There is a free script called ghettoVCB.sh that does the trick.

The script allows you to backup live virtual machines and also maintains only a selected number of snapshots that you would like to keep. Check it out!

Related posts:

1. How to Backup and Restore Active Directory
2. Using APC PowerChute with VMWare ESX
3. Using Rsync in VMWare
4. Active Directory Audit Script
5. Exchange 2007 Recreate OWA folders

This event ID will contain the following message:

ERRORS:
Two server roles at FQDN [server.domain.com] have different ‘Treat As Authenticated’ options. First server has GUID {58BDE507-1C48-4BA4-BCDF-06FB59ADF9CE} and role ‘Enterprise Edition’ (option is set). Second server has GUID {BD77F03B-4451-4171-A035-FC7FB264383D} and role ‘A/V Authentication Service’ (option is not set). Two server roles at FQDN [server.domain.com] have different server version numbers. First server has GUID {58BDE507-1C48-4BA4-BCDF-06FB59ADF9CE} and role ‘Enterprise Edition’ (version 3). Second server has GUID {BD77F03B-4451-4171-A035-FC7FB264383D} and role ‘A/V Authentication Service’ (version 0). Two server roles at FQDN [server.domain.com] have different ‘Treat As Authenticated’ options. First server has GUID {58BDE507-1C48-4BA4-BCDF-06FB59ADF9CE} and role ‘Enterprise Edition’ (option is set). Second server has GUID {1719A023-DDB4-5170-836D-3299D4F067C6} and role ‘Edge Server’ (option is not set). Two server roles at FQDN [server.domain.com] have different server version numbers. First server has GUID {58BDE507-1C48-4BA4-BCDF-06FB59ADF9CE} and role ‘Enterprise Edition’ (version 3). Second server has GUID {1719A023-DDB4-5170-836D-3299D4F067C6} and role ‘Edge Server’ (version 0).

WARNINGS:
No warnings

Cause: The configuration is invalid and the server might not behave as expected.
Resolution:
Review and correct the errors listed above, then restart the service. You also wish to review any warnings present.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

 

This error can be misleading. The primary reason you see this error is simple – You have had a previous installation of OCS in the domain and there are still a few entries in Active Directory that haven’t been cleaned up even though you did a clean uninstall of OCS.

This is what you need to do to fix the error:

Please Remember – You are following the instructions below at your own risk.

Open up adsiedit.msc and browse to the system configuration partition under Domain –> DC=domain,DC=com –> System –> Microsoft –> RTC Service.

NOTE: This is safe to perform only if you do not have a current working installation of OCS in your domain or forest.

Select and delete everything under this key.

Now go ahead and run the setup again (you will have to run the forest prep again) and you will be all set!

Related posts:

1. KB974571 and OCS 2007
2. A Certificate could not be found that can be used with this Extensible Authentication Protocol
3. How to Backup and Restore Active Directory
4. Setting up Split Brain DNS in Windows Server 2003
5. Error: RewriteEngine not allowed here

The problem with installing a standard Linux package into VMWare ESX is that it will almost certainly mean that you go down the path of installing a whole bunch of dependencies along with it and eventually something might stop working. The best way around this, obviously, is to compile a static package from source with all dependencies included.

Thus, searching around the internet, I found this rsync package that was statically compiled to work on VMWare ESX 3.5. on the VMWare communities page here. I have used it and found it to work without any issues on VMWare ESX 4.0.

Please remember – this is not supported and if you decide to use this, you do so at your own risk.

Related posts:

1. Script to Hot Backup VMWare ESX Virtual Machines
2. Using APC PowerChute with VMWare ESX
3. The WinRoute tool

Here is the Microsoft KB article about this error.

Let me know if you have installed this patch and are able to run your OCS 2007 server without issues.

Related posts:

1. OCS 2007 Protocol Stack Error Event ID 14517 When Starting Services
2. The WinRoute tool
3. Exchange 2007 Recreate OWA folders
4. A Certificate could not be found that can be used with this Extensible Authentication Protocol

Here is my mini how to – I have tried to keep it as simple as possible:

Backing Up Active Directory

Active Directory depends on the system state and the NTDS database among other things. So it is important to back these up on your domain controller. It is critically important to ensure that the system state data on a domain controller is backed up regularly since this contains all the core system files that are required to run a domain controller. Manually selecting what needs to be backed up will be extremely complicated and could be error prone – stay away from that path – just backup the entire system state.

What needs to be backed up? – System State

What kind of Backup needs to be run? – Full backup of the system state.

How often is good enough? – Daily – You will thank me for this

Restoring Active Directory (for experts who just need the short version)

There are two types of restores:

1. Normal Restore – This was also called the Non-Authoritative restore. This is generally performed when you need to restore a domain controller that has failed and there are other domain controllers on the domain. Another option would be to just reinstall the domain controller, clean up the AD metadata of all references to the failed DC and then promote the new server to a DC and replicate. If you are in a situation where you cannot do that, to perform a normal (or Non-Authoritative restore) you would:

a. Boot the domain controller into the Domain Services Restore Mode .

b. Restore system state

c. Reboot into the normal mode.

d. Replicate from other domain controllers.

2. Authoritative Restore – This would be performed in cases where you make a mistake like, say, delete an OU. In this case, a normal restore would not help since the OU that you just restored would get deleted again when you replicate changes with other domain controllers. An authoritative restore would help you undo a big mistake by ensuring that you are taken back to a working copy of AD. However, changes that you made since the last full backup would be lost. (So run your full backups daily!). To perform an authoritative restore:

a. Perform a normal restore.

b. Don’t reboot after the restore.

c. Use ntdsutil to get into the authoritative restore mode.

d. Specify if you want to mark the entire database or just a subtree as authoritative.

e. Quit the utility and reboot the server

3. Primary Restore – This restore is only used when you have a major disaster (read complete meltdown) and you have no working domain controllers. In such a case, you will have restore the entire domain from backups. The working process is very similar to the Normal Restore procedure mentioned above. This is how you would do it:

a. Boot the domain controller into the Domain Services Restore Mode .

b. Restore system state – ensure that the advanced option ‘Mark the restored data as the primary data for all replicas’ is checked.

c. Reboot into the normal mode.

Restoring Active Directory (for the rest of us)

1. Normal Restore – Here’s the step by step.

a. Reboot Server

b. During startup press F8 and choose, ‘Directory Services Restore Mode (Windows DCs only)

c. Choose the OS to be started, hit enter.

d. Hit OK at the Safe Mode login.

e. Open up the NTBackup utility.

f. Click next on the welcome page.

g. Select ‘Restore Files and Settings’ from the backup or restore page. Click Next.

h. Choose the backup you want to restore from the ‘What to restore’ page. Click Next.

i. Click Finish to start the restore. (Advanced options are best left untouched for a normal restore unless you want to save the backup elsewhere.)

j. Reboot server.

2. Authoritative Restore –

a. Perform a normal restore as mentioned before.

b. Do not reboot server after the restore.

c. Click on start -> run -> type ntdsutil.

d. Now type ‘authoritative restore’

e. Now specify the components you want to make authoritative. Enter either ‘restore database’ or ‘restore subtree’ along with the DN of the AD object you want to make authoritative.

f. Confirm your actions when prompted.

g. Type quit until the utility exits.

h. Reboot server.

3. Primary Restore –

a. Reboot Server

b. During startup press F8 and choose, ‘Directory Services Restore Mode (Windows DCs only)

c. Choose the OS to be started, hit enter.

d. Hit OK at the Safe Mode login.

e. Open up the NTBackup utility.

f. Click next on the welcome page.

g. Select ‘Restore Files and Settings’ from the backup or restore page. Click Next.

h. Choose the backup you want to restore from the ‘What to restore’ page. Click Next.

i. Click Advanced.

j. Ensure that on the ‘Where to Restore’ page, the default setting ‘Original Location’ is selected. Click Next.

k. On the How to Restore page, ensure that ‘Replace existing files’ is selected. Click Next.

l. On the Advanced Restore Options page – enable the ‘When restoring replicated data sets, mark the restored data as the primary data for all replicas’ option. Click Next.

m. Click Finish to start the primary restore.

n. Reboot server.

o. Go to sleep

PS: As always, please exercise due diligence when using the instructions in a live environment. Kindly do not blame me if something doesn’t work if Microsoft decides to change their code.

Related posts:

1. Setting up Split Brain DNS in Windows Server 2003
2. Active Directory Audit Script
3. Get list of machines by OS type from Active Directory
4. Script to Hot Backup VMWare ESX Virtual Machines
5. Active Directory Password Expiry Reminder Email