We are excited to announce the general availability (GA) of Windows Server System State Backup to Azure with the Azure Backup agent. We previewed the direct offsite of Windows Server System State to Azure using the Azure Backup agent earlier this year. This was a key addition to Azure Backup agent’s existing capability of backing up files and folders directly to Azure. With this GA release, the Azure Backup agent has full production support for protecting Windows File Servers, Active Directory, and IIS Web servers hosted on Windows Server 2016 all the way back to Windows Server 2008 R2. Backing up your Windows Server System State to Azure gives you a simple, secure and cost-effective way of protecting Windows Servers and enabling the recovery of dynamic OS and application configuration from Azure in the event of an IT disaster.
- Flexible backup schedule and retention policy for System State
Now you can configure daily backups for System State at your preferred time directly from the Azure backup agent console. You can also set retention ranges for your daily, weekly and monthly system state backups. These options put you in control of managing your data.
- Automation at scale with PowerShell
Full PowerShell support for configuration, backup and recovery of System State so that you can automate protection of Windows Server files and configuration at scale.
Benefits of System State Backup with Azure Backup
- Comprehensive protection for Active Directory, File-Servers and IIS Web servers
System State fully encapsulates Active Directory, which is the most important database in any organization and allows for targeted domain-controller recoveries. In addition, critical cluster information of File Servers and the IIS Web Server Metabase is fully contained in the Windows System State.
- Centralized management in Azure
Once it is backed up, all information related to System State backups across your Windows Servers is available in the Azure portal. You can also configure notifications directly from the Azure portal so you get notified of a failed backup and you can take corrective steps. You can also generate reports using Microsoft Power BI.
- Cost-effective and secure offsite storage for Windows Server
With pay-as-you-go Azure storage, Azure Backup eliminates on-premises infrastructure by directly backing up your Windows Server System State to Azure. Azure Backup also encrypts your backups at the source using a key that only you have access to. Additionally, enhanced security features built into Azure Backup ensure that your critical system state backups remain secure from ransomware, corruptions, and deletions.
- Free restores
With Azure Backup, you can restore System State files from Azure without any egress charges.
Follow the four simple steps below to start protecting Windows Servers using Azure Backup.
- Create an Azure Recovery Services Vault in the Azure portal
- Download the latest version of the Azure Backup Agent to your on-premises Windows Servers from the Azure Portal
- Install and Register the Agent to your Recovery Services Vault in Azure
- Start protecting Windows Server System State and other Files and Folders directly to Azure!
Related links and additional content
In Windows 2008 R2, users have the ability to change their DPI settings. When users change their DPI settings, they have to logoff and login again before the new settings are live. But….what if you’re using mandatory profiles. When the users logs off, the profile is unloaded and the settings are also gone!! The users are logging in again, and the new and “clean” mandatory profile is loaded, whitout the DPI settings!
When you’re using RES Workspace Manager, you can save the DPI settings when the users logoff and load the settings when the users login, also when you’re using mandatory profile! By default there are three options to choose:
1.) Smaller – 100% = 96 DPI (Pixels/Dots Per Inch)
2.) Medium – 125% = 120 DPI (Pixels/Dots Per Inch)
3.) Larger – 150% = 144 DPI (Pixels/Dots Per Inch)
Use the following steps to save the DPI settings for your users.
1.) Create a new global Zero Profling setting within RES Workspace Manager
2.) Save a registry value HKEY_Current_User\Control Panel\Desktop\LogPixels
3.) Login with a mandatory profile and change your DPI settings
4.) Logoff your session (now your DPI settings are saved using RES Zero Proling)
5.) Login again with a mandatory profile and look for your DPI settings
Today I want to deploy a new virtual machine within Hyper-V (Windows 8.1 Client Hyper-V). The virtual machine was an Windows Server 2008 R2 machine. After hitting the “Start” button, I received an error message:
“Boot Failed. EFI SCSI Device. Failed Secure Boot Verification”.
The reason for this error was the new Generation 2 VM. I’ve created a new Generaion 2 (Gen2) VM for Windows Server 2008 R2, but it supports only Windows Server 2012 and Windows 8 or higher!! So just remember, when you want to create an virtual machine whit an “older” operating system, just create an Generation 1 VM (Gen1).
A copple of months ago I have configured a new Citrix XenApp 6.5 with RES Workspace Manager 2012 environment. Within this environment I have configured mandatory profiles, added to Workspace Manager as a custom resource.
When the user are opening some documents, the Recent Files folder is filled up with the last opened document. The save location is C:\Users\%username%\AppData\Roaming\Microsoft\Windows\Recent.
I’ve created a new User Setting to save the content within this folder. Now there is something strange happening!! The content is saved within a UPF (User Preference File) correctly, but its not vissible in the user session from the start menu.
When I open a commandline and browse to my user profile, the content is there! Huh…?!? After some troubleshooting, I have figured out that I had to change one setting within my custom resource. The folder AppData\Microsoft\Windows\Recent was marked as Read-Only. That’s the problem! After disabling the Read-Only, the recent files are vissible from my start menu.
When you have to create an testlab environment with multiple servers, it is a big job to install all the servers. Even when you are using Hyper-V in this environment. You manually have to install all the servers or make clones of another virtual machine. In this scenario it is very usefull to make use of Differencing Disks within Hyper-V. A Differencing Disks are linked to an master VHD or VHDX file. This master VHD or VHDX file is a virtual machine that has been sysprepped, for example Windows Server 2012.
Basically, all of the main reads for the VMs created with a differencing disk come from the master VHD or VHDX, while any changes (writes) are written to the differencing disk. The differencing disk will remain fairly small, because the amount of change should be minimal. You’re probably looking at around a couple of GBs per differencing disk. With a differencing disk you can build multiple machines with the same parent sysprep image.
My laptop contains Windows 8 with the Hyper-V role enabled, so basically my virtual environment is on my laptop. Because I have only 500 GB on storage available, it is very usefull for me to use differencing disks. A lot of virtual machines with a little need of storage.
You can build this environment by following the next steps;
1.) Create a new virtual machine within Hyper-V
2.) Install the Operating System with the specific updates
3.) Optionally you can install some base applications
4.) Sysprep the virtual machine. You can use the following command:
%windir%\system32\sysprep\sysprep.exe /generalize /shutdown
5.) Now the virtual machine is sysprepped and power off
6.) Create a new virtual machine (or multiple)
7.) Create a new VHDX file using differencing disk
8.) Navigate to the base VHDX file you’ve just created (the sysprepped virtual machine)
9.) Edit some other settings within the virtual machine (cores, memory, NIC, etc.)
10.) Boot the new virtual machine
11.) Walk through the “First Run” steps of the Operating System
12.) The new virtual machine is now ready to use
13.) Navigate to the differencing disk (VHDX) and see how big it is…right it’s really small!
Z-Hire automates the IT account creation process for Exchange mailbox, Active Directory, Lync accounts, Office 365 cloud and SalesForce cloud deployments. With just a click of the button, your Exchange mailbox, and Active directory user and Lync accounts will be created simultaneousy. This tool can also create and set custom settings for Office 365 accounts using templates. Z-Hire serves as the platform for new hire accounts by allowing auto-creation of major IT user accounts with the option for custom scripts. Z-hire will increase your new hire user account deployment time by 600%, without the need for complicated and expensive identity management solutions. This tool makes creating Active Directory users a breeze. Some of the features include:
– Environment Auto detection (AD/Exchange/Lync/Office 365/SalesForce)
– Copy existing Active Directory User to Z-Hire Template (new in version 4.8.1)
– Support for Active Directory user, Exchange Mailbox, Lync 2010, Office 365 user and SalesForce user accounts
– Template based deployment (allows consistency for all user accounts)
– Office 365 account creation with major attributes
– Active Directory user account creation with major attributes
– Active Directory group selection
– Active Directory user duplicate SamAccountName verification
– Lync 2010 account creation supporting all policies
– SalesForce user creation support all major attributes
– Faster performance (compared to previous version)
– Best of all, this AD User Creation Tool is free!
– Windows 7 X64 w/ .NET 3.5 (Domain Joined)
– Windows Server 2008 X64 w/ .NET 3.5 (Domain Joined)
– Windows Server 2008 R2 X64 w/ .NET 3.5 (Domain Joined)
– Ability to create Active Directory user
– Ability to create Exchange Mailbox
– Ability to create / enable Lync user
– Active Directory (all versions)
– Exchange 2007 (all versions)
– Exchange 2010 (all versions)
– Lync 2010 (both Standard and Enterprise versions)
– Office 365 Cloud
– SalesForce CRM Cloud
Download Z-Hire tool on Microsoft Gallery
When you’re using a Server Based Computing environment managed with RES Workspace Manager 2012, the users have the abbility to lock their desktop. Normally, the users using the tray icon to lock the desktop. One of the disadvantages using the tray icon, is the 5 seconds wait time before the desktop is actually locked. After a black screen for 5 seconds, the desktop is locked.
It is also possible to create a application for the users to lock their desktop. A great thing about this is that the user don’t have to wait 5 seconds before the desktop will be locked.
1.) Create a new application
2.) Use the following configuration
3.) Select the user of users that are going to use this application
4.) Select the right Workspace Container, for example Windows XP, Windows 7 or Citrix Xenapp environment
Now the users have a new application available in the start menu. You can force a mandatory desktop icon. All you need to do is double click the new application and your desktop is locked now!
Default in Windows Server 2008 R2, there’re libraries available for each user. This Libraries are located in the left bar in the Windows Explorer. When you’re using a Server Based Computing environment, for example Remote Desktop Services or Citrix Xenapp, you want to edit this libraries. Default, the users have own libraries, but also an public library. The public libraries are located to C:\Users\Public. In an Server Based Computing environment, the users haven’t access to that location. Let’s have a look on have to delete this public libraries.
In this environment I’m using Windwos Server 2008 R2 with the Remote Desktop Services role enabled. The workspace is managed with RES Workspace Manager 2012. The users are using mandatory profiles, published as a custom resources with RES Workspace Manager.
1.) First of all, let’s have a look in the Windows Explorer. In the left bar there’re the libraries.
2.) The library folders are located in the directory
3.) Let’s open these files in notepad (or another texteditor)
4.) There’re two sections. One for the library and one for the public library.
5.) Right-click on each public library and choose Remove Location from library
6.) The public libraries are located to C:\Users\Public. In an Server Based Computing environment, the users haven’t access to that location.
7.) After deleting the public libraries, navigate back to the library directory in your profile
8.) Open each file within notepad and delete the rows
This will make the files generic for using as a baseline for all the users.
9.) Open your RES Workspace Manager Console and navigate to Administration, Custom Resources
10.) Open your mandatory profile and navigate to
11.) Delete the orrigional files and add the four customized files into this folder
12.) Update the cache of your RES Workspace Manager Agents and login with a user
13.) The public libraries are gone now and users didn’t receive error messages anymore 🙂
Hopefully this blogpost is usefull for your own production envirenment!