Backing up and restoring system configuration

Milestone recommends that you make regular backups of your system configuration as a disaster recovery measure.

While it is rare to lose your configuration, it can happen under unfortunate circumstances. It is important that you protect your backups, either through technical or organizational measures.

Backing up and restoring your system configuration (explained)

The system offers a built-in feature that backs up all the system configuration you can define in the Management Client. The log server database and the log files, including audit log files, are not included in this backup.

If your system is large, Milestone recommends that you define scheduled backups. This is done with the third-party tool: Microsoft® SQL Server Management Studio. This backup includes the same data as a manual backup.

During a backup, your system stays online.

Backing up your system configuration can take some time. Backup duration depends on:

  • Your system configuration
  • Your hardware
  • Whether you have installed SQL Server, the Event Server and Management Server components on a single server or several servers

Each time you make a backup both manual and scheduled, the transaction log file of the SQL Server database is flushed. For additional information about how to flush the transaction log file see SQL Server database transaction log (explained).

Make sure that you know your system configuration password settings when creating a backup.

For FIPS 140-2 compliant systems, with exports and archived media databases from XProtect VMS versions prior to 2017 R1 that are encrypted with non FIPS-compliant cyphers, it is required to archive the data in a location where it can still be accessed after enabling FIPS. For detailed information on how to configure your XProtect VMS to run in FIPS 140-2 compliant mode, see the FIPS 140-2 compliance section in the hardening guide.

Select shared backup folder

Before backing up and restoring any system configuration, you must set a backup folder for this purpose.

  1. Right-click the notification area's Management Server service icon and select Select shared backup folder.
  2. In the window that appears, browse to the wanted file location.
  3. Click OK twice.
  4. If asked if you want to delete files in the current backup folder, click Yes or No depending on your needs.

Back up system configuration manually

  1. From the menu bar, select File > Backup Configuration.
  2. Read the note in the dialog box and click Backup.
  3. Enter a file name for the .cnf file.
  4. Enter a folder destination and click Save.
  5. Wait until the backup is finished and click Close.

All relevant system configuration files are combined into one single .cnf file that is saved at a specified location. During the backup, all backup files are first exported to a temporary system backup folder on the management server. You can select another temporary folder by right-clicking the notification area's Management Server service icon and by selecting Select shared backup folder.

Restore system configuration from a manual backup

Important information
  • Both the user who installs and the user who restores must be local administrator of the system configuration SQL Server database on the management server and on SQL Server
  • Except for your recording servers, your system is completely shut down for the duration of the restore, which can take some time
  • A backup can only be restored on the system installation where it was created. Make sure that the setup is as similar as possible to when the backup was made. Otherwise, the restore might fail
  • If prompted for a system configuration password during a restore, you must provide the system configuration password that was valid at the time when the backup was created. Without this password, you cannot restore your configuration from the backup

  • If you do a backup of the SQL Server database and restore it on clean SQL Server, then the raise errors from the SQL Server database will not work and you will only receive one generic error message from SQL Server. To avoid that, first reinstall your XProtect system using clean SQL Server and then restore the backup on top of that
  • If restoring fails during the validation phase, you can start the old configuration again because you have made no changes
    If restoring fails elsewhere in the process, you cannot roll back to the old configuration
    As long as the backup file is not corrupted, you can do another restore
  • Restoring replaces the current configuration. This means that any changes to the configuration since last backup are lost
  • No logs, including audit logs, are restored
  • Once restoring has started, you cannot cancel it
Restoring
  1. Right-click the notification area's Management Server service icon and select Restore Configuration.
  2. Read the important note and click Restore.
  3. In the file open dialog box, browse to the location of the system configuration backup file, select it, and click Open.

    The backup file is located on the Management Client computer. If the Management Client is installed on a different server, copy the backup file to this server before you select the destination.

  4. The Restore Configuration window opens. Wait for the restore to finish and click Close.

System configuration password (explained)

You can choose to protect the overall system configuration by assigning a system configuration password. After you assign a system configuration password, backups are protected by this password. The password settings are stored on the computer that is running the management server in a secure folder. You will need this password to:

  • Restore the configuration from a configuration backup that was created with password settings different than the current password settings
  • Moving or installing the management server on another computer due to a hardware failure (recovery)
  • Configure an additional management server in a system with clustering

The system configuration password can be assigned during installation or after installation. The password must meet the Windows complexity requirements, which are defined by the Windows policy for passwords.

It is important that system administrators save this password and keep it safe. If you have assigned a system configuration password and you are restoring a backup, you may be asked to provide the system configuration password. Without this password, you cannot restore your configuration from the backup.

System configuration password settings

The system configuration password settings can be changed. In system configuration password settings, you have these options:

  • Choose to password protect the system configuration by assigning a system configuration password
  • Change a system configuration password

  • Choose not to password protect the system configuration by removing any assigned system configuration passwords

Change the system configuration password settings

When you change the password, it is important that system administrators save the passwords that are associated with the different backups and keep the passwords safe. If you are restoring a backup, you may be asked to provide the system configuration password that was valid at the time the backup was created. Without this password, you cannot restore your configuration from the backup.

After you change the password, and if your management server and event server are installed on separate computers, you must enter the current system configuration password on the event server, too. For more information, see Enter current system configuration password (event server).

To apply the changes, you must restart the management server services.

  1. Locate the management server tray icon and make sure that the service is running.
  2. Right-click the notification area's Management Server service icon and select Change system configuration password settings.
  3. The change system configuration password settings window appears.

Assign a password

  1. Type the new password in the New password field.
  2. Retype the new password in the Confirm new password field and select enter.
  3. Read the notification and click yes to accept the change.
  4. Wait for the confirmation of change and select Close.
  5. To apply the changes, you must restart the management server services.
  6. After the restart, make sure that the management server is running.

Remove password protection

If you do not need password protection, you can select to opt out:

  1. Select the check box: I choose not to use a system configuration password and understand that the system configuration will not be encrypted and click enter.
  2. Read the notification and click yes to accept the change.
  3. Wait for the confirmation of change and select Close.
  4. To apply the changes, you must restart the management server services.
  5. After the restart, make sure that the management server is running.

Enter the system configuration password settings (recovery)

If the file that is holding the password settings is deleted due to a hardware failure or other reasons, you will need to provide the system configuration password settings to access the database that is holding the system configuration. During installation on your new computer, you will be asked to enter the system configuration password settings.

But if the file that is holding the password settings is deleted or corrupted, and the computer that is running the management server has no other problems, you have the option to enter the system configuration password settings:

  1. Locate the management server tray icon.
  2. Right-click the notification area's Management Server service icon and select Enter the system configuration password.
  3. The enter the system configuration password settings window appears.

The system configuration is password-protected

  1. Type the password in the password field and select Enter.
  2. Wait for the password to be accepted. Select Close.
  3. Make sure that the management server is running.

The system configuration is not password-protected

  1. Select the check box: This system does not use a system configuration password and select enter.
  2. Wait for the setting to be accepted. Select Close.
  3. Make sure that the management server is running.

Manually backing up your system configuration (explained)

When you want to perform a manual backup of the management server's database that contains your system configuration, make sure that your system stays online. The default name of the management server's database is Surveillance.

Here are a few things to consider before you start the backup:

  • You cannot use a backup of the SQL Server database to copy system configurations to other systems
  • It can take some time to back up the SQL Server database. It depends on your system configuration, your hardware, and on whether your SQL Server, management server and Management Client are installed on the same computer
  • Logs, including audit logs, are stored in the log server's database and are therefore not part of a backup of the management server's database. The default name of the log server's database is SurveillanceLogServerV2. You back up both SQL Server databases the same way.

Backing up and restoring the event server configuration (explained)

The content of your event server configuration is included when you back up and restore system configuration.

The first time you run the event server, all its configuration files are automatically moved to the SQL Server database. You can apply the restored configuration to the event server without needing to restart the event server, and the event server can start and stop all external communication while the restoration of the configuration is being loaded.

Scheduled backup and restore of system configuration (explained)

The management server stores your system's configuration in a SQL Server database. Milestone recommends that you regularly make scheduled backups of this database as a disaster recovery measure. While it is rare to lose your system configuration, it can happen under unfortunate circumstances. Luckily, it takes only a minute, and backups also have the added benefit that they flush the transaction log of the SQL Server database.

If you have a smaller setup and do not need scheduled backups, you can back up your system configuration manually. For instructions, see Manually backing up your system configuration (explained).

When you back up/restore your management server, make sure that the SQL Server database with the system configuration is included in the backup/restore.

Requirements for using scheduled backup and restore

Microsoft® SQL Server Management Studio, a tool download-able for free from their website (https://www.microsoft.com/downloads/).

Apart from managing SQL Server and its databases, the tool includes some easy-to-use backup and restoration features. Download and install the tool on your management server.

Back up system configuration with scheduled backup

  1. From Windows' Start menu, launch Microsoft® SQL Server Management Studio.
  2. When connecting, specify the name of the required SQL Server. Use the account under which you created the SQL Server database.
    1. Find the SQL Server database that contains your entire system configuration, including event server, recording servers, cameras, inputs, outputs, users, rules, patrolling profiles, and more. The default name of this SQL database is Surveillance.
    2. Make a backup of the SQL Server database and make sure to:
  3. Follow the instructions in the tool to the end.

Also consider backing up the log server's database with your logs by using the same method. The default name for the SQL Server database of the log server is SurveillanceLogServerV2.

Restore system configuration from a scheduled backup

Requirements
To prevent system configuration changes being made while you restore the system configuration database, stop the:

Open Microsoft® SQL Server Management Studio from Windows' Start menu.

In the tool do the following:

  1. When connecting, specify the name of your SQL Server. Use the user account under which the SQL Server database was created.
  2. Find the SQL Server database (the default name is Surveillance) that contains your entire system configuration, including event server, recording servers, cameras, inputs, outputs, users, rules, patrolling profiles, etc.
  3. Make a restore of the SQL Server database and make sure to:
    • Select to back up from device
    • Select backup media type file
    • Find and select your backup file (.bak)
    • Select to overwrite the existing database
  4. Follow the instructions in the tool to the end.

Use the same method to restore the SQL Server database of the log server with your logs. The default name for the SQL Server database of the log server is SurveillanceLogServerV2.

The system does not work while the Management Server service is stopped. It is important to remember to start all the services again once you have finished restoring the database.

Back up log server's database

Handle the log server's database by using the method that you use when handling system configuration as described earlier. The log server's database contains all your system logs, including errors reported by recording servers and cameras. The default name of the log server's database is SurveillanceLogServerV2.

The SQL Server database is located on the log server's SQL Server. Typically, the log server and the management server have their SQL Server databases on the same SQL Server. Backing up the log server database is not vital since it does not contain any system configuration, but you may appreciate having access to system logs from before the management server backup/restore.

Backup and restore fail and problem scenarios (explained)

  • If, after your last system configuration backup, you have moved the event server or other registered services such as the log server, you must select which registered service configuration you want for the new system. You can decide to keep the new configuration after the system is restored to the old version. You decide by looking at the host names of the services.
  • If your restore of the system configuration fails because the event server is not located at the specified destination (for example, if you have chosen the old registered service setup), do another restore.
  • If you are restoring a configuration backup and entering a system configuration password that is incorrect, you must provide the system configuration password that was valid at the time when the backup was created.