Windows Server Backup and Disaster Recovery: Comprehensive Strategy
`$report += [PSCustomObject]@{
Check = 'Windows Server Backup'
Status = if (`$hoursSinceBackup -lt 25) { 'OK' } else { 'ALERT' }
Details = "Last backup: `$hoursSinceBackup hours ago"```
}
## Check Azure Backup
`$azureBackup = Get-OBJob -Previous 1
`$azureStatus = if (`$azureBackup -and `$azureBackup.JobState -eq 'Completed') { 'OK' } else { 'ALERT' }
`$report += [PSCustomObject]@{
```text
Check = 'Azure Backup'
Status = `$azureStatus
Details = "Last job: `$(`$azureBackup.JobState)"```
}
## Check backup disk space
`$backupDisk = Get-Volume -DriveLetter F
`$freeSpacePercent = (`$backupDisk.SizeRemaining / `$backupDisk.Size) * 100
`$report += [PSCustomObject]@{
```text
Check = 'Backup Disk Space'
Status = if (`$freeSpacePercent -gt 20) { 'OK' } else { 'ALERT' }
Details = "`$(`$freeSpacePercent.ToString('N2'))% free"```
}
## Send alert if any checks failed
if (`$report | Where-Object { `$_.Status -eq 'ALERT' }) {
```text
Send-MailMessage ``
-To 'admin@contoso.com' ``
-From 'backup-monitor@contoso.com' ``
-Subject 'Backup Alert' ``
-Body (`$report | Format-Table | Out-String) ``
-SmtpServer 'smtp.contoso.com'```
}
`$report | Format-Table -AutoSize
"@
$backupHealthScript | Out-File "C:\Scripts\BackupHealth.ps1"
## Schedule daily health check
$action = New-ScheduledTaskAction -Execute 'PowerShell.exe' `
```text
-Argument '-ExecutionPolicy Bypass -File C:\Scripts\BackupHealth.ps1'```
$trigger = New-ScheduledTaskTrigger -Daily -At 9am
Register-ScheduledTask -TaskName "Daily Backup Health Check" -Action $action -Trigger $trigger -User "SYSTEM"
Restoring from Backup
Restoring Files with Windows Server Backup
## List available backups
Get-WBBackupSet
## Get specific backup
$backup = Get-WBBackupSet | Where-Object { $_.BackupTime -eq '2025-01-15 02:00' }
## Restore files
Start-WBFileRecovery -BackupSet $backup `
```text
-SourcePath "C:\Important\Document.docx" `
-TargetPath "C:\Restore\" `
-Overwrite
Restore entire volume
Figure: Server Manager Storage Pools – disk allocation and volume wizard.
Start-WBVolumeRecovery -BackupSet $backup `
-VolumeInBackup $backup.Volume[0] `
-RecoveryTarget (Get-WBVolume -VolumePath "C:")
## Restoring from Azure Backup
```powershell
## Get recovery points
$vault = Get-AzRecoveryServicesVault -ResourceGroupName "RG-Backup" -Name "RSV-Backup"
Set-AzRecoveryServicesVaultContext -Vault $vault
$backupItem = Get-AzRecoveryServicesBackupItem -BackupManagementType MAB -WorkloadType Windows
$recoveryPoints = Get-AzRecoveryServicesBackupRecoveryPoint -Item $backupItem
## Start file recovery
$rp = $recoveryPoints[0]
Restore-AzRecoveryServicesBackupItem -RecoveryPoint $rp `
```text
-TargetPath "C:\Restore" `
-StorageAccountName "storageaccount" `
-StorageAccountResourceGroupName "RG-Storage"
## Architecture Decision and Tradeoffs
When designing server infrastructure solutions with Windows Server, consider these key architectural trade-offs:
| Approach | Best For | Tradeoff |
|----------|----------|----------|
| Managed / platform service | Rapid delivery, reduced ops burden | Less customisation, potential vendor lock-in |
| Custom / self-hosted | Full control, advanced tuning | Higher operational overhead and cost |
> **Recommendation:** Start with the managed approach for most workloads and move to custom only when specific requirements demand it.
## Validation and Versioning
- Last validated: April 2026
- Validate examples against your tenant, region, and SKU constraints before production rollout.
- Keep module, CLI, and SDK versions pinned in automation pipelines and review quarterly.
## Security and Governance Considerations
- Apply least-privilege access using RBAC roles and just-in-time elevation for admin tasks.
- Store secrets in managed secret stores and avoid embedding credentials in scripts or source files.
- Enable audit logging, data protection policies, and periodic access reviews for regulated workloads.
## Cost and Performance Notes
- Define budgets and alerts, then monitor usage and cost trends continuously after go-live.
- Baseline performance with synthetic and real-user checks before and after major changes.
- Scale resources with measured thresholds and revisit sizing after usage pattern changes.
## Official Microsoft References
- https://learn.microsoft.com/windows-server/
- https://learn.microsoft.com/windows/security/
- https://learn.microsoft.com/azure/azure-arc/
## Public Examples from Official Sources
- These examples are sourced from official public Microsoft documentation and sample repositories.
- Documentation examples: https://learn.microsoft.com/windows-server/
- Sample repositories: https://github.com/microsoft/Windows-Containers
- Prefer adapting these examples to your tenant, subscriptions, and governance requirements before production use.
## Key Takeaways
- Windows Server Backup provides built-in backup capabilities
- Azure Backup offers cloud-based backup with long-term retention
- Implement 3-2-1 backup rule for data protection
- Define RPO and RTO for recovery planning
- Regular DR testing validates recovery procedures
- Bare metal recovery restores complete system
- Monitor backup health and set up alerts
- Document DR procedures and contact lists
- Schedule automated backups and retention policies
- Test restore procedures regularly
## Next Steps
- Implement automated backup schedule
- Configure Azure Backup for off-site protection
- Create and document DR plan
- Schedule quarterly DR tests
- Set up backup monitoring and alerts
- Train staff on recovery procedures
## Additional Resources
- [Windows Server Backup](https://learn.microsoft.com/windows-server/administration/windows-server-backup/windows-server-backup)
- [Azure Backup](https://learn.microsoft.com/azure/backup/)
- [Disaster Recovery Planning](https://learn.microsoft.com/azure/site-recovery/site-recovery-overview)
- [Backup Best Practices](https://learn.microsoft.com/windows-server/storage/folder-redirection/deploy-folder-redirection)
---
*Backup. Test. Restore. Recover.*
Discussion