You are here: Application protection > Protecting an application

Protecting an application

  1. Open the Application Manager.
  2. Verify the Setup tab is selected and then from the Tasks list on the left pane, select the type of application you want to protect.

    The fields in the Application Manager console will vary depending on the type of application you are protecting.

     

  3. Application Manager will automatically identify the root domain where the Application Manager is running and populate the Domain Name field. If necessary, change the domain name to a trusted root domain that the Application Manager console can connect to. If prompted, enter security credentials with administrator privileges for the domain.

    Domain names must include a suffix, such as .com, .corp, .net, and so on.

    If you are protecting Exchange, the domain must be the root of the forest domain because that is where all Exchange server objects reside, even if the Exchange server is a member of a child domain.

     

  4. Application Manager will automatically attempt to populate the Source Server and Target Server lists with any servers in the specified domain that are running the application you are protecting. Select your source and target servers.

    If you have previously used this source and target pair, you will be prompted to reuse the previous configuration. If you select Yes, your previous configuration settings will be used. If you do not want to use the previous configuration settings (perhaps the source or target configuration has changed since you configured the connection), select No to use the default configuration settings.

    If you select a source that is currently unavailable, you will be prompted to select the target first. When you select the target then the source, you may get a failover prompt or the same source is unavailable prompt. This will depend on if a failover condition has been met according to the original failover configuration.

    You cannot protect a server if it is already functioning as a target.

    If no servers are populated in the lists (perhaps the server you need is in a child domain), click Advanced Find to add servers to the lists. Advanced Find is not available for all application protections. See Managing servers for more details on Advanced Find.

    Server names must be 15 characters or less.

    You will be unable to configure protection when your environment between the Application Manager and the source or target contains a NAT or certain VPN configurations. This is due to WMI limitations. Contact technical support for instructions to configure protection manually.

     

    The following notes apply to Exchange protection.

    The target you select must be in the same Exchange administrative group as the source.

    If you are protecting Exchange 2003 and it is running in mixed mode, the first installed Exchange virtual server contains the MTA (Message Transfer Agent) resource that is needed to communicate with versions prior to Exchange 2003. If you do not failover all Exchange virtual servers, then any user who is in a different mail store than the first one may not be able to route mail.

    If you are protecting Exchange 2010 with DAG, select the DAG as your source server.

    If you are protecting multiple Exchange virtual servers, you can configure multiple like-named cluster protection connections, or you can failover multiple Exchange virtual servers to pre-existing Exchange virtual servers on the target. In this case, select the target Exchange virtual server.

    If you are protecting Exchange in a like-named cluster scenario, select the same server for the source and target. The target server name will automatically be appended with the suffix like-named. Enter the requested information in the Like-named Cluster Setup dialog box.

     

  5. If prompted when selecting a server, provide login credentials.

    You can enter a user for a different domain by entering a fully qualified name in the format domain\username or username@domain. If you enter a non-qualified name, the DNS domain from the DNS server will be used.

    The login account must be a member of the local administrators security group.

    The login account must be a member of the Double-Take Admin security group.

    If you will be configuring DNS failover, the login account must be a member of the domain DnsAdmins security group.

    The following notes apply to Exchange protection.

    If you are protecting SQL, the login account must be assigned the System Administrator role on the SQL server in order to query and administer SQL. Also, the SQL service startup account should be a domain account.

     

  6. Optional protection settings are available but not required. If desired, configure the optional protection settings by clicking Configure.
  7. Once you have finalized your protection settings, you need to validate your configuration by clicking Validate. Monitor the status of the validation process in the status bar at bottom of the Application Manager.
  8. When the validation is complete, the status progress indicator is removed. Errors are designated by a white X inside a red circle. Warnings are designated by a black exclamation point (!) inside a yellow triangle. A successful validation is designated by a white checkmark inside a green circle. Unknown items are a white question mark inside a blue circle. Double-click on any of the validation items to see details. Application Manager can automatically fix errors and warnings marked with a yellow gear. Highlight a single item and click Fix to have Application Manager fix that one issue. Click Fix All to have Application Manager correct all of the issues. You must correct any errors, and ideally any warnings, before you can enable protection.

    If you are using DNS failover and did not enter DNS credentials under the optional protection settings, you will be prompted for credentials that can access and modify DNS records.

    If you validate a source and target pair that is already in a Protected state and the validation detects issues with the target, Fix and Fix All will be disabled. You must disable the protection, fix the issue, then re-enable protection.

    If you are protecting SQL and if you are using Database Only mode and the database is online on the target, the database cannot be taken offline on the target by using Fix if it has a SQL Server replication publication. The publication will have to be deleted using the SQL Server management tools before the database can be taken offline.

    For SQL 2000 servers, Application Manager may hang when rerunning validation after disabling protection in the same session. To work around this issue, disable the protection, stop and restart the Application Manager, then validate or enable protection.

     

  9. Once the validation passes without errors, click Enable Protection. View the status of the protection on the Monitor tab.

    If you modify your source server configuration on the source server, for example, adding a new storage group or database, you must disable protection, run validation and fix any issues, then re-enable protection to apply the changes.

    If your application protection is in a cluster environment, you should not move any resources from one cluster group to another once protection is established.

    If you close Application Manager prior to enabling protection, your configuration changes will not be saved. You must enable protection in order to save your configuration settings.

    After you have enabled protection, do not use the Failover Control Center client to edit your failover configuration. Doing so will force a failover. If this occurs, cancel the failover prompt and then disable and re-enable monitoring using Application Manager.

     

    The following notes apply to Exchange protection.

    If you need to protect data that is stored on a non-mailbox server role, for example SMTP queue data, you will need to configure protection for that data separately. In addition, you may need to manually update the DNS setting for the client access server to point to the target site.

    If your source has a public store that has a non-MAPI Owning Tree, the folders within this tree may not be updated with current information and therefore unavailable to the users.

    If you are protecting Exchange 2007 and your environment has more than one domain controller and the domain controller that Exchange is using will change during the failover process, stores may not mount during failover. To work around this issue, either modify the failover script to use the domain controller that Exchange uses when the Information Store service is started or mount the stores manually and run the Replace replicas PowerShell call from the failover script to update the PF replicas (if applicable).

    If you are protecting Exchange on a cluster and the target cluster has more than one IP address resource for the virtual Exchange server you may experience the following issue. If the one of the IP addresses is not routable from the source server and that IP address was created before any of the routable IP address resources, the Application Manager will fail to enable protection. To enable protection, you will need to delete the non-routable IP address resource(s), re-create them, and then re-add them as dependencies on the network name resource for the virtual server.

    If you are protecting Exchange in a like-named cluster scenario, Application Manager will create four resources on the target cluster: two generic script resources, an IP address resource, and a temporary name resource. The temporary name resource will be the Exchange virtual server with the suffix _LN. Application Manager uses the temporary name resource for the connection between the source and target clusters.

     

    If you are protecting SQL on a cluster and the target cluster has more than one IP address resource for the virtual SQL Server server you may experience the following issue. If the one of the IP addresses is not routable from the source server and that IP address was created before any of the routable IP address resources, the Application Manager will fail to enable protection. To enable protection, you will need to delete the non-routable IP address resource(s), re-create them, and then re-add them as dependencies on the network name resource for the virtual server.