Managing and Implementing Disaster Recovery

This objective covers the tools and procedures necessary to back up and recover your server in the event of a disaster, either large or small.

Windows Backup

Windows Backup allows you to back up files and folders on FAT16, FAT32, and NTFS volumes. However, if you have backed-up data on an NTFS volume, restoring to either type of FAT volume will result in a loss of configured file and folder permissions, in addition to the loss of encryption and compression attributes.

To back up and restore a Windows Server 2003 server, you must be a member of the local Administrators or the Backup Operators group. If you are a member of the local Administrators or the Backup Operators group on a domain controller, you can back up and restore a file on any computer that is a member of the domain or has a two-way trust relationship with the domain. If you are not a member of either of these groups, you will only be able to back up the files you are the owner of or those you have at least Read permissions for.

Windows Server 2003 has five backup options, as detailed in the following list. Each type varies as to what is backed up and whether or not the archive bit is set. The archive bit is a file attribute that is turned on when a file is created or modified, and it is cleared whenever a file is successfully backed up. It is used to let the backup software know which files need to be backed up based on whether they have just been created or whether modifications to previously backed-up files have happened since the last backup.

Here's the list of backup options in Windows Server 2003:

• Normal A normal backup (sometimes referred to as a full backup) is used to back up all the files and folders you select, regardless of the setting of the archive bit. It then changes the archive bit of the files to show that they were backed up.

• Copy A copy backup is used to back up the desired files and folders. It does not read or change the archive bit.

• Daily A daily backup is used to back up only the files and folders that have been created or modified on that day. It does not read or change the archive bit.

• Differential A differential backup is used to back up only the files and folders that have been created or modified since the last normal or incremental backup. It does not change the archive bit. However, it reads the archive bit to determine which files need to be backed up.

• Incremental An incremental backup is used to back up only the files and folders that have been created or modified since the last normal or incremental backup. It reads the archive bit to determine which files need to be backed up as well as clears the archive bit of the files that were backed up.

System State Backups

System state data is a collection of data that contains the operating system configuration of the server. For all Windows Server 2003 operating systems, the system state data includes the following:

• Registry

• COM+ Class Registration database

• System boot files

• The system files included in the Windows File Protection area

The system state data also includes the Certificate Services database (if the server is operating as a certificate server). If the server is a domain controller, the system state data also includes the Active Directory Services database and the SYSVOL directory. The system state will include the IIS Metabase or the Cluster Service configuration if these features are installed on the server. Due to their interdependencies, these components cannot be backed up or restored separately.

Restoring System State Data

Although you can't selectively back up components of the system state, you can restore the following system state components to an alternate location:

• Registry

• SYSVOL folder

• System boot files

• Cluster configuration (if installed)

The Active Directory, IIS Metabase, COM+ Class Registration and Certificate Services databases, and the Windows File Protection folder cannot be restored to an alternate location.

Volume Shadow Copy

By using Volume Shadow Copy with Windows Backup, you can back up most open files. When Volume Shadow Copy is used during a backup and an open file is encountered, a snapshot is taken of the file. This is an exact copy of the file, and it is saved to another area on the disk. This copy is then saved via the Backup utility.

Volume Shadow Copy offers the following advantages:

• Users cannot be locked out by the Backup program.

• Open files are not skipped.

• The backup procedure completes faster.

• Applications can write data to a file during a backup.

• Volume Shadow Copy eliminates the need for additional third-party software in most cases.

• Backups can be performed during business hours.

The Volume Shadow Copy Service (VSS) allows users to view the contents of shared folders, as they existed at specific points in time, and to restore a previous copy of a file. The Volume Shadow Copy feature works by setting aside a configurable amount of space, either on the same or a different volume. This space is used to save any changes to the files on the volume that Volume Shadow Copy is enabled on. These changes are added by making a block-level copy of any changes that have occurred to files since the last shadow copy. Only the changes are copied, not the entire file. As new shadow copies are added, the oldest one will be purged when you either run out of allocated space or the number of shadow copies reaches 64. The following guidelines apply:

• Volume Shadow Copy is enabled at the volume level.

• The minimum storage space you can allocate for shadow copies is 100MB.

• The storage space can be allocated on the same volume that Volume Shadow Copy is enabled on, or on another volume.

• The default storage size allocated will be 10% of the volume; however, you can increase the size at any time.

• When estimating the size to allocate, you must consider both the number and size of the files on the volume as well as how often they will be updated.

• Remember that when the storage limit is reached, the oldest shadow copies will be deleted.

• If you decide to store your shadow copies on another volume, the existing shadow copies will be deleted.

• The default configuration for shadow copies is for a scheduled update at 7:00 a.m. and 12:00 p.m. on weekdays.

• Using a separate volume to store shadow copies is highly recommended for heavily used file servers.

• Shadow copies will not work properly on dual-boot systems.

A Volume Shadow Copy client is required for Windows XP, Windows 2000 Professional, and Windows 98 users. The client is located in the %systemroot%\system32\clients\twclient folder on Windows Server 2003 systems.

Advanced Options Menu

The Advanced Options menu allows you to select from a variety of options that can be used to troubleshoot and repair server startup and driver problems. The following options are available on the Windows Server 2003 Advanced Options menu:

• Safe Mode This option starts Windows Server 2003 with the basic drivers for the mouse, video, monitor, mass storage, and keyboard.

• Safe Mode with Networking This option starts Windows Server 2003 with the basic drivers, plus the network drivers.

• Safe Mode with Command Prompt This option starts Windows Server 2003 with the basic drivers and opens a command window instead of the desktop.

• Enable Boot Logging This option starts Windows Server 2003 normally but logs a list of all the device drivers and services, along with their status, that the system attempts to load. This information is logged to %systemroot%\ntblog.txt.

• Enable VGA Mode This option starts Windows Server 2003 normally but forces it to load the basic VGA driver.

• Last Known Good Configuration This option starts Windows Server 2003 with the contents of the Registry from the last time the user logged on to the system.

• Directory Services Restore Mode This option is used to restore the Active Directory database and SYSVOL folder on a domain controller. It will only be listed on a domain controller.

• Debugging Mode This option starts Windows Server 2003 normally but sends debugging information over a serial cable to another computer.

• Boot Normally This option bypasses the menu options and starts Windows Server 2003 without any modifications.

Unlike a normal logon, the Safe Mode options do not update the Last Known Good Configuration information. Therefore, it will still be an option if you try Safe Mode first.

Recovery Console

The Recovery Console is a DOS-like command-line interface in which you can perform a limited set of commands and start and stop system services. Unlike booting from a DOS disk, the Recovery Console allows you access to files on an NTFS-formatted volume.

The Recovery Console is not installed by default; you must install it manually after you have installed Windows Server 2003. It can also be run from the Windows Server 2003 CD-ROM. After you log on, the commands in Table 10 are available:

There are some limitations, however:

• You have access only to %systemroot% and its subfolders, the root partitions of %systemdrive%, any other partitions, floppy drives, and CD-ROMs.

• You cannot copy a file from the hard disk to a floppy, but you can copy a file from a floppy, a CD-ROM, or another hard disk to your hard disk.

Recovering System State Data by Using Directory Services Restore Mode

On a domain controller, the Active Directory files are restored as part of the system state. The system state on a domain controller consists of the following:

• Active Directory (NTDS)

• The boot files

• The COM+ Class Registration database

• The Registry

• The system volume (SYSVOL)

• Files in the Windows File Protection folder

The individual components cannot be backed up or restored separately; they can only be handled as a unit.

When Active Directory is in a corrupted state on all the domain controllers, it will be necessary to restore AD from tape and force the replication of the restored data to all the other domain controllers. This type of operation is called an authoritative restore. An authoritative restore will cause the data that is restored from tape to overwrite the corrupted data that is stored on all the domain controllers.

If only a single Active Directory object is accidentally deleted, it is possible to restore only that object from a backup tape by performing a partial authoritative restore.

To restore an object, you will need to know its common name (CN), the Organization Unit (OU), and the domain (DC) the object was located in. First, boot into Directory Restore mode and start the NTDSUtil utility. For example, to restore the ABC St. Louis User OU, in the abc.com domain, you would enter the following command:

Restore Subtree "OU=ABC St. Louis User,DC=abc,DC=com"

Implementing Automated System Recovery (ASR)

Automated System Recovery (ASR) works by making a backup of the boot partition onto tape or other media. It then saves the catalog and other operating system information, such as system state and disk partition information, to a floppy disk.

When a problem occurs that cannot be fixed by using any of the other repair and recovery methods, or if you have replaced a failed boot drive, you will need to boot your server from the Windows Server 2003 CD-ROM and then insert the floppy disk and the backup media that was created by the ASR process.

ASR installs a generic version of Windows Server 2003 that is used to mount and restore your boot partition from the backup media created by ASR. This process not only restores the information on your boot drive, it also restores the disk signatures and re-creates the boot partition or volume, if necessary. It will not recover or delete any data volumes, however.