Carl

Using wbadmin, you can back up everything, including Exchange, to the RD1000.
If you tell wbadmin to back up to the target drive directly, e.g E:, it will want to reformat the disk every time and therefore only allow one backup on the disk, and it will prompt you to allow the format, even if you gave the parameter -quiet. So instead we share the RD1000 and use a script like this:

@echo off
set Logfile="c:\network shares\company\Backup Log.txt"
rem Should be called with backup name as parameter, backup will be stored in that backup name's folder.
echo. >>%logfile%
Echo ***** Backup starting at %date% on %time% >>%logfile%
Echo Creating Backup Directory at \\server\rd1000\%* >>%logfile%
if not exist "\\server\rd1000\%*" md "\\server\rd1000\%*" >>%logfile%
Echo. >>%logfile%
Echo ***** Starting Data and System files backup >>%logfile%
wbadmin start backup -backuptarget:"\\server\rd1000\%*" -include:c: -quiet >>%logfile%
Echo. >>%logfile%
Echo ***** Starting Exchange Server Backup >>%logfile%
del "C:\Users\Administrator\AppData\Local\Microsoft\Windows NT\NTBackup\data\*.log"
ntbackup backup "@C:\Users\Administrator\AppData\Local\Microsoft\Windows NT\NTBackup\data\Exchange.bks" /a /d "Exchange Server" /v:no /r:no /rs:no /hc:off /m normal /j "Exchange Server" /l:s /f "\\server\rd1000\%*\Exchange Server.bkf"
type "C:\Users\Administrator\AppData\Local\Microsoft\Windows NT\NTBackup\data\*.log" >>%logfile%
echo. >>%logfile%
echo ***** Starting IRIS backup >>%logfile%
sqlcmd -S SERVER\IRISPRACTICE -Q "BACKUP DATABASE [IRIS] TO DISK = N'\\server\rd1000\%*\IRIS-FUll Backup.bak' WITH NOFORMAT, INIT, NAME = N'IRIS-Full Database Backup', SKIP, NOREWIND, NOUNLOAD, STATS = 10" >>%logfile%

Save the script as c:\dobackup.cmd , and call as “c:\dobackup Daily Backup” or “C:\dobackup Monday” with the Task Scheduler. Obviously make sure there is enough space on your RD1000 for five backups. If not, alter the script or just call it with “Set1″ and “Set2″ instead of Monday, Tuesday, Wednesday etc.

Although it looks like there is nothing there to say “Back up the Exchange IS”, there is an “Application” entry for Exchange in the registry under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WindowsServerBackup\Application Support\{76fe1ac4-15f7-4bcd-987e-8e1acb462fb7} , and the output of the backup says “Running consistency check for application Exchange.” This confirms Microsoft’s documentation that SBS’ version of Windows Server Backup does indeed back up Exchange.

Because I am a wuss, and I have no faith, I am also doing an NTBackup of the Exchange IS to a file on the disk. The NTBackup files that you will need to run NTBackup on SBS 2008 can be found here. Extract them to C:\Windows, because there is a VSSAPI.DLL in Windows\System32 that NTBackup doesn’t like. If you extract the files to \Windows, ntbackup will use the VSSAPI.DLL in its own directory.

This is such a simple thing that nobody would ever consider writing a blog entry or howto about it, right? The thing is though, I frequently see IT support technicians using Windows Explorer, clicking through into the user’s temp folder, highlighting everything and attempting to delete. They are interrupted (and the process aborted) by a message stating that a particular file was in use and could not be deleted, so they de-select that one file, and try again. Some more files are deleted but once again they are interrupted and told that another file couldn’t be deleted. They de-select that file and try again. This can go on for ages..

Here’s how to do it properly.

Go to a command prompt (Start -> Run -> cmd [enter])

At the command prompt type:

cd %tmp%

and press enter. This will change you into the current user’s temp directory.

Then type:

rd /s .

(that’s rd space slash-S space dot)

then press enter. Don’t forget the . at the end. This means “remove the current directory and all subdirectories, including all files.”

What will happen is that the contents of the temp directory and all subdirectories will be removed, but not the temp directory itself, because you are currently working in that directory (via the CD command) and therefore it can’t be deleted.

You’ll receive access denied messages for all in-use files, plus the temp directory itself. That’s fine. Those access denied messages would have been showstoppers if you were using Windows Explorer.

The above is clearing out the current user’s temp directory, which is located within that user’s profile directory (Documents and Settings\username). To clear out the system temp directory, which is located under the Windows directory, type:

cd %windir%\temp

and press enter. This will change you into the Windows temp directory.

Then just like before, type:

rd /s .

All done! You can type “exit” to close the command prompt.

Internet Explorer 7 / 8 appear broken. Error pages such as “Certificate Error” do not display full information, lots of script errors, “more information” gives blank information, can’t click “continue” on certificate error pages (which means you can’t accept a self-signed cert).

Fix: (download subinacl first).

subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=administrators=f
subinacl /subkeyreg HKEY_CURRENT_USER /grant=administrators=f
subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=administrators=f
subinacl /subdirectories C:\ /grant=administrators=f
subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=system=f
subinacl /subkeyreg HKEY_CURRENT_USER /grant=system=f
subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=system=f
subinacl /subdirectories C:\ /grant=system=f

This is the second time I have encountered this now. Both sites were completely unrelated and had different IT admins. In each case, for whatever reason EAS was not working, probably due to SSL problem or IP address restrictions, but in trying to fix the problem, the IT person left the machine with ExchangeVdir set to /exchange-oma, but no such virtual directory in IIS.
To fix, I simply removed the ExchangeVdir registry entry, but according to MS KB article 817379, on SBS 2003 the key should indeed be set, and a virtual directory should exist called exchange-oma. Therefore, it seems that the IT person is doing the re-build of Exchange IIS virtual directories (as per the well known MS KB article where you do the metabase edit), but the re-build does not create the SBS-only non-standard exchange-oma directory. I am guessing that the CEICW recreates the exchange-oma virtual directory, otherwise it must be manually created as per kb817379.

In any case, this is something to look for when EAS does not work. The IIS logfiles show the requests for /exchange-oma, which does not exist.

The key issue here is that in attempting to fix a problem, the IT person compounds the problem with exactly the same symptoms but a totally different cause. They probably then move on and fix the initial cause of the problem, but it still doesn’t work because they just goofed up the ExchangeVdir stuff.

If the machine already has SQL Server or SQL Express on there, the BPS installer will not automatically create an SQL instance. You can either use an existing instance (i.e. tell the installer to create the Blackberry database on the SERVER\SHAREPOINT instance), which may confuse other sysadmins later and result in accidental removal of the Blackberry database, or you can install SQL 2005 Express yourself manually, which is what I do. It’s in the tools folder after you have extracted the BPS archive. Deselect “Hide Advanced Configuration Options” during the SQLEXPR install, and name the instance something useful like “BLACKBERRY”. You do not need User-Instances enabled.

Here’s the quick setup guide that I wrote after watching the videos. The written install guide is rotten. It makes a simple process look so tough:

Add user BPSAdmin, create Exchange mailbox.
Add to group Administrators (if you forget this you’ll know about it later when you’re unable to logon to the server locally as BPSAdmin).

Active Directory Users & Computers -> View -> Advanced Features
Domain Properties -> Security -> Advanced -> Add BPSAdmin -> Apply onto: User Objects -> Send As

Regedit: HKCU->Software->microsoft->Exchange->ExAdmin-> New DWORD ShowSecurityPage=1
Exchange System Manager -> Right-click Org -> Delegate Control -> Next -> Add BPSAdmin -> Exchange View Only Administrator
Right-click Org -> Properties -> Security -> BPSADmin -> Allow Administer IS, Receive As, Send As.

Log off.

Log on as BPSAdmin

Start BPS setup, accept all defaults, enter the BPSAdmin password.

Set up device as usual – Options -> Advanced Options -> Enterprise Activation.
When entering the email address, use space bar instead of @ and dot.