Exchange Server 2013 offsite protection using DPM and Microsoft Azure (Part 2)

If you would like to read the other parts in this article series please go to:


In the previous article, we went over the process to update DPM to the latest update and the configuration required on Microsoft Azure to enable the integration.

In this article, we will focus on updating the existent Protection Group to add the online protection.

Registering the Backup Vault in the DPM Server…

Logged on the DPM Server, open DPM Administrator Console, click on Management item on the left corner, and then click on Online. Now that Azure Recovery Services Agent is installed on the server, the Register button is enabled, click on it (Figure 01).

Figure 01

The first page is Proxy Configuration, where the administrator can configure proxy settings. Click on Next.

In the Backup Vault page. Click on Browse and select the vault credential file that we download from Microsoft Azure (that was the first file that was downloaded from Backup Vault), after that some information such as Name, Region and Subscription Id will be displayed, click on Next, as shown in Figure 02.

Figure 02

In the Throttling Setting page (Figure 03). The administrator can define the amount of bandwidth used to replicate with Microsoft Azure Backup Vault, and it is flexible because the administrator can define the work hours of that site and the days of the week, knowing those two values, the final variable is to define the bandwidth for each time of the day.

Figure 03

In the page Recovery Folder Settings. Here we need to define the temporary area on the DPM Server where the data will be restored from Azure before going to the final destination. The best practice dictates that it should be a separate disk and, like before, the goal is to avoid the C:\ drive for obvious reasons.

DPM Disk Pool (where the data from agents reside) is not a regular partition that is presented to the Operating System, and it is managed automatically by DPM. That means that during the design of DPM with Microsoft Azure Backup Vault, consider a separate volume just for that purpose.

Figure 04

In the Encryption Setting page. Click on Generate passphrase that is going to be used to encrypt your information. Make sure that you save that passphrase for future reference in a secure place.

Figure 05

In the final page of the registration, a message informing that configuration completed successfully should be displayed. Click on Finish.

After closing the assistant, we can see an online subscription named Azure Backup listed on the DPM console, as shown in Figure 06.

Figure 06

Modifying an existent Protection Group…

The next step is to modify the existent Protection Group that is protecting Exchange Server to start creating offsite protection for a longer period, and by doing that the traditional environment can get rid of tapes and the costs associated to them.

The first step is to click on Protection item, and then right-click on the desired protection group, in our case is Exchange Protection Group and click on Modify protection group…, as shown in Figure 07.

Figure 07

Unfortunately, we cannot go straight to a specific step of the wizard using DPM 2012 r2, in order to get on any specific section the administrator has to click next button several times. So, get to the Select data protection method page, and it is here where we can enable the protection using Microsoft Azure, click on I want online protection and click Next (Figure 08).

Figure 08

Move forward with the steps until you get to Specify online protection data page. Select all Mailbox databases that are going to be protected in Microsoft Azure besides of the local protection and click Next (Figure 09).

Figure 09

In the Specify online backup schedule page. Here we have one of the new features (Figure 10) that allows us to define how often we want to backup data to Microsoft Azure, besides of the frequency we can define when (using a static day or a specific position like first, last and so forth) and of course the time to perform the synchronization.

Figure 10

In the Specify Online Retention Policy page. After defining how often we want to replicate to Microsoft Azure in the previous step, now we have the opportunity to define the retention of the data in the offsite location (Microsoft Azure), in the Figure 11 we are keeping 14 (fourteen) months of monthly backups and then 7 years for the annual retention.

The decision made in the previous page (Specify Online Backup schedule) is the one that dictates the options available on the retention area. For example, if we select a daily backup to the Cloud, then the Daily Retention Policy and Weekly Retention Policy would be enabled; the same applies for dates, we defined the last Saturday for the monthly backup, and that is the value available.

Figure 11

In the Choose Online Replication page. Another new feature, we can physically ship the data to a Microsoft Azure datacenter to avoid the first copy, that is a interesting feature for larger customers that do not want to wait days for the initial replication to occur (depending on the size of the data being protected). In our article, we will keep it simple, use the default option that is automatically over the network (Figure 12), and click Next.

Figure 12

In the final page of the wizard, all settings related defined during the wizard will be listed, click on Update Group. All the online settings defined in the previous page will be listed Online something on the last page of the wizard.


In this article, we went over the process to manage the protection group to integrate with Microsoft Azure.

If you would like to read the other parts in this article series please go to:

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top