1 Akinolmaran

Shadowstorage Assignment Submission

Updated: May 13, 2016

Applies To: System Center 2012 SP1 - Data Protection Manager, System Center 2012 R2 Data Protection Manager

DPM can back up virtual machines running on Hyper-V host servers. For supported DPM and Hyper-V versions see the DPM protection support matrix.

DPM can protect the following Hyper-V virtual machine scenarios:

  • Host or guest-level—You can back up virtual machines at the host or guest level. At the host level the DPM protection agent is installed on the Hyper-V host server or cluster. At the guest level the agent is installed on each virtual machine. If you deploy host level back you’ll be able to recover an entire virtual machine, or perform item-level recovery to want to be able to back up and restore specific files, folder, volumes or hard disks. Guest-level back is useful if you want to protect specific workloads running on a virtual machine. For example if you specifically want to back up a SQL Server database running on the virtual machine. Note that you must use guest-level backup if you want to protect data stored on passthrough disks. Passthrough allow the virtual machine to directly access the storage device and don’t store virtual volume data in a VHD file.

  • Local or direct storage—Back up virtual machines hosted on Hyper-V standalone servers that have local or directly attached storage. For example a hard drive, a storage area network (SAN) device, or a network attached storage (NAS) device.

  • CSVs—Back up virtual machines hosted on a Hyper-V cluster with Cluster Shared Volume (CSV) storage. DPM 2012 SP1 introduced express full backup, parallel backups, and cluster query improvements for CSV backup. In a cluster configuration the DPM protection agent is installed on each cluster node.

  • SMB—Back up virtual machines hosted on a Hyper-V standalone server or cluster with SMB 3.0 file server storage. SMB shares are supported on a standalone file server or on a file server cluster. If you’re using an external SMB 3.0 file server the DPM protection agent should be installed on it. If the storage server is clustered, the agent should be installed on each cluster node. You’ll need full-share and folder-level permissions for the machine$ account of the application server on the SMB share.

  • Live migration—Back up virtual machines that are configured for live migration. This provides uninterrupted data protection so that you can move virtual machines from one location to another while the virtual machines sustain connections and with no noticeable drop time. Live migration can transfer virtual machines between two standalone servers, within a cluster or between stand-alone and cluster nodes. You can also perform a live migration of virtual machine storage so that virtual machines can be moved to new storage locations while they continue to run. Running multiple live migrations concurrently is supported.

    • Live migration within a cluster— When a virtual machine is migrated within a cluster, DPM detects the migration, and backs up the virtual machine from the new cluster node without any requirement for user intervention. Because the storage location has not changed, DPM continues with express full backups. In a scaled scenario with two DPM servers to protect the cluster, a virtual machine that is protected by DPM1 continues to be protected by DPM1, no matter where the virtual machine is migrated.

    • Live migration outside the cluster—When a virtual machine is migrated between stand-alone servers, different clusters, or between a stand-alone server and a cluster, DPM detects the migration, and can back up the virtual machine without user intervention.

    • Post-migration

  • Replica virtual machines—Back up replica virtual machines running on a secondary server (DPM 2012 R2 only)

Read about supported scenarios and Prerequisites for virtual machine protection.

DPM works seamlessly with the Hyper-V Volume Shadow Copy Services (VSS) writer to ensure that consistent versions of virtual machines are captured and protected without affecting virtual machine access. The ability to back up open files is critical for business continuity.

By default DPM performs online backups that don’t affect the availability of virtual machines. To perform an online backup the following is required:

  • The Backup integration service must be enabled, so the operating system running on the virtual machine running must support Hyper-V integration services.

  • The guest operating system must support VSS (Windows 2003 server or later). Online backup isn’t supported if virtual machines are running Linux.

  • There should be no dynamic disks on the virtual machine.

  • All volumes must be NTFS

  • The VSS storage assigment for the volumes shouldn’t be modified.

  • The virtual machine must be running, and if the virtual machine is in a cluster the cluster resource group should be online. A Shadow Storage assignment of a volume inside the virtual machine mustn’t be explicitly set to a different volume other than itself.

If these conditions aren’t met DPM will perform an offline backup where the virtual machine is paused and placed in a saved state while the snapshot is taken, and then the virtual machine is resumed. This means the virtual machine is unavailable during the backup, usually a short period of less than a minute for many environments.

Backup process

DPM performs backup with VSS as follows:

  1. The DPM block-based synchronization engine makes an initial copy of the protected virtual machine and ensures that the copy of the virtual machine is complete and consistent.

  2. After the initial copy is made and verified, DPM captures backups by using the Hyper-V VSS writer. The VSS writer provides a data-consistent set of disk blocks that are synchronized with the DPM server. This approach provides the benefit of a "full backup" with the DPM server while it minimizes the amount of backup data that have to be transferred across the network.

  3. The DPM protection agent on a server that is running Hyper-V uses the existing Hyper-V APIs to determine whether a protected virtual machine also supports VSS.

    • If a virtual machine complies with the requirements for online backup and has the Hyper-V integration services component installed, then the Hyper-V VSS writer recursively forwards the VSS request through to all VSS-aware processes on the virtual machine. This operation occurs without the DPM protection agent being installed on the virtual machine. This recursive VSS request allows the Hyper-V VSS writer to ensure that disk write operations are synchronized so that a VSS snapshot is captured without the loss of data.

      The Hyper-V integration services component invokes the Hyper-V VSS writer in Volume Shadow Copy Services (VSS) on virtual machines to ensure that their application data is in a consistent state.

    • If the virtual machine doesn’t comply with online backup requirements, DPM automatically uses the Hyper-V APIs to pause the virtual machine before they capture data files.

  4. After the initial baseline copy of the virtual machine synchronizes with the DPM server, all changes that are made to the virtual machine resources are captured in a new recovery point. The recovery point represents the consistent state of the virtual machine at a specific time. Recovery point captures can occur at least one time a day. When a new recovery point is created, DPM uses block-level replication in conjunction with the Hyper-V VSS writer to determine which blocks have been altered on the server that is running Hyper-V after the last recovery point was created. These data blocks are then transferred to the DPM server and are applied to the replica of the protected data.

  5. The DPM server uses VSS on the volumes that host recovery data so that multiple shadow copies are available. Each of these shadow copies provides a separate recovery. VSS recovery points are stored on the DPM server. The temporary copy that is made on the server that is running Hyper-V is only stored for the duration of the DPM synchronization.

Read about Prerequisites for virtual machine protection.

Solutions provider takeaway: Sifting through the massive number of Windows 7 command-line utilities isn't easy,...

but these are the utilities that are vital to performing Windows 7 management tasks. Commands such as arp can help solution providers view important information for their customers.

To accomplish administration tasks on Windows 7 machines, it is necessary to use the command line from time to time. You can easily access this essential runtime environment in Windows 7 with the Search box at the foot of the Start menu. Typing into this box and hitting the Enter key will display the command line's old fashioned but useful black-and-white DOS box, which is displayed in Figure 1.

Figure 1: The black-and-white DOS box is still useful for typing commands into a customer's environment.

For solution providers that need to run a command prompt with elevated privilege, instead of hitting the Enter key after typing , they can right-click the cmd icon that shows up in the search results. From there, providers can select Run as administrator from the resulting pop-up menu. This is necessary when using the command to resize volume shadow storage allocations, which will be covered later in this article.

Key command-line resources

There are hundreds of command-line utilities in the Windows runtime environment. One of the best resources for them is the Microsoft Command-Line Reference. The reference was last updated on Jan. 25, 2010, and it documents 226 individual command-line tools, some of which are complex enough to warrant extensive user guides.

For example, check out these commands:

  • ,
  • Various commands, such as and ).

Another terrific command-line resource that's useful to providers is the Overview of TCP/IP Troubleshooting Tools, which covers the items in my table of top commands in the next section. The command shell overview, despite not being updated since the Windows Server 2003 release, is also worth reading thoroughly, especially for solution providers that need to script out command sequences.

Ed's "Top 11" command-line utilities

While I was researching command-line utilities, I kept track of the ones I use regularly and also reviewed the whole collection of commands documented in the references mentioned above. This helped me produce a list of 11 personal command-line favorites I couldn't do without and the ones that solution providers may need in Windows 7. Table 1 lists them in alphabetical order.

Table 1: The 11 essential Windows command-line utilities




"Address Resolution Protocol" maps media/hardware addresses to local IP addresses


Checks hard disks for file system corruption, file defects and other structure issues


Manages automatic disk checking that occurs when Windows starts up


Checks and sets various IP configuration items, including DHCP leases and addresses


Checks and troubleshoots NetBIOS name resolution settings and behavior


Displays active TCP connections, TCP/UDP ports, Ethernet statistics, IP routing table and more


Uses ICMP echo to assess reachability of nodes by IP address or NetBIOS names


Sets or shows Windows environment variable values


Displays the list of processes running on a Windows PC


Displays and manages volume shadow copy behavior on a Windows PC


Displays computer and account names related to your current log-in session

(Address Resolution Protocol)

Use the command to show which nodes on your local subnet have interacted with the machine in which you run the command. Figure 2 below shows reasonably complete coverage of my home network.

Figure 2: Find out which nodes have interacted with the machine where you run the command.

Solution providers can use this command to monitor and repair local file systems and related file system metadata on a per-volume basis, including logical and physical errors. Most Windows configurations run on all attached volumes each time Windows boots up. Without parameters, this command reports on-target Windows drives, as shown, but it can also be used to repair a wide range of issues.

Figure 3: A variety of issues can be repaired with .

uses the Windows Autochk.exe program to scan volumes to see if the volume dirty bit has been set, which indicates inspection and possible repair is warranted. If so, it runs chkdsk /f to find and repair any potential issues during inspection. This command runs by default each time Windows boots, but you can use the command to exclude chosen volumes from the checks.

Figure 4: Determine whether your disk requires inspection with the command.

This command-line utility monitors various Windows TCP/IP configuration options and settings, and is the main reason you would access the Command Prompt window. This tool tells you what you need to know about network configuration data and also provides a ready means to manage DHCP address leases using its parameters. Solution providers that work with networks will use this command frequently.

Figure 5: Get detailed information about your customer's network configuration data.

This cryptic string stands for statistics about NetBIOS over TCP/IP, and even though NetBIOS isn't used much for applications anymore, it's a vital element for Windows network communications and activities. The screen cap in Figure 6 lists the NetBIOS names registered on the machine where it's run (-r).

Figure 6: Providers can use this command to get Windows network statistics.

stands for network statistics and reports on active TCP connections, open TCP and UDP ports, Ethernet statistics, protocols in use, routing table contents and general protocols in use. The screen cap in Figure 7 shows Ethernet statistics for the machine on which it's run (-e).

Figure 7: This command reports on various protocols for providers.


The command uses ICMP echo to see if specific nodes on a network are available by name or by IP address and, if so, the amount of time needed for a short message to make a round trip between the sender and the receiver. is useful for network troubleshooting, especially when problems with Internet access arise. The screen cap in Figure 8 shows access to a working node, and failed access to a nonworking one.

Figure 8: The command helps solution providers manage customer networks.

lets users examine, add or alter environment variables in the Windows runtime environment. These values include objects such as the directory path, the Windows home drive and directory and all kinds of important values and directory pointers.

The command is also helpful when you're looking for information about a particular Windows installation or when you need to change basic defaults or filesystem behaviors. Run without parameters, displays all current variables and their value assignments, as the Figure 9 screen cap illustrates.

Figure 9: Changed basic defaults easily with the command.

The command shows all active processes running on your customer's local or remote Windows PC (Figure 10). It's a practical way to access and record information about active processes, and may be used to feed valuable information into scripts or management consoles. It also tells you about dlls and services associated with specific processes, and includes different types of interesting filters and formatting/output controls.

Figure 10: Get the list of your customer's active processes with .

This command provides access to information that's related to the Windows Volume Shadow Copy Service (VSS). VSS is a collection of semi-hidden files related to restore points, shadow copies, as well as writers and providers of these copies. It's particularly useful to solution providers that need help reining in Vista's large appetite for shadow copy space (30% of a hard drive, by default) and managing shadow copies on solid-state disks (SSDs).

Figure 11: View information on VSS on your customer's disk with the command.

If you're constantly working on multiple Windows machines, or one of many Windows virtual machines on your customers' PCs, this command gives you the machine name (to the left of the slash) and the login account name (to the right of the slash) in its brief but informative output. The next screen cap in Figure 12 shows you what this output looks like.

Figure 12: Get all of the pertinent Windows VM and account information with the command.

More Windows 7 command-line tools to choose from

The aforementioned commands are my personal favorites, but there are plenty of other useful and powerful elements in the Microsoft command-line references listed earlier in this tip.

Ed Tittel is a frequent contributor to numerous TechTarget websites and also writes regularly for InformIT.com and ITExpertVoice.com. He has contributed to well over 100 computer books, including Windows 7 In Depth (Que, 2009, ISBN: 0789741997) and Guide to TCP/IP 3e (Course Technology, 2006, ISBN: 1418837555).

Leave a Comment


Your email address will not be published. Required fields are marked *