows 200x service packs or patches. Connect the source to the network and join the domain.
a. b. c. d. e. f.
On the source, right-click My Computer and select Properties. Select the Network Identification tab and click Properties. Under Member of, change to Domain and specify the domain name. Click OK. When you are prompted for a domain account, specify an account with permissions to add a workstation to the domain. Reboot when prompted.
4. 5. 6. 7. 8. 9.
After the source reboots, log in as the domain administrator or an equivalent account. Verify that the account has full Exchange Administrator rights. Using the Exchange CD, start the Exchange installation on the source using the following command <cd drive>:\setup\i386\setup.exe /DisasterRecovery. At the Component Selection dialog box, set the Action column to Disaster Recovery for all of the components that were originally installed on the source (before it failed). Verify that each of the components selected are installed in the same location on the source as they are on the target. If not, modify the location of each component to match the target and original source configuration. After selecting the proper components and location, click Next to continue the install. If you accepted the default installation on the original source (before it failed), set Microsoft Exchange Messaging and Collaboration Services and Microsoft Exchange System Management Tools to Disaster Recovery.
NOTE:
Because the Exchange disaster recovery installation is configured for tape backup recovery, informational messages such as the following may appear; however, they do not apply to this configuration and can be disregarded: Use Exchange Admin Snap-in to ensure that you have a valid Exchange Server Object for this server for which you are running setup in recovery mode. After setup has completed, restore your databases from backup, then reboot your machine.
During the post-installation processing, the installation may stall while trying to start the System Attendant (MSExchangeSA) service. It should take no more than a couple of minutes to start this service. If it takes longer, use the Windows Task Manager to terminate the setup process. This will not affect your ability to start services on the target after a failure.
97 of 106
10. Install any Exchange service packs or patches.
Repaired Source
Target
Repaired source connected to the network Windows member server with original source name and IP address Double-Take Exchange
11. Install Double-Take, if necessary.
Repaired Source
Target
Repaired source connected to the network Windows member server with original source name and IP address Double-Take
12. Copy the following files from the target to the Double-Take directory on the source: exchfailover.exe post_restore_<source>_<target>.bat 13. Continue the failback and restoration process.
Rebuilding the original SQL source

1. 2. 3.
Verify that your source machine is not connected to the network. If it is, disconnect it. Resolve the source machine problem that caused the failure. If you must rebuild your hard drive, complete the following.
a. b. c.
Install Windows. Since your source machine is not connected to the network, go ahead and use the sources original name and IP address. Install Double-Take using the installation defaults. Install SQL using the same drive and directory settings as were used on the original source.
4.
Continue the failback and restoration process.
98 of 106
Appendix C: Exchange and SQL Failover with Blackberry

If you are using a standalone Blackberry server with Exchange or SQL, complete the following steps so that the Blackberry server will recognize when the server that has the BESAdmin account has been failed over.
1. 2. 3. 4. 5.
Prior to failing over, shut down the Blackberry server. After failover, bring the Blackberry server back up. Open a command prompt on the Blackberry server and cd to C:\Program Files\Research In
Motion\BlackBerry Enterprise Server\Utility.
Run the command handheldcleanup m Run the command handheldcleanup u This command will prompt you for the name of the Blackberry server.
The same process should be followed when failing back.
Configuring Blackberry services for failover

To configure your Blackberry services to failover, the following Blackberry services should be added to the list of services to start/stop from the Failover tab when you configure protection.

Blackberry Alert Blackberry Attachment Service Blackberry Controller Blackberry Dispatcher Blackberry Mobile Data Service Blackberry Policy Service Blackberry Router Blackberry Synchronization Service The services you need to add may vary based on your environment.
NOTE:
99 of 106
Appendix D: Using the DNS Failover (DFO) Utility

The DNS Failover utility (dfo.exe), which is part of the Exchange Failover utility installation, can be used in the failover and failback scripts to delete and add host and reverse lookup entries so that the source host name will resolve to the target IP address. For example, the following command could be executed from a command line or included in a batch file:
c:\Program Files\DoubleTake\dfo.exe /dnssrvname dnsserver_name /srcname source_name /srcip source_ip /tarname target_name /tarip target_ip /verbose
DNS Failover Utility Command Syntax Command Description Syntax

dfo
Used in script files to failover the DNS server name

dfo [/dnssrvname <dnsservername>] [/srcname <sourceFQDN>] [/srcip <sourceip>] [/tarip <targetip>] [/tarname <targetFQDN>] [/recordtype <recordtype>] [/username <username>] [/password <password>] [/dnszone <dnszonename>] [/dnsdomain <dnsdomainname>] [/logfile <logfilename>] [/failback [fbswitch]] [/setpassword <username> <password> [machine] [file]] [/getpassword] [/lock] [/unlock] [/trustee [trusteename]] [/verbose] [/flushdns] [/machine <machineFQDN>] [/ttl <seconds>] [/addomain <ADFQDN>] [/test] [/debug] [/?] [/help ]
Options
dnsservernameThe name or IP address of the source domain/zone's primary DNS server
(optional; local machine name used if missing)

sourceFQDNThe source machine's Fully Qualified Domain Name (required for modify) sourceipThe source machine's IP address (required for modify) targetipThe target machine's IP address (required for modify) targetFQDNThe target machine's Fully Qualified Domain Name (required for modify on
failback)
recordtypeThe type of DNS resource records to modify or list (optional). Values can be: ALL (default), MSEXCHANGE, A, CNAME, MX, PTR, STD, or STANDARD. STD and STANDARD are used
to specify a non-Exchange record (minus the MX records).

usernameThe user account's domain name (optional; the account running the program is used
if missing)

passwordThe user account's password (optional) machineThe machine that the DFO utility will run on when it runs with /getpassword. In effect, this parameter locks the credentials for use by a particular machine. fileNew location for the credentials file. By default, the credientials file is stored as dfo_credentials.dat in the current working directory dnszonenameThe name of the DNS zone or DNS container, used to refine queries (optional) dnsdomainnameThe name of the DNS domain, used to refine queries (optional) logfilenameThe name of the log file (optional)

100 of 106
Options (continued)
/failbackDenotes a failback procedure, performed after a failed source is recovered or restored (required for modify on failback) fbswitch (optional)By default, the DFO utility will only failback records in the dfo_failback_config.dat file. fbswitch allows you to enter a search criteria to identify the records to change back, even if they are not in the configuration file. fbswitch is also used if the dfo_failback_config.dat file is missing /lockAllows Active Directory locking for the A type record of the source specified without
modifying the record

/unlockAllows Active Directory unlocking for the A type record of the source specified without modifying the record trusteenameThe domain account for the source server machine (domain\machine$). DFO attempts to deny write permissions to the DNS A record on failover for the account identified as the trustee. Deny write permissions is then removed from the DNS A record on failback. This keeps the source server from reclaiming its DNS A record if it comes back online prior to failback. You can enter multiple /trustee switches (for example, /trustee administrator /trustee user). /verboseLogging and display level set to maximum detail (optional) /FLUSHDNS /machine [machine_FQDN])Run the ipconfig /flushdns command to flush

the DNS cache on the specified machine (remote or local (.))

/TTLUpdate the TTL value of all modified records secondsThe number update interval for the TTL (in seconds) /addomain <ADFQDN> (optional)The name of the Active Directory domain where the source A Type records object is stored. This is used if the Active Directory Domain location of the DNS record object is different than the DNS domain name location for that object. The DFO utility will attempt to locate the Active Directory record object for locking (see the trusteename for more information), but if the DFO utility is unable to determine the location of the Active Directory object, it will use the ADFQDN location if specified. /testTest mode. Modifications are not actually made, just listed (optional) /debugForces DFO to write the DNS resource record as-is to the dfolog.log file prior to any DFO modify or list activity /?Displays the syntax of the DNS Failover utility /helpDisplays the syntax of the DNS Failover utility /setpasswordNOTE: This function must be run separate from a modify or list activity. /setpassword is designed to allow the user to store a username/password pairing in an encrypted file for later use. (optional, but required if /getpassword will be used) /getpasswordOnce a username/password pair has been encrypted and stored using /setpassword, this command can be used at the command line to retrieve the password

Password Encryption
associated with a specific username. It is designed to avoid storing passwords in clear text. (optional) General Examples
dfo /dnssrvname mydns.mydomain.com /srcname mysource.mydomain.com /srcip 206.31.4.10 /verbose
Lists all resource records on the specified DNS server that match the source criteria
dfo /dnssrvname mydns.mydomain.com /srcname mysource.mydomain.com /srcip 206.31.4.10 /tarip 210.11.12.13 /verbose
Modifies all resource records on the specified DNS server that match the source criteria, using the credentials of the account running the program to connect to the DNS server
dfo /dnssrvname mydns.mydomain.com /srcname hasource.hadomain.com /srcip 210.11.12.13 /tarname mysource.mydomain.com /tarip 206.31.4.10 /failback /verbose
Modifies (fails back) all resource records on the specified DNS server that were changed on failover
dfo /dnssrvname mydnsserver.mydomain.com /srcname mysource.mydomain.com /srcip 206.31.4.10 /tarip 210.11.12.13 /username mydomain.com\admin /password pword /verbose
Modifies all resource records on the specified DNS server that match the source criteria, using the username and password to connect to the DNS server
101 of 106
Password Encryption Examples
dfo /setpassword mydomain.com\admin mypassword
Stores the username (mydomain.com\admin) and password (mypassword) in the default credentials file (dfo_credentials.dat)
dfo /dnssrvname mydnsserver.mydomain.com /srcname mysource.mydomain.com /srcip 206.31.4.10 /tarip 210.11.12.13 /username mydomain.com\admin /getpassword /verbose
Modifies all resource records on the specified DNS server that match the source criteria, using the username and /getpassword to retrieve the correct password for connecting to the DNS server
102 of 106
Appendix E: Using the Target Data Verification (TDV) Utility

There are several options available in the Target Data Verification utility for performing a verification of the target data. The functions in this utility allow you to use a command line interface to perform the same target data verification tests that you can using the Application Manager interface. These options and the full command syntax are described in the following table. Target Data Verification Utility Command Syntax Command Description Syntax tdv Used to run a test that verifies that the database on the target is viable for failover. tdv </dnsdomain <domainname>> </srcname <source>> </tarname <target>> [/username <username>] [/password <password>] </svc <APP|ALL>> [/scriptpost <postonline>] [/scriptpre <prerestore>] </srcexchver <2003|2007>> </tarexchver <2003|2007>> [/interactive] [/?] | [/help]

Options
/dnsdomain domainnameThe name of the domain /srcname sourceThe source machine name /tarname targetThe target machine name /username usernameThe user name associated with the domain account (optional; the
account running the Application Manager is used if missing)

/password password (optional)The password associated with the user account
/svc [APP|ALL] (optional)

APP indicates to start only the core application services ALL indicates to run all of the services selected on the Failover tab
/scriptpost postonline (optional)The script to run when the target is online. If there are spaces in the file name, enclose the script path in quotation marks. /scriptpre prerestore (optional)The script to run before restoring to normal protection /srcexchver srcexchverThe version of Exchange running on the source server /tarexchver tarexchverThe version of Exchange running on the target server /interactiveRuns the Target Data Verification utility in user-interactive mode.

You will be prompted to press any key to continue before the test is started Once drives are mounted, you will be prompted to press any key to continue to restore the target to the pre-test stage.

/?Display this help message /helpDisplay this help message
103 of 106
Examples
TDV.exe /dnsdomain MYDOMAIN.dc /srcname SRCEXCH /tarname TGTEXCH /svc APP /srcexchver 2003 /tarexchver 2003 TDV.exe /dnsdomain MYDOMAIN.dc /srcname SRCEXCH /tarname TGTEXCH /svc APP /srcexchver 2007 /tarexchver 2007 /interactive TDV.exe /dnsdomain MYDOMAIN.dc /srcname SRCEXCH /tarname TGTEXCH /svc ALL /srcexchver 2003 /tarexchver 2003 TDV.exe /dnsdomain MYDOMAIN.dc /srcname SRCEXCH /tarname TGTEXCH /svc APP /srcexchver 2003 /tarexchver 2003 /username MYDOMAIN /testuser /password myPassword TDV.exe /dnsdomain MYDOMAIN.dc /srcname SRCEXCH /tarname TGTEXCH /svc APP /srcexchver 2003 /tarexchver 2003 /scriptpost moveUserSrctoTgt.vbs /scriptpre moveUserTgttoSrc.vbs
104 of 106
Appendix F: Using the Exchange Failover (EFO) Utility

There are several options available in the Exchange Failover utility for configuring Exchange for failover and failback. These options and the full command syntax are described in the following table. Exchange Failover Utility Command Syntax Command Description Syntax exchfailover Used in script files to failover Exchange data EXCHFAILOVER {-FAILOVER , -FAILBACK} -s <source> -t <target> [-l <log_filename>] [-norus] [-nospn] [-nooab] [-o <options_filename>] [-r [<source_group>] [,<source_mail_store>][:[<target_group>] [,<target_mail_store>]]] [-setup] [-test] [-legacy] [-u <username>:<password>][-?[?]] [-nopublicfolders] [-onlypublicfolders] [-noexchangeab] [-noquerybaseddistgroups] [-movehostspn] [-noADreplication] [-noRM] [-noRGconnectors] [-virtual <new ip>] [-dc <DC name:ip>] [-maxRepWait <wait time>]

Options
FAILOVERThe Exchange data will be moved from the source to the target during failover FAILBACKThe Exchange data will be moved from the target to the source during failback s sourceThe name of the original source server t targetThe name of the original target server l log_filename(Optional) The name of the log file name. By default, the log file is ExchFailover.log and is stored in the directory containing the exchfailover.exe file. If this
name is changed, the DTInfo utility will not be able to locate this file which could impede assistance through Technical Support.

norus(Optional) Do not change the Recipient Update Service nospn(Optional) Do not change the Service Principal Name nooab(Optional) Do not change the siteFolderServer for the offline address book o options_filename(Optional) Allows you to pass in a file containing the options for the
Exchange Failover utility

r(Optional) By itself, this option creates a one-to-one mapping of the groups and mail stores
from the source to the target

r source_group:target_group(Optional) The r option with the group names will direct the
source group name specified to the target group name specified

r source_group, source_mail_store:target_group, source_mail_store(Optional) The r option with all of the r options will direct the source group name and mail store specified to the target
group name and mail store specified

setup(Optional) Allows you to set the overwrite database on restore flag without completing user moves or RUS and folder updates. If the -setup switch is not supplied, the utility still sets
the overwrite database on restore flag, but the other work is performed also.
test(Optional) Test mode that does not change the Exchange configuration in Active Directory legacy(Optional) In certain environments that have been upgraded from Exchange 5.5, this switch will prevent failover from causing issues with Active Directory due to clients (for example, ESM) that expect an Exchange 5.5-based Active Directory syntax for a users home server setting
106
105 of 106
Options (continued)

u username:password(Optional) User with Active Directory permissions nopublicfolders(Optional) Do not move the public folders onlypublicfolders(Optional) Only move the public folders noexchangeab(Optional) Do not fail back the ExchangeAB SPNs for Small Business Server noquerybaseddistgroups(Optional) Do not update the Active Directory properties for
query-based distribution groups on failover/back.

movehostspn(Optional) Move the HOST SPN to/from the target instead of removing/adding it
on the source

noADreplication(Optional) Do not force Active Directory replication of changes noRM(Optional) Do not change the Routing Master noRGconnectors(Optional) Do not change the Routing Group connectors virtual new ip(Optional) Update the addresses stored for HTTP, IMAP, and other virtual protocols to point to the target sever. (for like-named cluster failover) dc DC name:ip(Optional) Specifies name or IP address of domain controller to update maxRepWait wait time(Optional) Maximum number of minutes to wait for Active Directory replication to complete before continuing on with the failover/back process. The default value is 30 minutes. NOTE: if -noAdReplication is enabled, the maxRepWait option will be ignored. ?Displays the syntax of the Exchange Failover utility

??Displays the syntax of the Exchange Failover utility along with brief descriptions of each option
exchfailover -failover -s exchfailover -failover -s exchfailover -failover -s exchfailover -failover -s Inside:Indy_Sales, Inside exchfailover -failover -s -u administrator:password exchfailover -failover -s Indy -t ExchSrvr_Bkup Indy -t ExchSrvr_Bkup -r Indy -t ExchSrvr_Bkup -r Sales:Indy_Sales Indy -t ExchSrvr_Bkup -r Sales, -r Sales, Outside:Indy_Sales, Outside Indy -t ExchSrvr_Bkup -r Sales:Indy_Sales -norus Indy -t ExchSrvr_Bkup -o options_file.txt
Examples

Notes
When using the -failback option, the source-related options pertain to your original source or what will become the new source, if the original source had to be replaced. The target-related options pertain to the target that is currently standing in for the source. The password specified with the -u option is the only case-sensitive option in this command.
106
106 of 106

DTAM5002919 Users Guide

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

DTAM5002919 Users Guide

Uploaded by

Copyright:

Available Formats

Double-Take Application Manager Users Guide

Double-Take Support for Application Failover

1.3 Requirements ....................................................................................................................................................4

1.4 Related documentation ...................................................................................................................................7

Chapter 2: Navigating the user interface ............................................................8

Chapter 3: Protecting an Exchange Server ......................................................13

3.8 Connection settings ...................................................................................................................................... 22

3.9 Advanced settings .......................................................................................................................................... 24

3.10 Saving configuration changes .................................................................................................................... 27

Chapter 4: Protecting an Exchange Cluster with a Like-Named Cluster .....28

Chapter 5: Protecting a SQL Server .................................................................33

5.7 Connection settings ...................................................................................................................................... 42

5.8 Advanced settings .......................................................................................................................................... 46

5.9 Saving configuration changes ...................................................................................................................... 48

Chapter 6: Protecting a File Server ...................................................................49

6.7 Connection settings ...................................................................................................................................... 57

6.8 Advanced settings .......................................................................................................................................... 59

6.9 Saving configuration changes ...................................................................................................................... 61

Chapter 7: Protecting a SharePoint Server ......................................................62

7.9 Connection settings ...................................................................................................................................... 72

7.10 Advanced settings ....................................................................................................................................... 73

9.4 Verify target data viability (Exchange only) ............................................................................................. 82

Chapter 10: Failover, Failback, and Restoration ..............................................85

10.2 Identity failover, failback, and restoration ............................................................................................. 87

10.3 Re-enabling protection .............................................................................................................................. 89

Appendix A: Recommended Credentials.......................................................... 90

Appendix B: Rebuilding the Source ................................................................... 97

Appendix C: Exchange and SQL Failover with Blackberry ............................. 99

1.1 About the Double-Take Application Manager

1.2 Supported configurations

Using the Double-Take Application Manager with Exchange in clustered environments

Using the Double-Take Application Manager with SQL in clustered environments

1.2.4. File server

Windows 2003 Yes No No No

Microsoft Windows 2000 Service Pack 4 or later Microsoft Windows 2003

Two licensed copies of Double-Take version 4.4.2 or later

A copy of the most recent version of the Double-Take Application Manager

1.3.1. Exchange Manager requirements

Exchange Server 2000 with Service Pack 3 or later

Cluster protection is not supported for Exchange 2000.

Exchange Server 2003

1.3.2. SQL Manager requirements

1.3.3. File server requirements

Two licensed copies of Double-Take version 4.5.2 or later

1.3.4. SharePoint requirements

1.4 Related documentation

1.4.1. Users guide

1.4.2. Application notes

1.4.3. Readme files

Navigating the user interface

2.1 Install the Double-Take Application Manager

2.2 Start the Double-Take Application Manager

2.3 Menu options

exchfailover.exe utility on the source server.

utility on the target server.

product updates or access the Double-Take Software website.

2.4 Changing Double-Take Application Manager preferences

2.5 Using the online help

Protecting an Exchange Server

(Optional) Configure protection settings on page 16

10. Validate the Configuration on page 78

3.2 Verify the Exchange environment (recommended)

3.3 Select a task

3.4 Select a domain