![\"\"](\"http:\/\/exchangeserverpro.com\/wp-content\/uploads\/2010\/08\/edgetransportserver.png\" "\\"edgetransportserver\\""){kind=spacer}
<\/p>\n
The Exchange Server 2010 Edge Transport Server role is responsible for all incoming and outgoing internet email for an organization.<\/p>\n
Typically deployed within a secure perimeter network, or DMZ, the Edge Transport Server is basically a smart host or SMTP relay server for the organization, and can protect from viruses, spam, and also perform other rule-based actions to control the flow of email in and out of the network.<\/p>\n
What Needs to be Backed Up on Edge Transport Servers<\/h2>\n
To plan for backup and recovery of the Edge Transport server you first need to understand where the server stores its configuration and data.<\/p>\n
Active Directory Lightweight Directory Service<\/strong>\u00a0\u2013 each Edge Transport server runs its own instance of AD LDS, which is used to store a subset of information about recipients in the Exchange organization, as well as information about the connectors that are established between the Edge Transport server and the Hub Transport servers for mail flow. \u00a0The AD LDS database and log files are stored on the file system of the server.<\/p>\n Edge Configuration<\/strong>\u00a0\u2013 the Edge Transport server configuration can be exported to an XML file for cloning between servers and for recovery purposes. \u00a0The Edge configuration file is stored on the file system of the server. \u00a0This does not include the Edge Subscription information that connects the Edge Transport server to Hub Transport servers.<\/p>\n System State<\/strong>\u00a0\u2013 the system state contains information such as service startup and dependency settings in the registry, which is important if any settings have been modified from the defaults. \u00a0The System State is also important if extra third party applications or agents have been installed on the Edge Transport server, local security policies have been applied, administrative accounts or groups created or modified, and a range of other items that may be important in a recovery.<\/p>\n Other Files<\/strong>\u00a0\u2013 other files such as transport queue databases and log files are also stored on the file system.<\/p>\n When you are planning the Edge Transport server backup strategy there are different approaches you can take depending on your requirements.<\/p>\n A full system backup of the server encompasses all of the required information for a recovery, however this takes longer to backup and consumes the most backup storage.<\/p>\n This makes it impractical if frequent backups are required throughout the day, for example in a high volume email environment the transport queue databases might be backed up every 5 minutes to reduce the risk of losing in-transit emails if the server crashed.<\/p>\n A full backup can also take longer to recover in some cases, however this is less of a concern if multiple Edge Transport servers are deployed.<\/p>\n A backup of just the Edge Transport configuration is the most efficient in terms of\u00a0time frames\u00a0and storage space, and can be run only when a configuration change has been made.<\/p>\n However the recovery time may be longer because a new host would need to be provisioned from scratch to import the config.<\/p>\n There may also be more manual intervention required because importing the configuration to a new server still requires the Edge Subscription to be set up again. \u00a0In addition, this backup strategy does not protect the transport queue databases, log files, or any third party applications and agents installed on the server.<\/p>\n For the purposes of this demonstration I\u2019ve made a few changes to a default Edge Transport server install on Windows Server 2008 R2.<\/p>\n The default log file paths have been modified:<\/p>\n An Edge Subscription is in place:<\/p>\n .NET Framework 4 has been installed via Microsoft Update:<\/p>\n The Edge Configuration can be exported and imported using a script provided with Exchange Server 2010.\u00a0 The script is located in the \\Scripts folder of your Exchange Server 2010 installation folder, which by default would be:<\/p>\n C:\\Program Files\\Microsoft\\Exchange Server\\V14\\Scripts<\/p><\/blockquote>\n On the Edge Transport server launch an Exchange Management Shell and run the script to export the Edge Configuration.<\/p>\n For this demonstration the server operating system has been manually reinstalled to simulate a recovery scenario, and the Exchange Server 2010 reinstalled with the Edge Transport server role.<\/p>\n Note: the Edge Transport server can be a domain member however it is not a valid role for using\u00a0Setup \/m:RecoverServer<\/strong>\u00a0to restore a failed server. In some scenarios you may encounter an error that \u201cThe Exchange Server is in an inconsistent state\u201d when trying to reinstall the server.\u00a0 If you do then\u00a0click here for the solution.<\/p>\n When the new Edge Transport server is ready you can import the Edge Configuration to it using a script that is once again located in your Exchange Server 2010 installation folder.<\/p>\n Launch the Exchange Management Shell, and then run the import script to validate that the configuration can be applied.\u00a0 This checks for such things as valid file system directories to confirm that that they can be recreated when the configuration is imported.<\/p>\n Next, import the configuration file by switching the\u00a0-isImport<\/strong>\u00a0parameter to\u00a0$true<\/strong>.<\/p>\n Note the warning that the Transport service requires a restart. This does not happen automatically, so run the following command from the Exchange Management Shell.<\/p>\n Although the relevant Connectors are added to the Edge Transport server when the Edge Configuration is imported, they are not correctly set up on both ends (ie on the AD Site\/Hub Transport servers as well). To do this you will need to re-run the Edge Subscription process.<\/p>\n Create an Edge Subscription file on the Edge Transport server by running the following command in an Exchange Management Shell.<\/p>\n Copy the XML file to an Exchange 2010 server in the organization. Launch the Exchange Management Console and navigate to Organization Management\/Hub Transport. Start the\u00a0New Edge Subscription<\/strong>\u00a0task.<\/p>\n Select the Active Directory Site you wish to create the subscription with, and then browse and select the XML file that you copied from the Edge Transport server.<\/p>\n Click\u00a0New<\/strong>\u00a0to complete the Edge Subscription wizard.<\/p>\n The Edge Transport server role has now been recovered by:<\/p>\n By only backing up the exported Edge Configuration file this technique takes up the least backup time and storage, however the restoration is more effort (note that the use of virtualization, templates or other automated build processes would speed it up to varying degrees).<\/p>\n For this demonstration I used Windows Server Backup to take a full system backup of the Edge Transport server to use for bare metal restore.<\/p>\n This backup takes longer than if you were only exporting and backing up the Edge Configuration on a regular basis. \u00a0However the restore process is simpler and possibly even faster than the previous method, because the full system is being restored, although this would depending on your backup infrastructure and whether the restore media was on hand or needed to be brought in from offsite.<\/p>\n Once the full system restore is complete the server is ready to go, including the Exchange Server 2010 installation and all other applications and configurations on the server.<\/p>\n Although the Edge Subscription is restored by this method, if you test it from the Hub Transport server you may find that it is temporarily broken.<\/p>\n You can usually fix this by simply restarting the EdgeSync service on the Hub Transport server.<\/p>\n The Edge Subscription should now test successfully.<\/p>\n The Edge Transport server role has now been recovered by performing a full system restore of the server.<\/p>\n By taking full system backups of the Edge Transport server the restoration process was simplified, however the backups themselves take up more time and backup storage.<\/p>\n As you can see there are pros and cons to each backup strategy for the Edge Transport server role in Exchange Server 2010. \u00a0In most environments the full system backup\/restore method works best as it simplifies almost every aspect of the process, with the only\u00a0trade off\u00a0being the extra time and storage capacity needed during backups. \u00a0The config export\/import method tends to be more suited to migrating the Edge Transport server to new hardware, or adding additional Edge Transport servers into the environment.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":" The Exchange Server 2010 Edge Transport Server role is responsible for all incoming and outgoing internet email for an organization. Typically deployed within a secure perimeter network, or DMZ, the Edge Transport Server is basically a smart host or SMTP relay server for the organization, and can protect from viruses, spam, and also perform […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[22],"tags":[],"class_list":["post-1233","post","type-post","status-publish","format-standard","hentry","category-exchange-2010"],"_links":{"self":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/1233","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1233"}],"version-history":[{"count":2,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/1233\/revisions"}],"predecessor-version":[{"id":1235,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/1233\/revisions\/1235"}],"wp:attachment":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1233"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1233"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1233"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Planning the Edge Transport Server Backup<\/h2>\n
Backing up Everything<\/h3>\n
Backing up the Minimum<\/h3>\n
Backing Up and Restoring Edge Transport Servers<\/h2>\n
![\"\"](\"http:\/\/exchangeserverpro.com\/wp-content\/uploads\/2010\/08\/change1.png\" "\\"change1\\"")
<\/p>\n![\"\"](\"http:\/\/exchangeserverpro.com\/wp-content\/uploads\/2010\/08\/connectors1.png\" "\\"connectors1\\"")
<\/p>\n![\"\"](\"http:\/\/exchangeserverpro.com\/wp-content\/uploads\/2010\/08\/programs1.png\" "\\"programs1\\"")
<\/p>\nExporting\/Importing the Edge Configuration<\/strong><\/h3>\n
.\\ExportEdgeConfig.ps1 -cloneConfigData C:\\EdgeConfig\\ex2-edgeconfig.xml\r\n\r\nEdge configuration is exported successfully to C:\\EdgeConfig\\ex2-edgeconfig.xml<\/pre>\n
.\\ImportEdgeConfig.ps1 -cloneConfigData C:\\EdgeConfig\\ex2-edgeconfig.xml -isImport $false -cloneConfigAnswer C:\\EdgeConfig\\ex2-answer.xml\r\n\r\nWarning:Passwords will be encrypted with the default script encryption key\r\n\r\nValidation succeeded for ConnectivityLogPath element of type DirectoryPath\r\nValidation succeeded for MessageTrackingLogPath element of type DirectoryPath\r\nValidation succeeded for PickupDirectoryPath element of type DirectoryPath\r\nValidation succeeded for PipelineTracingPath element of type DirectoryPath\r\nValidation succeeded for ReceiveProtocolLogPath element of type DirectoryPath\r\nValidation succeeded for ReplayDirectoryPath element of type DirectoryPath\r\nValidation succeeded for RoutingTableLogPath element of type DirectoryPath\r\nValidation succeeded for RootDropDirectoryPath element of type NullableDirectoryPath\r\nValidation succeeded for SendProtocolLogPath element of type DirectoryPath\r\nValidation succeeded for SourceIPAddress element of type IPAddress\r\nValidation succeeded for SourceIPAddress element of type IPAddress\r\nValidation succeeded for Bindings element of type Bindings\r\nValidation succeeded for Fqdn element of type FQDN\r\n\r\nAnswer File is successfully created: C:\\EdgeConfig\\ex2-answer.xml<\/pre>\n
.\\ImportEdgeConfig.ps1 -cloneConfigData C:\\EdgeConfig\\ex2-edgeconfig.xml -isImport $true -cloneConfigAnswer C:\\EdgeConfig\\ex2-answer.xml\r\n\r\nWarning:Passwords will be encrypted with the default script encryption key\r\n\r\nWARNING: The contents of the pipeline tracing log may contain sensitive information. Make sure all content is either\r\nremoved or secured appropriately.\r\n\r\nWARNING: The command completed successfully but no settings of 'exchangeserverpro.local' have been modified.\r\nWARNING: The following service restart is required for the change(s) to take effect : MSExchangeTransport\r\n\r\nConfirm\r\nAre you sure you want to perform this action?\r\nRemoving Receive connector \"EX2\\Default internal receive connector EX2\".\r\n[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is \"Y\"): a\r\n\r\nWARNING: The command completed successfully but no settings of 'IPAllowListConfig' have been modified.\r\nWARNING: The command completed successfully but no settings of 'IPAllowListProviderConfig' have been modified.\r\nWARNING: The command completed successfully but no settings of 'IPBlockListConfig' have been modified.\r\n\r\nWARNING: Edge Transport servers don't use the MaxDumpsterSizePerStorageGroup, MaxDumpsterTime, MaxReceiveSize,\r\nMaxRecipientEnvelopeLimit, and SupervisionTags parameters. Therefore, setting these parameters will have no effect.\r\n\r\nImporting Edge configuration information Succeeded.<\/pre>\n
restart-service msexchangetransport<\/pre>\n
New-EdgeSubscription -FileName c:\\edgesubscription.xml\r\n\r\nConfirm\r\nIf you create an Edge Subscription, this Edge Transport server will be managed via EdgeSync replication. As a result,\r\nany of the following objects that were created manually will be deleted: accepted domains, message classifications,\r\nremote domains, and Send connectors. After creating the Edge Subscription, you must manage these objects from inside\r\nthe organization and allow EdgeSync to update the Edge Transport server. Also, the InternalSMTPServers list of the\r\nTransportConfig object will be overwritten during the synchronization process.\r\n EdgeSync requires that this Edge Transport server is able to resolve the FQDN of the Hub Transport servers in the\r\nActive Directory site to which the Edge Transport server is being subscribed, and those Hub Transport servers be able\r\nto resolve the FQDN of this Edge Transport server. You should complete the Edge Subscription inside the organization in\r\n the next \"1440\" minutes before the bootstrap account expires.\r\n[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is \"Y\"): y<\/pre>\n
![\"\"](\"http:\/\/exchangeserverpro.com\/wp-content\/uploads\/2010\/08\/edgesub01.png\" "\\"edgesub01\\"")
<\/p>\n![\"\"](\"http:\/\/exchangeserverpro.com\/wp-content\/uploads\/2010\/08\/edgesub02.png\" "\\"edgesub02\\"")
<\/p>\n\n
\n
![\"\"](\"http:\/\/exchangeserverpro.com\/wp-content\/uploads\/2010\/08\/noapps.png\" "\\"noapps\\"")
So depending on the server there will be additional effort to bring it back to full service, if only the Edge Configuration was ever backed up.<\/p>\nFull System Backup\/Restore for Edge Transport Servers<\/h3>\n
![\"\"](\"http:\/\/exchangeserverpro.com\/wp-content\/uploads\/2010\/08\/fullbackup.png\" "\\"fullbackup\\"")
<\/p>\n![\"\"](\"http:\/\/exchangeserverpro.com\/wp-content\/uploads\/2010\/08\/fullrestore.png\" "\\"fullrestore\\"")
<\/p>\n<\/p>\n[PS] C:\\>Test-EdgeSynchronization\r\n\r\nRunspaceId : 6143dd90-7b9b-40f2-8120-15e58a8e2f54\r\nSyncStatus : Failed\r\nUtcNow : 9\/08\/2010 2:29:59 AM\r\nName : EX2\r\nLeaseHolder : CN=EX1,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Gr\r\n oups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=exchange\r\n serverpro,DC=local\r\nLeaseType : Option\r\nFailureDetail : The EdgeSync cookie has not been updated as expected. It may indicate EdgeSync has encoun\r\n tered synchronization errors. For more information, check the EdgeSync logs.\r\nLeaseExpiryUtc : 9\/08\/2010 2:46:13 AM\r\nLastSynchronizedUtc : 9\/08\/2010 1:46:13 AM\r\nTransportServerStatus : Skipped\r\nTransportConfigStatus : Skipped\r\nAcceptedDomainStatus : Skipped\r\nRemoteDomainStatus : Skipped\r\nSendConnectorStatus : Skipped\r\nMessageClassificationStatus : Skipped\r\nRecipientStatus : Skipped\r\nCredentialRecords : Number of credentials 3\r\nCookieRecords : Number of cookies 2<\/pre>\n
[PS] C:\\>Restart-Service MSExchangeEdgeSync<\/pre>\n
[PS] C:\\>Test-EdgeSynchronization\r\n\r\nRunspaceId : 6143dd90-7b9b-40f2-8120-15e58a8e2f54\r\nSyncStatus : Normal\r\nUtcNow : 9\/08\/2010 2:32:16 AM\r\nName : EX2\r\nLeaseHolder : CN=EX1,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Gr\r\n oups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=exchange\r\n serverpro,DC=local\r\nLeaseType : Option\r\nFailureDetail :\r\nLeaseExpiryUtc : 9\/08\/2010 3:30:15 AM\r\nLastSynchronizedUtc : 9\/08\/2010 2:30:15 AM\r\nTransportServerStatus : Skipped\r\nTransportConfigStatus : Skipped\r\nAcceptedDomainStatus : Skipped\r\nRemoteDomainStatus : Skipped\r\nSendConnectorStatus : Skipped\r\nMessageClassificationStatus : Skipped\r\nRecipientStatus : Skipped\r\nCredentialRecords : Number of credentials 3\r\nCookieRecords : Number of cookies 2<\/pre>\n
\n
Summary<\/h2>\n