SEP sesam Hybrid Backup and Disaster Recovery Solution

Here is a brief description of SEP sesam and steps I took to implement my first backup with this solution some months ago.

SEP sesam supports heterogeneous computing environment and provides “Present Task Type”.
Note: SEP sesam changed the naming from Backup Type —-> Task Type.

Backup data on save set is preserved according to the retention time defined. Data can be migrated, deduplicated and replicated in order to provide fast and reliable restore.

Note: Standard backup does not prepare for Disaster Recovery. This recovery requires special preparation and configuration with SEP sesam disaster recovery solutions.

  1. Bare Metal Recovery Linux
  2. Bare Metal Recovery Windows and
  3. SEP sesam self recovery

SEP sesam introduces a powerful scheduling called SEPuler. And this constantly checks for backup, restore and predefined tasks to be executed. When such a task is found, SEPuler initiates the execution of such tasks.

To aviod task cconflicts and efficiently manage tasks in execution queue, SEP sesam uses event priorities.

Backup Server
Setting up a backup environment

  1. Decide on the Server (VM) to backup
  2. Install the necessary SEP backup components on them (i.e., on the VM to be backup.
  3. Ensure you have the required permission on the system to be backup.

Note: The grouping of clients and storage devices is referred to as a Location. By default, this is set to local.

You can group similar OS’ (devices) by using locations or by using different geographical locaton) etc.

You can also have different locations in this faction below.

Here, new locations can be created to have your servers grouped together eg, Linux servers.

How to Configure Clients.

The image below is the faction in which new clients are created and added to SEP sesam.

Note: The database has to be configured previously.
After creating a data store, you will need to create a new media pool.

Client Side configuration: Setup and configure SEP client on each Server (VM) to be backup.

Here is the link to where this client can be downloaded. https://download.sep.de/
Here you can download for windows clients etc.

Note: When installing the agent, you will have to install or enter the SEP sesam server name. During this installation, some firewall ports will be opened automatically on the server.

Ensure you have a working DNS name resolution correctly setup for the client and backup server itself.

Here are some vital links as i could not cover the topic in details.

Deciding on the right FileSystem for your USB

image source: TechLog360

When you get a new USB drive and are about to format it before its first use, you may be wondering which of the available file systems is the best. Here are some of the most important considerations before choosing a filesystem for a USB drive

File System? A file system is a piece of software that controls how data on a media is stored and retrieved. A file system manages operations such as copying, moving, and deleting files on a drive.

A file system is different from an operating system in the sense, a file system runs on top of an operating system and depends on it for many operations. Each of the major operating systems (e.g. Windows, MacOS, Linux) can work with various file systems (natively or through third-party tools).

How Do You Plan to Use Your USB Drive?Basically, the most important considerations regarding your choice of a file system for your USB drive are which operating systems you plan to use it with and how large the files you will most likely transfer are.

If you will be using your USB media on Windows OS, then you can decide on FAT32, exFAT, or NTFS.
– FAT32 and NTFS run with Linux, too, but exFAT requires additional tools. If you will be using the drive on Linux devices only, you can add its native EXT 2, 3, or 4 to the mix.
– As for MacOS, it can natively run FAT 32, works with exFAT, too, but you will need additional tools for NTFS, and its native file system is HFS+ (and the latest APFS) not EXT.

As you see, FAT 32 and to some extent NTFS, are present on all major OS’. They are not interchangeable and have their differences,

3. FAT32 vs. exFAT vs. NTFS vs. HFS vs. EXT 2, 3, and 4:There are really many file systems out there, and if you are curious, you can try a few of them before you land on the familiar ones.

However, your choices for a USB file system basically boil down to these:

  • NTFS: This the default file system for Windows partitions. NTFS supports journaling, large file sizes, file compression, long file names, access control, etc. If you are functioning in a Windows-only environment, it’s safe to go with NTFS. Linux can also handle NTFS, and MacOS reads it but needs third party tools to write, so even if you are not in a Windows only environment, it’s still a good choice.
  • FAT32: FAT32 or File Allocation Table 32 is the file system that typically comes preinstalled on a USB drive. It was the Windows standard before NTFS. FAT32 is slower than NTFS, less secure, and has a 4GB limit per file, but it is widely recognized by all major operating systems. If you will be using the USB drive in a highly heterogeneous environment, and portability is your main concern, FAT32 is your option.
  • exFAT: exFAT or extended File Allocation Table, is the newer version of FAT32. It’s lightweight but doesn’t have journaling. It’s compatible with Microsoft and MacOS but needs additional tools with Linux. It doesn’t have the 4GB limit per file restriction like FAT32.
  • HFS+: The Hierarchical File System (HFS+) is the default file system in the macOS world. If you are going to use your USB drive on Mac devices mainly, choose this file system. HFS+ can be used with Windows and Linux, but if you need a multi-OS file system, you definitely have better choices.
  • EXT 2, 3, and 4: The extended file system is the native for Linux. Similarly to HFS+, you can use it with the other operating systems but it’s not your best option. Use this file system if you are using the USB device on Linux computers mainly.

Most of these USB file systems run with multiple operating systems, e.g. Windows, macOS, Linux, etc., – so usually your choice isn’t limited to just one USB file system. If you don’t have large files to deal with, you have even more options. If speed of transfer isn’t a top priority either, there are even more choices. And if it turns out your first choice of a USB file system wasn’t the best, you can always reformat the drive, provided there is no valuable data on it, of course. Source: Maketecheasier

Lightweight Directory Access Protocol (LDAP)

LDAP is a network protocol used to perform queries and changes in a distributed directory service. The protocol from the TCP / IP protocol stack is specified in the RFCs 4510, 4511 and 4532.

LDAP itself is not a directory, but a protocol with which one can retrieve information from an LDAP directory. LDAP requires that all participating systems be able to exchange data on port 389 for unsecured transmission and port 636 for secure connection (TLS).

The idea behind LDAP is simple: A directory in a tree structure distributed over different servers should be searchable. See the video below for more high level overview.

Source: Help Desk Premier

The tree structure of the directory is broadly defined. The origin is the “root directory” and this branches into various groups such as organisations, organisational units and individuals etc.

Note: The latter may be users, persons, printers, scanners, computers, servers as the case may be. Although the system allows a high degree of flexibility in the mapping of structures, the definition of the elements in the schema is rather strict. Here are some uses cases for LDAP.

  • User administration
  • System administration
  • Protocol
  • NIS information
  • Boot information
  • File system mount point management
  • Organisation of alias names in e-mail systems
  • Administration of DNS zone data
  • Organisation of DHCP servers

LDAP implementation in Active Directory
LDAP is widely implemented in Microsoft Active Directory (AD) and it is the fourth major component of Active Directory. Other components are Kerberos, CIFS, and DNS. In Active Directory environment, the LDAP directory provides information about users, computers, and their group membership. But other objects, such as the certificates of a computer, are stored in the directory.

LDAP basic structure is simple. LDAP consists of objects and follows largely the approach of object-oriented programming with classes, inheritance, polymorphism and the objects themselves. A directory service entry consists of a list of attributes and a “mandatory object” – the name of the object itself, the “Distinguished Name”.

This name is similar to a filename and shares the same property with the filename convention: it is not possible to have the same name in the same level. Objects named “OU” represent containers in which other objects can be created. Here are some attributes used with LDAP.

CN: commonName 
L: localityName
ST: stateOrProvinceName
O: organisationName
OU: organisationalUnitName
C: countryName
STREET: streetAddress
DC: domainComponent
UID: userid

At first glance, this seems to be rather ambiguous, confusing and complex. Lets go into details and try to make sense of these attributes.

Let’s say an Active Directory is named techdirectarchive.local and a new user with the name “Martin, brown” is created while the selection on the root directory techdirectarchive.local is created. Here is how the attribute would look like.

CN = Martin brown, DC =  techdirectarchive, DC = local

Now the object is moved to an Organisation Unit (OU) with the title “persons” and the DN is looked at again:

CN = Martin brown, OU = persons, DC = techdirectarchive, DC = local

Within the OU people, another OU for better grouping of users due to job roles. This should be called “Accounting Employees” and the user object of Martin brown is assigned to this new OU. Thus, the DN is:

CN = Martin brown, OU = Accounting Employees, OU = persons, DC = techdirectarchive, DC = local

Now the logic is almost automatic. The commonName , the name of the object itself, is on the left side, while the assignment from the right side starts with the domain structure local , followed by techdirectarchive.

Conveniently, there are a large number of programs that can query a directory structure using LDAP; For Microsoft Windows, for example, the “LDAP Admin” by T. Karlovic is a compact and practical solution. On the other hand, there are many script variants to determine information via LDAP. Below is the PowerShell script:

$ strFilter = "(& (objectCategory = User))" 
$ objDomain = New-Object System.DirectoryServices.DirectoryEntry 
$ objSearcher = New-Object System.DirectoryServices.DirectorySearcher 
$ objSearcher.SearchRoot = $ objDomain 
$ objSearcher. PageSize = 1000 
$ objSearcher.Filter = $ strFilter 
$ objSearcher.SearchScope = "Subtree" 
$ colProplist = "name" 
foreach ($ i in $ colPropList) {$ objSearcher.PropertiesToLoad.Add ($ i)} 
$ colResults = $ objSearcher. FindAll () 
foreach ($ objResult in $ colResults) 
  {$ objItem = $ objResult.Properties; $ objItem.name}

It returns the usernames of the employees from the department (see first line department = editorial ). If the script is looking for something else, for example, employees whose login names contain a special sequence of letters, the first line looks something like this:

$ strFilter = "(& (objectCategory = User) (sAMAccountName = Me *))"

The asterisk behind “Me” acts as a wildcard here. The lower part of this PS command sequence (from the Microsoft homepage) can therefore be used quite well for other purposes. But, it’s also much, much easier – with a one-liners in the PowerShell:

Get-ADUser filter {Name -Like "*"} -Searchbase "OU = PEOPLE, DC = techdirectarchive, DC = local"

For example, if the administrator wants to read out the phone numbers, this one command will expand a bit:

Get-ADUser -filter {Surname -Like "*"} -properties cn, telephoneNumber -SearchScope Subtree-SearchBase "OU = People, DC = techdirectarchive, DC = local" | select-object Surname, Givenname, telephoneNumber

Surname is the surname here, while Givenname represents the first name.

For more training on LDAP, please watch this video below.

And See the following link https://help.ubuntu.com/lts/serverguide/openldap-server.html for more information on LDAP. Source: ip-insider